This exploit allows an attacker to gain remote root access by exploiting a stack overflow vulnerability in Golden FTPd. The exploit code binds port 4444 on the remote machine. If the return address is not correct, the FTPd will crash and the administrator will have trouble restarting it. The code must be executed, and the FTPd must be restarted or shutdown for it to work.
This is a buffer overflow exploit for SAP player 0.9 (.pla) that allows for arbitrary code execution. It exploits a vulnerability in the software's handling of .pla files, triggering a stack-based buffer overflow. By crafting a malicious .pla file, an attacker can overwrite the SEH (Structured Exception Handler) and gain control of the program's execution flow.
This exploit allows an attacker to execute arbitrary code on a vulnerable Golden FTP Server Pro version 2.5.0.0 and prior. By sending a specially crafted overflow string to the server, an attacker can gain a shell on port 4444. The exploit has been tested on Windows XP SP1 and SP2. Restarting the server is required after the exploit is successful. The workaround is to upgrade to a newer version or use another FTP server.
The exploit is used to run the Golden FTP Server Pro v2.52. After running the exploit, a bind shell is opened on port 4444.
This code is a proof of concept for an unknown vulnerability in MP3 Studio v1.0. The author attempted to exploit the vulnerability but was unsuccessful. The code includes a bind shell on port 4444. The author notes that this media player is unlikely to be widely used.
The NotJustBrowsing 1.0.3 application discloses passwords to local users.
This is a proof of concept for a stack buffer overflow vulnerability in Portable E.M Magic Morph 1.95b. By creating a specially crafted .MOR file and editing it with a hex editor, an attacker can trigger a stack buffer overflow. The EIP offset is at 312 bytes (0x138 HEX). The exploit uses a technique called 'stack spray' to determine the offset. The CPU registers at the time of the exploit are: EAX=00000000, ECX=33333333, EDX=01492288, EBX=00000001, ESP=0012EF7C. The exploit payload is a string of characters and symbols.
ICUII 7.0 discloses passwords to local users.
Multiple remote vulnerabilities in Gyro V5.0 allow attackers to execute arbitrary SQL commands or inject arbitrary web script or HTML via the cid parameter in (1) home or (2) op in home.php.
This exploit allows local users to disclose proxy passwords in FilePocket v1.2 and possibly prior versions. The exploit leverages a vulnerability in the software that allows access to the proxy password through the Windows registry.
Services By CQR