Mel0nPlayer 1.0.11.x Denial of Service POC
Software Description Mel0n Player is a famous software in Indonesia to play songs that are provided by the Melon portal (http://www.melon.co.id). This software can play any music file types such as mp3, wav, wma, mp4, and others. This player can also play the files on your local computer or by online streaming to the portal Melon. The songs can also be downloaded to your local computer. Vulnerable Information The main program (IDMelonPlayer.exe) suffers from a buffer overflow vulnerability when opening p_about.ini file (Note: Actually, p_about.ini is a configuration file as part of skin...
read moreFTPGetter v3.58.0.21 Buffer Overflow (PASV) Exploit
A vulnerability has been discovered in FTPGetter, which can be exploited by malicious people to compromise a user’s system. The issue is likely due to insufficient bounds checking and presents itself when the affected FTP client makes a connection to a malicious server that is running PASV mode. The PASV command is issued to tell the server that the client wishes to transfer files in passive mode. FTP servers that support passive mode will respond to such a request with an IP address and port number. Successful exploitation allows execution of arbitrary code, but requires that the user...
read more0day Linux Escalation Privilege Exploit Collection
I have created a script that contains of local privilege escalation exploits that was published by Tavis Ormandy via Exploit-DB.com between October – November 2010. Take a look at here 201011-0day-linux-exploit.tar.bz2 (md5sum: 266e5981888fd2ab061248c692e04742) *Update: I rename the file and make the script more comfort. Please note that I am not responsible for the misuse of this tool. I just collect them into one script. For all users who download this tool should have their own responsibility on...
read moreMOAUB: Month Of Abyssec Undisclosed Bugs
Selama bulan September ini, Abysssec Security Team akan merilis berbagai 0day, termasuk analisanya beserta poc-nya. (link)
read more