header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Universal exploit for vulnerable printer providers (spooler service)

This code allows gaining SYSTEM privileges with vulnerable printer providers. The vulnerable software includes DiskAccess NFS Client (dapcnfsd.dll v0.6.4.0) - REPORTED & NOTFIXED -0day!!!, Citrix Metaframe - cpprov.dll - FIXED, Novell (nwspool.dll - CVE-2006-5854 - untested), and more undisclosed stuff. The exploit crashes the spooler service (spoolsv.exe) if it doesn't work. The workaround is to trust only the default printer providers 'Internet Print Provider' and 'LanMan Print Services' and delete the others.

Buffer Overflow Exploit in XTerm

The code is an example of a buffer overflow exploit in the XTerm application. The exploit uses a shellcode to execute arbitrary commands with root privileges. The exploit takes advantage of a buffer overflow vulnerability in the xterm program to overwrite the return address and redirect the program execution to the shellcode.

The given Ruby script is an exploit that escalates privileges on a macOS system by exploiting a vulnerability in CrashReporter. The exploit involves creating a symlink to a known program crash log file, creating a program with a modified __LINKEDIT segment, running the fake program to crash and create a file at /var/cron/tabs/root, and then creating a legitimate crontab to refresh cron. By doing this, the exploit gains root access to the system.

PhP Generic library & framework (include_path) Remote File Include Exploit

This exploit targets a vulnerability in the PhP Generic library & framework where an attacker can include remote files using the 'include_path' parameter. By manipulating the 'include_path' parameter, an attacker can execute malicious code on the target system.

EclipseBB 0.5.0 Lite (phpbb_root_path) Remote File Include Exploit

This exploit targets EclipseBB 0.5.0 Lite script and takes advantage of a remote file inclusion vulnerability in the 'functions.php' file. By manipulating the 'phpbb_root_path' parameter in the 'functions.php' file, an attacker can include and execute arbitrary remote files.

GetGo Download Manager HTTP Response Header Buffer Overflow Remote Code Execution

This exploit allows remote code execution by exploiting a buffer overflow vulnerability in GetGo Download Manager. It overwrites the SEH (Structured Exception Handler) to bypass SafeSEH protection and execute the shellcode.

Local root exploit for vscan/VSAPI (=Trend Micro VirusWall 3.81 on Linux)

The product "InterScan VirusWall 3.81 for Linux" ships a library called "libvsapi.so" which is vulnerable to a memory corruption vulnerability. One of the applications that apparently uses this library is called "vscan" which is set suid root by default. It was discovered that this supporting program is prone to a classic buffer overflow vulnerability when a particularly long command-line argument is being passed and the application utilizes the flawed library to attempt to copy that data into a finite buffer. As vscan is set suid root, this leads to arbitrary code execution with root level privileges.

Recent Exploits: