Zero Science Lab

——————
Codes

————————————————————————————————————

- showtime_bof.pl

Desc: Nero ShowTime version 5.0.15.0 m3u playlist file remote buffer overflow denial of service proof of concept exploit.

Reference:
http://xforce.iss.net/xforce/xfdb/46811
http://secunia.com/advisories/32850/
http://www.milw0rm.com/exploits/7207
http://www.packetstormsecurity.org/filedesc/showtime_bof.pl.txt.html
http://www.securityfocus.com/bid/32446

————————————————————————————————————

- kvirc_fs.html

Desc: KVIrc version 3.4.0 Virgo remote format string proof of concept exploit.

Reference:
http://www.milw0rm.com/exploits/6832
http://www.packetstormsecurity.org/filedesc/kvirc-format.txt.html
http://www.sebug.net/exploit/4944/
http://www.securityfocus.com/bid/31912
http://www.frsirt.com/english/advisories/2008/2926
http://www.secunia.com/advisories/32410/
http://www.juniper.net/security/auto/vulnerabilities/vuln31912.html

————————————————————————————————————

- eserv_bof.pl

Desc: Eserv 3.x FTP Server ABOR related remote stack overflow proof of concept exploit.

Reference:
http://www.milw0rm.com/exploits/6752
http://www.packetstormsecurity.org/filedesc/eserv-overflow.txt.html
http://www.securityfocus.com/bid/31753
http://astalavista.com/index.php?section=exploits&cmd=details&id=6862
http://securityreason.com/exploitalert/4915
http://forum.blackhack.ru/showthread.php?t=3549

————————————————————————————————————

- vbados.txt

Desc: VBA32 Personal Antivirus version 3.12.8.x suffers from a malformed archive denial of service vulnerability. Proof of concept exploit.

Reference:
http://packetstormsecurity.org/filedesc/vba32-poc-tgz.html
http://www.sebug.net/exploit/4800/
http://www.securityfocus.com/bid/31560
http://www.milw0rm.com/exploits/6658
http://zeroscience.org/codes/vba32_poc.rar

————————————————————————————————————

- femitter-dos.c

Desc: Femitter FTP server version 1.03 remote denial of service proof of concept exploit.

Reference:
http://www.milw0rm.com/exploits/6481
http://www.packetstormsecurity.org/filedesc/fermitter-dos.txt.html
http://www.securityfocus.com/bid/31226
http://heapoverflow.com/f0rums/public/8691-femitter-ftp-server.html
http://www.sebug.net/exploit/4658/

————————————————————————————————————

- CoolCon02.c

Desc: A simple command-line converter written in C language (win32) that converts input as string or integer. ASCII to Binary/Decimal/Octal/Hexadecimal, Binary to Decimal/Octal/Hexadecimal, Decimal to Binary/Octal/Hexadecimal. ROT13 and URL Unicode UTF-8 encoding feature. Updated version of CoolCon v0.01.

Reference:
http://www.packetstormsecurity.org/filedesc/CoolCon0.2.rar.html

————————————————————————————————————

- maxthon_dos.html

Desc: Maxthon Browser version 2.1.4.443 UNICODE remote denial of service proof of concept exploit.

Reference:
http://www.milw0rm.com/exploits/6434
http://www.packetstormsecurity.org/filedesc/maxthon-dos.txt.html
http://www.securityfocus.com/bid/31098

————————————————————————————————————

- seamonkey_dos.html

Desc: SeaMonkey version 1.1.11 remote denial of service proof of concept exploit that makes use of excessive marquee tags being used.

Reference:
http://www.securityfocus.com/bid/31070
http://www.packetstormsecurity.org/filedesc/seamonkey-dos.txt.html

————————————————————————————————————

- flock_dos.html

Desc: Flock Social Web Browser version 1.2.5 looping denial of service exploit.

Reference:
http://www.milw0rm.com/exploits/6391
http://www.securityfocus.com/bid/31044
http://www.packetstormsecurity.org/filedesc/flockweb-dos.txt.html
http://www.astalavista.com/index.php?section=exploits&cmd=details
http://securityreason.com/exploitalert/4617

————————————————————————————————————

- goodos.html

Desc: Google Chrome Browser version 0.2.149.27 denial of service exploit that uses javascript.

Reference:
http://packetstormsecurity.org/filedesc/google-chrome-dos2.txt.html
http://www.lifedork.com/google-chrome-browser-crash.html

————————————————————————————————————

- aslr_sc.c

Desc: 79 byte linux/x86 (Fedora 8) shellcode that performs setuid(0) + setgid(0) + execve("echo 0 > / proc/sys/kernel/randomize_va_space").

Reference:
http://www.milw0rm.com/shellcode/6268
http://packetstormsecurity.org/filedesc/linux-set.txt.html
http://pooh.gr.jp/item-5674.html
http://www.sebug.net/exploit/4455/

————————————————————————————————————

- vuplayer_bof.pl

Desc: VUPlayer version 2.49 M3U playlist file remote buffer overflow exploit. Shellcode spawns calc.exe.

Reference:
http://www.securityfocus.com/bid/21363
http://www.packetstormsecurity.org/filedesc/vuplayer_bof.pl.txt.html
http://www.securityhome.eu/exploits/exploit.php

————————————————————————————————————

- powerdvd_bof.pl

Desc: CyberLink PowerDVD versions 8.0 and below crafted PLS/M3U playlist file buffer overflow/denial of service exploit.

Reference:
http://www.securityfocus.com/bid/30341
http://www.packetstormsecurity.org/filedesc/powerdvd_bof.pl.txt.html
http://www.net-security.org/vuln.php?id=5616
http://www.sebug.net/vulndb/3704/

————————————————————————————————————

- blazedvd_bof.pl

Desc: BlazeDVD version 5.0 PLF playlist file remote buffer overflow exploit that spawns calc.exe.

Reference:
http://www.milw0rm.com/exploits/6217
http://www.securityfocus.com/bid/21337
http://www.packetstormsecurity.org/filedesc/blazedvd_bof.pl.txt.html

————————————————————————————————————

- CoolCon.c

Desc: A simple command-line converter written in C language (Win32) that converts input as string or integer. ASCII to Binary / Decimal / Octal / Hexadecimal, Binary to Decimal / Octal / Hexadecimal, Decimal to Binary / Octal / Hexadecimal. ROT13 feature.

Reference:
http://www.packetstormsecurity.org/filedesc/CoolCon0.01.rar.html