April 18, 2008 11:09 | by 
April 17, 2008 11:22 | by
来源:幻影maillist
前两天推荐过Mark Dowd的Paper “Exploiting Flash Reliably”
http://hi.baidu.com/secway/blog/item/242655971275376855fb96d8.html
学习了一下,很好很强大。为以后Flash Player漏洞的利用开辟了一条崭新崭新的道路啊。
前两天推荐过Mark Dowd的Paper “Exploiting Flash Reliably”
http://hi.baidu.com/secway/blog/item/242655971275376855fb96d8.html
学习了一下,很好很强大。为以后Flash Player漏洞的利用开辟了一条崭新崭新的道路啊。
April 13, 2008 02:32 | by
Author: Polymorphours
Email: Polymorphours@whitecell.org
经内部讨论后决定公布分析成果。
4月8号microsoft再次发布了一个系统内核的补丁(KB941693),微软对该漏洞的描述为: 此安全更新解决 Windows 内核中一个秘
Email: Polymorphours@whitecell.org
经内部讨论后决定公布分析成果。
4月8号microsoft再次发布了一个系统内核的补丁(KB941693),微软对该漏洞的描述为: 此安全更新解决 Windows 内核中一个秘
/** Fedora Core 6,7,8 (exec-shield) based
** Apache Tomcat Connector jk2-2.0.2(mod_jk2) remote overflow exploit
** by INetCop Security
** Apache Tomcat Connector jk2-2.0.2(mod_jk2) remote overflow exploit
** by INetCop Security
April 5, 2008 11:06 | by
/* 04/2008: public release
* I have'nt seen any advisory on this; possibly still not fixed.
*
* SCO UnixWare Merge mcd Local Root Exploit
* I have'nt seen any advisory on this; possibly still not fixed.
*
* SCO UnixWare Merge mcd Local Root Exploit
Exploit ID: CAU-EX-2008-0001
Release Date: 2008.04.04
Title: ypupdated_exec.rb
Description: Solaris ypupdated Command Execution
Tested: Solaris x86/sparc 10, sparc 9, 8, 2.7
Release Date: 2008.04.04
Title: ypupdated_exec.rb
Description: Solaris ypupdated Command Execution
Tested: Solaris x86/sparc 10, sparc 9, 8, 2.7
来源:baicker
milw0rm上的,生成器.lcx给的,稍微改了改代码,据说好用,未测试,最近忙到自杀的时间都没有.唉,可惜有马时候没洞,有洞时候没马,要不就找个站挂上了。
milw0rm上的,生成器.lcx给的,稍微改了改代码,据说好用,未测试,最近忙到自杀的时间都没有.唉,可惜有马时候没洞,有洞时候没马,要不就找个站挂上了。
Real Player rmoc3260.dll ActiveX Control Remote Code Execution Exploit(Heap Corruption)
written by e.b.
Tested on Windows XP SP2(fully patched) English, IE6, rmoc3260.dll version 6.0.10.45
Thanks to h.d.m. and the Metasploit crew
written by e.b.
Tested on Windows XP SP2(fully patched) English, IE6, rmoc3260.dll version 6.0.10.45
Thanks to h.d.m. and the Metasploit crew
/* Dreatica-FXP crew
*
* ----------------------------------------
* Target : mod_jk2 v2.0.2 for Apache 2.0 Win32
* Found by : IOActive Security Advisory
*
* ----------------------------------------
* Target : mod_jk2 v2.0.2 for Apache 2.0 Win32
* Found by : IOActive Security Advisory
Runs calc.exe on Office XP SP3 with updates < 03/11/08.
Just for fun...
http://milw0rm.com/sploits/2008-ms08-016.tgz
Just for fun...
http://milw0rm.com/sploits/2008-ms08-016.tgz
#!/usr/bin/python
# Quick TFTP Pro 2.1 SEH Overflow (0day)
# Tested on Windows XP SP2.
# Coded by Mati Aharoni
# muts..at..offensive-security.com
# http://www.offensive-security.com/0day/quick-tftp-poc.py.txt
# Quick TFTP Pro 2.1 SEH Overflow (0day)
# Tested on Windows XP SP2.
# Coded by Mati Aharoni
# muts..at..offensive-security.com
# http://www.offensive-security.com/0day/quick-tftp-poc.py.txt
#!/usr/bin/python
# TFTP Server for Windows V1.4 ST (0day)
# http://sourceforge.net/projects/tftp-server/
# Tested on Windows Vista SP0.
# Coded by Mati Aharoni
# TFTP Server for Windows V1.4 ST (0day)
# http://sourceforge.net/projects/tftp-server/
# Tested on Windows Vista SP0.
# Coded by Mati Aharoni
Microsoft Office Excel Code Execution Exploit (MS08-014)
http://www.milw0rm.com/sploits/2008-zha0_ms08_014.rar
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
http://www.milw0rm.com/sploits/2008-zha0_ms08_014.rar
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
