tcpdump(v3.8.3 and earlier versions) contains a remote denial of service vulnerability in the form of a single (LDP) packet causing an infinite loop. LDP is UDP(/TCP), so no LDP service has to actually be running to abuse this issue, spoofed or not spoofed. Depending on the path the packet takes spoofed packets may be dropped(dropped at your router most likely).
The vulnerability exists in tcpdump v3.9.1 and earlier versions, as well as ethereal v0.10.10. It is caused by a single (RSVP) packet that triggers an infinite loop in the rsvp_print() function. Clicking on the packet or receiving ICMP replies can also trigger the vulnerability. The bug is present in the RSVP_OBJ_ERO and RSVP_OBJ_RRO classes.
This exploit targets IIS 5.0 FTP Server on Windows 2000 SP4. It allows an attacker to execute arbitrary code with SYSTEM privileges. The exploit has been modified by adding an additional egghunter for a secondary larger payload. It opens a bind shell on port 4444.
This exploit targets a buffer overflow vulnerability in Net-ftpd 4.2.2. It allows an attacker to execute arbitrary code on the target system by sending a specially crafted request. The exploit code is written in Python and was created by Sergio 'shadown' Alvarez.
This exploit demonstrates the exploitability of the sock_sendpage() NULL pointer dereference vulnerability on ppc and ppc64 architectures. It utilizes the SELinux and mmap_min_addr issues to exploit the vulnerability on Red Hat Enterprise Linux 5.3 and CentOS 5.3. The vulnerability affects Linux kernel versions from 2.4.4 to 2.4.37.4, and from 2.6.0 to 2.6.30.4.
The Modern Script 5.0 index.php file is vulnerable to a remote SQL injection attack. By manipulating the 's' parameter in the URL, an attacker can execute arbitrary SQL queries on the database.
Exploit for IIS 5.0 FTPd that allows remote root access. Targets Windows 2000 SP4. Affects IIS 6 with stack cookie protection. Metasploit shellcode is used to add the user 'winown:nwoniw'.
The vulnerability allows remote attackers to execute arbitrary commands via the index.cgi script, related to improper shell metacharacter handling in the art parameter.
This exploit takes advantage of a buffer overflow vulnerability in the Yager game version 5.24. It allows an attacker to execute arbitrary code on the target system by sending a specially crafted packet. The exploit targets the binkw32.dll library in Windows XP Pro SP1 GER.
This exploit allows remote attackers to execute arbitrary code via a long string in a request to the HTTPS service.
Services By CQR