Trend Micro Control Manager SQL Injection Vulnerability

Trend Micro Control Manager prior to version 5.5 build 1823 (English and Japanese version) and version 6 build 1449 (English version only) are susceptible to SQL Injection. The application does not properly filter user-supplied input. The successful exploitation of this vulnerability could potentially result in arbitrary SQL command input to the back-end database, such as…

Ezhometech Ezserver <=6.4.017 Stack Buffer Overflow Vulnerability

EZserver version 6.4.017 or below contains a buffer overflow vulnerability which may possibly be exploited to cause a denial of service or arbitrary code execution. Vulnerability Details Buffer overflow condition exist in URL handling, sending long GET request to the server on port 8000 will cause server process to exit and may allow malicious code…

CyberLink Power2Go Unicode Stack Buffer Overflow

The proof of concept of the vulnerability has been released on December 9, 2011, and no further announcement from CyberLink. I tried to coordinate the issue until they didn't contact me anymore. A week after our last email, they updated the product, and  yes it's Power2Go 8. How do they know that the product is safe…

Distinct TFTP Server <=3.10 Directory Traversal Vulnerability

Overview Distinct TFTP Server is part of Distinct Intranet Servers made by Distinct. Corp. Distinct TFTP Server version 3.10 is susceptible to directory traversal attack. Attacker can exploit this vulnerability to retrieve or upload files outside of the TFTP server root directory. Software Description From Distinct website: Distinct Intranet Servers, which includes FTP Server, TFTP, LPD,…

Aviosoft DTV Player 1.x Stack Buffer Overflow

Aviosoft DTV Player is a multiple format video player application. Aviosoft DTV Player 1.0.1.2 and possibly earlier versions fail to properly handle malformed user-supplied data within a playlist (.plf) file before copying it into an insufficiently sized buffer, resulting in a buffer overflow. Software Description Aviosoft DTV Player is a multi-media center combines TV/video/DVD playback,…

BlazeVideo HDTV Player 6.x Buffer Overflow (another version)

Hi again, we tried to make a universal DEP and ASLR bypass version on BlazeVideo HDTV Player 6.x. This exploit is already public, but we just want to make it universal. Take a look at mona.py 🙂 awesome tool developed by corelanc0d3r and his team So here is the poc, it will bind to port…

Porting Your Exploit to Metasploit

Beberapa waktu yang lalu saya udah memberikan tutorial basic exploit development (direct return technique) dan exploit development berbasis SEH. Sekarang mari kita porting exploit tersebut ke Metasploit Framework agar exploit tersebut semakin reliable dan bisa menggunakan macam-macam payload, fitur-fitur canggih yang ada di Metasploit. Kita akan meng-konversi exploit yang pertama, yaitu Free CD to MP3…

ScriptFTP <=3.3 Remote Buffer Overflow Exploit (0day)

ScriptFTP client is vulnerable against remote buffer overflow vulnerability. The condition is triggered while processing LIST FTP command with excessive length. The vulnerability is confirmed in version 3.3. Other version may also be affected. Software Description ScriptFTP is a FTP client designed to automate file transfers. It follows the commands written on a text file…

SEH Based Stack Overflow – The Basic

Kali ini saya akan coba tehnik lain dari stack overflow, yaitu stack overflow berbasis SEH. Apa itu SEH? silakan dibaca diliteratur-literatur berikut: Structured Exception Handling Win32 Exception handling for assembler programmers Tidak ada yang lebih menyenangkan daripada belajar sambil mencoba. Kita akan mencoba SEH based stack overflow pada program yang pernah di post oleh sickness,…