Bug&Exp - 冷漠 ' Blog - 不求盡如人意,但求無愧於心

Simple HTTPD <= 1.38 Multiple Remote Vulnerabilities

[

December 8, 2007 09:11 | by ]

#######################################################################

Luigi Auriemma

Bug&Exp | Comments(0) | Trackbacks(0) | Reads(1283)

Linux内核isdn_net.c文件本地溢出漏洞

[

December 7, 2007 15:01 | by ]

开源操作系统Linux内核Linux Kernel实现上存在本地溢出漏洞，此漏洞存在于drivers/isdn/i4l/isdn_net.c文件中的isdn_net_setcfg（）函数在处理发送给ISDN伪设备（/dev/isdnctrl）的IOCTL配置请求时。

Tags: linux , isdn net.c , 溢出 , 漏洞

Bug&Exp | Comments(0) | Trackbacks(0) | Reads(1094)

Cisco Phone 7940 Remote Denial of Service Exploit

[

December 6, 2007 10:00 | by ]

#!/usr/bin/perl
###############################
# Vulnerabily discovered using KiF ~ Kiph
#
# Authors:

Tags: cisco , phone , 7940

Bug&Exp | Comments(0) | Trackbacks(0) | Reads(1137)

RealPlayer 11 local/remote DoS by A.Sawan aka NtWaK0 and A.Hariri aka nophie

[

December 2, 2007 10:12 | by ]

From:milw0rm
#RealPlayer 11 local/remote DoS by A.Sawan aka NtWaK0 and A.Hariri aka nophie

Tags: realplayer11 , expexploit

Bug&Exp | Comments(0) | Trackbacks(0) | Reads(1155)

Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability for xp 2k3

[

December 2, 2007 10:06 | by ]

来源:baicker'Blog
Win2k3_CN SP1 office 2003 msjet40.dll ver 4.0.9025.0 测试成功
WinXP_CN SP2 office 2003 msjet40.dll ver 4.0.8618.0 测试成功

Tags: jet , engine , mdb , xp , 2k3

Bug&Exp | Comments(0) | Trackbacks(0) | Reads(2003)

0day Remote Command Execution] VigileCMS <= 1.8 Stealth

[

November 27, 2007 12:33 | by ]

Google Dork-> Powered by Cms Vigile
------------------------------------------------------------------------------------------------
Use this exploit at your own risk. You are responsible for your own deeds.

Tags: vigilecmsexp , exploit

Bug&Exp | Comments(0) | Trackbacks(0) | Reads(1400)

联众ConnectAndEnterRoom ActiveX控件栈溢出漏洞(exp)

[

November 25, 2007 17:20 | by ]

来源：vbs空间
联众ConnectAndEnterRoom ActiveX控件栈溢出漏洞

Tags: 联众 , connectandenterroom , activex溢出 , 漏洞 , exploit , exp

Bug&Exp | Comments(0) | Trackbacks(0) | Reads(1241)

Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection

[

November 24, 2007 11:07 | by ]

Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection

Tags: wordpress , sql , injection

Bug&Exp | Comments(0) | Trackbacks(0) | Reads(1534)

VMware Workstation Tools驱动的漏洞的Exploit

[

November 23, 2007 10:43 | by ]

来源:WhiteCell
在hgfs.sys版本0.1.0.0测试通过，以前发现的一个东东，也没当一回事，后来升级了VMware Workstation Tools以后发现被补上了，郁闷。。注意，hgfs.sys只存在于装在VMware Workstation里面的OS里。

Tags: vmware , vmexploit , exp , vmtool

Bug&Exp | Comments(0) | Trackbacks(0) | Reads(1534)

迅雷5又（这次怎么多了一个又字）出现0day漏洞？！

[

November 16, 2007 09:51 | by ]

据可靠线报，迅雷5又（这次怎么多了一个又字）出现严重0-Day漏洞，病毒作者可利用该漏洞编写恶意网页，当用于浏览这些网页的时候，就会感染病毒，进而该病毒可以盗窃用户的帐号和密码，从而使用户遭受到损失。
与上次的不同，这次有漏洞的程序出现在迅雷看看（Thunder KanKan）上，pplayer.dll 组件版本号：1.2.3.49，CLSID:F3E70CEA-956E-49CC-B444-73AFE593AD7F.

Tags: 迅雷 , 0day

Bug&Exp | Comments(0) | Trackbacks(0) | Reads(1155)

Windows Local Privilege Escalation Vulnerability Exploit

[

November 13, 2007 16:36 | by ]

Author:  Polymorphours
Email:   Polymorphours@whitecell.org
Homepage:http://www.whitecell.org
Date:    2007-10-23

Tags: exploitexp , windows , privilege , escalation

Bug&Exp | Comments(0) | Trackbacks(0) | Reads(1596)

Windows XP 核心驱动 secdrv.sys 本地权限提升漏洞

[

November 13, 2007 13:40 | by ]

Author: Polymorphours
Email: Polymorphours@whitecell.org
这个内核提权的0day发现有段日子了，据说最近被 Symantec 拣到并报给了 MS，

Tags: 内核 , 漏洞 , 0day , windows , 权限提升

Bug&Exp | Comments(0) | Trackbacks(0) | Reads(1334)

IBM AIX <= 5.3.0 setlocale() Local Privilege Escalation Exploit

[

November 10, 2007 13:00 | by ]

#
#setlocale() exploit for aix 5.2 ( CVE-2006-4254 )
#thomas.pollet@gmail.com
#
from os import execve

bof="a"*580+"bbbbccccdddd\x2f\xf2\x28\x2f"

Tags: aix , ibm , exp , code

Bug&Exp | Comments(0) | Trackbacks(0) | Reads(1156)

MS07-055 poc and exp

[

November 8, 2007 10:05 | by ]

* MS07-055 Kodak Image Viewer TIF/TIFF Code Execution Proof Of Concept
by Hong Gil-Dong, Jeon Woo-chi

* Hwang-Hee(?~1542), Prime Minister in Korea

Tags: exp , bug , ms07055

Bug&Exp | Comments(0) | Trackbacks(0) | Reads(2210)

动易网站管理系统vote.asp页面存在SQL注入漏洞

[

October 31, 2007 15:13 | by ]

---------------------------------------------
http://www.neeao.com
Neeao's Security Blog
BCT授权本站独家转载，转载请保留此签名。
---------------------------------------------

Infos: 漏洞预警中心小组应急事件响应公告（BCTCERA0701）

Tags: bug , 漏洞 , exp

Bug&Exp | Comments(0) | Trackbacks(0) | Reads(1372)