This exploit is a buffer overflow exploit for Windows 2000 systems. It uses a malicious payload to gain access to the system and execute arbitrary code. The exploit is written in C and uses the WinNetwk.h, Winsock.h, and Rpc.h libraries. It also uses the mpr library for Windows networking.
This vulnerability allows remote attackers to cause a denial of service on Windows XP SP2 systems by sending a specially crafted packet to the Remote Desktop Protocol (RDP) service. The packet contains a malformed 'mstshash' cookie that is not properly handled by the 'rdpwd.sys' driver. This can cause the system to crash.
This exploit allows an attacker to execute arbitrary code on a vulnerable Wordpress installation. The exploit requires register_globals to be turned on on the target host. The exploit uses a combination of the get_lastpostdate, base64_decode, parse_str, get_lastpostmodified, and preg_replace functions to execute arbitrary code.
A vulnerability exists in Flatnuke 2.5.5 (and possibly prior versions) which allows remote attackers to execute arbitrary commands. This is due to the application not properly sanitizing user-supplied input to the 'command' parameter before using it in a system call. An attacker can exploit this vulnerability to execute arbitrary commands with the privileges of the web server process.
This exploit connects to the ProRat server (default port 5110) and sends a long null command string. After the exploit send, the ProRat Server will crash, trying to access to a bad memory address: 0x41414141. Remote users are able to cause the server to crash or potentially execute arbitrary code.
This exploit is a remote format string vulnerability in GNU Mailutils imap4d v0.6. It allows an attacker to execute arbitrary code on the vulnerable system. The exploit is triggered by sending a specially crafted string to the vulnerable server. The exploit was tested on Slackware Linux 9.0, 10.0 and 10.1.
This exploit is used to launch a Denial of Service (DoS) attack against FTPShell Server Version 3.38. It sends a series of USER, PASS and PORT commands to the FTP server, causing it to crash.
This exploit allows a remote attacker to upload a file to the vulnerable server. The exploit works by sending a GET request to the vulnerable server with a malicious payload. The payload contains a command to remove a file from the server and then echo the contents of the local file to the remote file. The exploit is written in Perl and requires the IO::Socket::INET module to be installed on the attacker's machine.
This vulnerability allows an attacker to execute arbitrary commands when a user opens a text file with Vim. The attacker can insert a malicious fold expression at the top of the file, which will be executed when the file is opened. This can be used to gain access to the system, as the command can be used to change the permissions of a file, such as /etc/shadow.
Windows has a buffer overflow vulnerability in the processing of embedded ICC Profiles inside images (jpeg, tiff, etc...). To test - create a jpeg in adobe photoshop and save it with the ICC checkbox enabled, make sure you set it to RGB (that does not really matter, just so you can find which bytes to change for the test). Open in a hex editor and search for "RGB XYZ " (no quotes, case sensitive). You are now inside the header of the ICC Profile which is 128 bytes. 104 bytes away is a 4 byte number which is the Tag Count of the ICC Profile. Change this to "FF FF FF FF" (it will be followed by a 4 byte string which is part of a 12 byte tag. there are several such tags, it should help you identify which bytes to change). Save, open in internet explorer, and see the crash.
Services By CQR