# DIVX Player = 6.7.0 Buffer Overflow PoC ( .SRT )
# Bug: When parsing a subtitle file with an overly long subtitle DIVX player
will deadly crash with eip overwritted
# Replace MOVIE_FILENAME by your movie filename ( .avi )
#
#!/usr/local/bin/perl
###
# Sami FTP Server 2.0.* Multiple Remote Vulnerabilities
#
# Bugs :
#
# 1)Multiples remote denial of service
(CWD,DELE,MKD,RMD,RETR,RNFR,RNTO,SIZE,STOR)
#
# 2)Remote Buffer
#Rosoft Media Player 4.1.8 Buffer Overflow (.M3U)
#
# @nolife : Pow...Pow ..If you are kind i'll show my set of supers mega Tools,
fuzzers ,and all the automated stuff i use For M3U/ASX/PLS Pow..Pow ...
# Nolifing is
There's allready an advisory for : Universalftp
http://milw0rm.com/exploits/2787
But there's a couple mores CMD FTP vulnerable added to this one .
Regards
# UniversalFtp Server 1.0.44 Multiple Remote #Denial of service
#
[EMAIL PROTECTED] : This bug has been found with a brain , ten fingers, a
keyboard , and a laptop , one of my best Tool i ever tryed. Stay tuned for more
tools hint .
#
#
# RĂ©ponse: 226 Completed...
# Statut:
# NERO Media Player = 1.4.0.35b Remote Buffer Overflow( .M3U)
#
#
# This exception may be expected and handled.
# eax=03e90f40 ebx=41414141 ecx=009d01c8 edx=009d015c esi=03e90f38 edi=41414141
# eip=7c92b3fb esp=0010bff8 ebp=0010c214 iopl=0 nv up ei pl nz ac pe nc
# cs=001b ss=0023
dBpowerAMP Audio Player Release 2 Remote Buffer Overflow
0:002 r
eax= ebx=77c17a50 ecx= edx=0107 esi= edi=00b8f217
eip=4141 esp=00b8ede0 ebp=77c0f931 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=
#Titan FTP SERVER REMOTE HEAP OVERFLOW(USER/PASS)
#Impact : Critical
#
# Windbg Output:
#(bec.528): Access violation - code c005 (first chance)
#First chance exceptions are reported before any exception handling.
#This exception may be expected and handled.
#eax=41414141 ebx=
#IpSwitch WS_FTPSERVER with SSH remote Buffer Overflow
#
# Website:http://www.wsftp.com/products/ws_ftp_server/
#
# Version:6.1.0.0 ( last one,others might be vuln too )
#
# Bug: Remote Buffer Overflow ( CD)
#
# (8e8.a78): Access violation - code c005 (first chance)
# First chance
/*==*/
//how to trick cms avatar upload
//exemple for : RunCms (PoC)
//Bug : avatar/php-shell upload
//Product: RunCms
//URL: http://www.runcms.org/
//RISK: hight
/*==*/
you can upload a crafted picture on most of
there's also a xss here :
/tiki-featured_link.php?type=furl=
/iframescr/scriptiptalert('XSS')/scri/scriptpt !--
regards , securfrog
+ Solution:
+ Add this line to your php-file:
+
+ $application_rootdir =user/dir //Your root path
=== 0-o
i guess you should learn some PHP before posting on bugtracks ...
net2ftp: a web based FTP client :) = Remote File Inclusion
=== you should try your PoC before posting ,
12 matches
Mail list logo