Click And BuyNow
weather
Showing posts with label Exploits -Bugs - Vulnerabilities. Show all posts
Showing posts with label Exploits -Bugs - Vulnerabilities. Show all posts
UPNP - Multiple Remote Windows XP/ME/98 Vulnerabilities
UPNP - Multiple Remote Windows XP/ME/98 Vulnerabilities
Release Date: December 20, 2001
Severity: High
Vendor: Microsoft
Systems Affected:
Microsoft Windows XP (All default systems)
Microsoft Windows 98 (Certain configurations)
Microsoft Windows 98SE (Certain configurations)
Microsoft Windows ME (Certain configurations)
Playstation 3 "Remote Play" Remote DoS Exploit
Playstation 3 "Remote Play" Remote DoS Exploit
Mar 26 2007 05:24AM
mak0b inbox com
#!/usr/bin/perl
####.:Playstation 3 "Remote Play" Remote DoS Exploit:.###
#
# A UDP flood while the "remote play" feature is active
# will result in a denial of service condition.
#
# Tested using PS3 v1.60 (20GB) & PSP v3.10 OE-A
#
# -Dark_K (mak0b[AT]inbox.com)
#
# POC code is based on odix's perl udp flooder
#########################################################
use Socket;
Mar 26 2007 05:24AM
mak0b inbox com
#!/usr/bin/perl
####.:Playstation 3 "Remote Play" Remote DoS Exploit:.###
#
# A UDP flood while the "remote play" feature is active
# will result in a denial of service condition.
#
# Tested using PS3 v1.60 (20GB) & PSP v3.10 OE-A
#
# -Dark_K (mak0b[AT]inbox.com)
#
# POC code is based on odix's perl udp flooder
#########################################################
use Socket;
Mozilla Firefox FTP Request Remote DoS (Exploit)
Mozilla Firefox FTP Request Remote DoS (Exploit)
Vulnerable Systems:
*Mozilla Firefox version 1.5.0.6 and prior.
Exploit:
#!/usr/bin/perl
#author: tomas kempinsky
Yahoo mail Cross Site Scripting vulnerability
Yahoo mail Cross Site Scripting vulnerability
From: simo_at_morx.org
Date: Sun, 25 Dec 2005 18:00:29 -0000 (GMT)
Title: Yahoo mail Cross Site Scripting
Author: Simo Ben youssef aka _6mO_HaCk
Date: 22 December 2005
MorX Security Research Team
http://www.morx.org
Service: Webmail
Vendor: Yahoo mail, and possibly others
Vulnerability: Cross Site Scripting / Cookie-Theft / Relogin attacks
Severity: High
Tested on: Microsoft IE 6.0
Internet Information Server 6.0 Denial Of Service
Internet Information Server 6.0 Denial Of Service
#When sending multiple parallel GET requests to a IIS 6.0 server requesting
#/AUX/.aspx the server gets instable and non responsive. This happens only
#to servers which respond a runtime error (System.Web.HttpException)
#and take two or more seconds to respond to the /AUX/.aspx GET request.
#
#
#signed,
#Kingcope kingcope@gmx.net
###########################################################
###********************************************************
###
###
###
### Lame Internet Information Server 6.0 Denial Of Service (nonpermanent)
### by Kingcope, May/2007
### Better run this from a Linux system
###########################################################
Firefox 1.5 Buffer Overflow
Firefox 1.5 Buffer Overflow
Description:
Firefox 1.5 buffer overflow Basically firefox logs all kinda of URL data in it's history.dat file, this little script will set a really large topic and Firefox will then save that topic into it's history.dat.. The next time that firefox is opened, it will instantly crash due to a buffer overflow -- this will happen everytime until you manually delete the history.dat file -- which most users won't figure out. this proof of concept will only prevent someone from reopening their browser after being exploited. DoS if you will. however, code execution is possible with some modifcations. Tested with Firefox 1.5 on Windows XP SP2.
ZIPLOCK (sickbeatz@gmail.com)
Description:
Firefox 1.5 buffer overflow Basically firefox logs all kinda of URL data in it's history.dat file, this little script will set a really large topic and Firefox will then save that topic into it's history.dat.. The next time that firefox is opened, it will instantly crash due to a buffer overflow -- this will happen everytime until you manually delete the history.dat file -- which most users won't figure out. this proof of concept will only prevent someone from reopening their browser after being exploited. DoS if you will. however, code execution is possible with some modifcations. Tested with Firefox 1.5 on Windows XP SP2.
ZIPLOCK (sickbeatz@gmail.com)
Javascript bug IE 6
Javascript bug IE 6
Error reported to Microsoft on Jun 07 2005 and again on Jun 08 2005, error reported to Opera on Jun 08 2005
Informed Google, MSN, Yahoo/AltaVista, Ilse, Lycos, Excite, Webcrawler on Jun 08 2005
Informed Norton, McAfee on Jun 08 2005
Error reported to Microsoft on Jun 07 2005 and again on Jun 08 2005, error reported to Opera on Jun 08 2005
Informed Google, MSN, Yahoo/AltaVista, Ilse, Lycos, Excite, Webcrawler on Jun 08 2005
Informed Norton, McAfee on Jun 08 2005
Internet Explorer 6 Print Without Prompt Bug
Internet Explorer 6 Print Without Prompt Bug Application: Microsoft Internet Explorer Versions: 6.0 Platforms: Windows Bugs: IE 6 allows JavaScript to send documents to the printer without prompting the user. Exploitation: Client Date: 12 April 2004 Author: Ben Garvey bengarvey_at_comcast.net http://www.bengarvey.com Bugtraq report format: Thanks Luigi Auriemma! ######################################################## |
Try us on Wibiya!
