This exploit allows an attacker to create or overwrite a file in the system by exploiting a directory traversal vulnerability in the SuSE 9.0 YaST script SuSEconfig.gnome-filesystem. The exploit creates a directory with a symlink to the destination file in the /tmp/tmp.SuSEconfig.gnome-filesystem. directory. The exploit then creates a loop from 1 to 33000 to create the directory and symlink.
Lftp versions later than 2.6.10 are prone to a remotly exploitable stack-based overflow in try_netscape_proxy() and try_squid_eplf( (src/HttpDir.cc). This bad coded proof-of-concept demonstrates the exploitation by exploiting the vulnerable function try_netscape_proxy() (HttpDir.cc:358) and it needs more targets to be efficient. With some time and lot of patience, you should find your own parameters by using GDB.
This proof of concept code is for testing the do_mremap() Linux kernel bug. It is based on the code by Christophe Devine and Julien Tinnes posted on Bugtraq mailing list on 5 Jan 2004. The test was done against the Linux kernel 2.6.0 and similar results were obtained against the kernel 2.4.23 and previous ones. The code is safer since it avoids any kernel data corruption.
This proof-of-concept exploit code for do_mremap() is a buffer overflow vulnerability that allows an attacker to execute arbitrary code on the target system. The exploit code uses the real_mremap() system call to map a memory region to a fixed address, which can be used to overwrite the return address of a function and execute arbitrary code. The exploit was released in 2004 by Christophe Devine and Julien Tinnes.
This exploit is for xsok 1.02 game. It is a local exploit which uses setregid (20,20) shellcode and exec /bin/sh shellcode to gain access to the system. It sets the return address to 0xbffffa3c and uses a buffer of size 200.
This Sploit uses the unhandledexceptionfilter to redirect the execution. When overflow occurs, the attacker can control the ecx and edx registers and write 4 bytes to any memory location. If the memory location is not writable, an exception is launched and unhandledexceptionfilter is triggered. This allows the attacker to control the flow of execution. This exploit works on Windows 2000 SP0-SP4 and Windows XP SP0-SP1.
This exploit is used to gain a local root shell from /usr/bin/ct, using HP-UX location language format string bug. It works by setting up a malicious environment variable and then executing the ct command with a specially crafted argument.
This tool scans remote hosts with httpd (apache) and disclosure information about existens users accounts via wrong default configuration of mod_userdir (default apache module). Then attempts to log on ftp with found logins.
The bug was found by Paul (IhaQueR) Starzetz and further research and exploit development was done by Wojciech Purczynski and Paul Starzetz. It allows an attacker to gain access to the system by exploiting a vulnerability in the do_brk function of the Linux kernel.
Chindi server 1.0 is vulnerable to a remote denial of service attack. By sending a specially crafted string to the server, an attacker can cause the server to crash and become unresponsive. After the attack, the server appears to be up, but will not allow new connections.
Services By CQR