Poll It CGI v2.0 is vulnerable to command injection. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server. This can allow the attacker to execute arbitrary commands on the server.
The bug in Darwin 5.X with unpatched QTSS in parse_xml.cgi which lead to remote root compromise. This exploit is based on http://wbyte.ath.cx/~wbyte/researches/qtss-core.txt#
This exploit is a remote code execution vulnerability in monit version 4.1 and below. It is coded in perl and uses a portbind shellcode to gain root access. The exploit sends a malicious string of 284 bytes followed by a return address to the vulnerable server on port 2812.
Integer underflow in ISAKMP Identification payload denial of service vulnerability is a vulnerability in tcpdump packet sniffer which can be exploited to cause a denial of service. The vulnerability was found by Rapid7, LLC Security Advisory and affects tcpdump 3.8.1. The vulnerability cannot be exploited to cause a denial of service with the Debian's tcpdump packages as it was partly fixed as part of the fix for earlier known CAN-2003-0108 vulnerability, though the bug is still present. That may be the case for other vendors which were not investigated. tcpdump must be run with a verbosity level of at least 3: # tcpdump -vvv Otherwise, no denial of service will occur.
EIGRP Dissector TLV_IP_INT Long IP Address Overflow vulnerability is a buffer overflow vulnerability in Ethereal v0.10.2. It is triggered by sending a specially crafted packet to the vulnerable system. The packet contains an IP internal routes TLV with a length of 0x39, which is longer than the expected 0x1C. This causes a buffer overflow of up to 29 bytes.
557iss_pam_exp is a remote buffer overflow exploit targeting RealSecure and Blackice ICQ iss_pam1.dll. The exploit sends 1199 bytes of overflow data to the target host, which can be used to gain remote access to the system. The exploit was released in 2004 by Sam and Chen Xiaobo.
Ethereal IGAP Dissector Message Overflow Remote Root exploit is a proof of concept exploit for a serious vulnerability that exists in Ethereal 0.10.0 to Ethereal 0.10.2. It uses the technique of shellcode splitting, where one part of the shellcode is kept before the buffer which overwrites the saved EIP on stack followed by a jmp OFFSET instruction which jumps EIP to the second half of the shellcode which is kept after return address. It also overwrites saved EBP since the shellcode requires EBP to contain a usuable stack address.
This exploit allows an attacker to execute arbitrary code on a vulnerable system by sending a specially crafted ALLO command to the FTP server. The exploit assumes the user has a total file size limit. If the user only has a max number of files limit, the exploit will need to be rewritten for it to work.
This exploit allows an attacker to spoof attachments in Eudora 6.0.3 on Windows. The attacker can embed CR=x0d characters which get converted internally into a NUL=x00 and ignored, allowing them to spoof "attachment converted" lines. The attacker can also guess the full path to the attach directory and change the name shown to anything they like, but this will result in a broken icon. They can also include HTML inclusions to do file, http, and javascript links.
A buffer overflow vulnerability exists in RedFaction <= 1.20 broadcast clients. An attacker can send a specially crafted packet to the UDP port 7755, which contains a malicious payload that overwrites the return address of the clients with 0xdeadc0de. This can be used to execute arbitrary code on the vulnerable system.
Services By CQR