| Author |
Buffer overflow. |
godofcereal
Member
Posts: 11
Location: Ireland
Joined: 29.11.08
Rank: Monster |
|
How ofter do you really see them? Not in missions but in the real cyber world.
HTS top poster. |
  
|
| Author |
RE: Buffer overflow. |
stdio
Member
Posts: 375
Location: omnipresent
Joined: 06.04.08
Rank: God |
|
They are still very prevalent.
Here is a list of just the ones published in the last month from milw0rm.
2009-04-23 CoolPlayer Portable 2.19.1 (Skin) Buffer Overflow Exploit 590 R D Stack
2009-04-22 CoolPlayer Portable 2.19.1 (m3u) Buffer Overflow Exploit #2 571 R D His0k4
2009-04-22 CoolPlayer Portable 2.19.1 (m3u) Buffer Overflow Exploit 655 R D Stack
2009-04-20 Linux Kernel 2.6 UDEV Local Privilege Escalation Exploit 9465 R D kcope
2009-04-17 cTorrent/DTorrent (.Torrent File) Buffer Overflow Exploit 2377 R D Michael Brooks
2009-04-16 Oracle APEX 3.2 Unprivileged DB users can see APEX password hashes 1393 R D Alexander Kornbrust
2009-04-15 Star Downloader Free <= 1.45 (.dat) Universal SEH Overwrite Exploit 1195 R D dun
2009-04-14 Easy RM to MP3 Converter Universal Stack Overflow Exploit 1009 R D Stack
2009-04-14 Shadow Stream Recorder (.m3u file) Universal Stack Overflow Exploit 849 R D AlpHaNiX
2009-04-13 BulletProof FTP Client 2009 (.bps) Buffer Overflow Exploit (SEH) 1221 R D His0k4
2009-04-13 Mini-stream Ripper 3.0.1.1 .m3u Universal Stack Overflow Exploit 695 R D Stack
2009-04-13 Mini-stream RM-MP3 Converter 3.0.0.7 .m3u Stack Overflow Exploit 591 R D Stack
2009-04-13 ASX to MP3 Converter 3.0.0.7 .m3u Universal Stack Overflow Exploit 454 R D Stack
2009-04-13 WM Downloader 3.0.0.9 .m3u Universal Stack Overflow Exploit 461 R D Stack
2009-04-13 RM Downloader 3.0.0.9 .m3u Universal Stack Overflow Exploit 443 R D Stack
2009-04-13 HTML Email Creator <= 2.1b668 (html) Local SEH Overwrite Exploit 590 R D dun
2009-04-08 OTSTurntables 1.00.027 (.m3u/.ofl file) Universal BOF Exploit 1047 R D AlpHaNiX
2009-04-08 Linux Kernel < 2.6.29 exit_notify() Local Privilege Escalation Exploit 15040 R D gat3way
2009-04-03 UltraISO <= 9.3.3.2685 CCD/IMG Universal Buffer Overflow Exploit 6556 R D SkD
2009-03-30 Trend Micro Internet Security Pro 2009 Priviliege Escalation PoC 3162 R D b1@ckeYe
2009-03-30 AtomixMP3 <= 2.3 (playlist) Universal SEH Overwrite Exploit 1388 R D His0k4
2009-03-30 Abee Chm eBook Creator 2.11 (FileName) Local Stack Overflow Exploit 1066 R D Encrypt3d.M!nd
2009-03-29 pam-krb5 < 3.13 Local Privilege Escalation Exploit 3149 R D Jon Oberheide
2009-03-29 PowerCHM 5.7 (hhp) Local Buffer Overflow Exploit 1642 R D LiquidWorm
2009-03-27 Abee Chm Maker 1.9.5 (CMP File) Stack overflow Exploit 1139 R D Encrypt3d.M!nd
2009-03-24 Adobe Acrobat Reader JBIG2 Universal Exploit Bind Shell port 5500 7526 R D Black Security
2009-03-23 POP Peeper 3.4.0.0 .html file Universal SEH Overwrite Exploit 1229 R D Stack
2009-03-23 POP Peeper 3.4.0.0 .eml file Universal SEH Overwrite Exploit 951 R D Stack
2009-03-23 eXeScope 6.50 Local Buffer Overflow Exploit 1268 R D Koshi
2009-03-23 Zinf Audio Player 2.2.1 (.pls) Universal Seh Overwrite Exploit 824 R D His0k4
I'm sorry, I cant hear you over the sound of how awesome I am! |
|
|
| Author |
RE: Buffer overflow. |
godofcereal
Member
Posts: 11
Location: Ireland
Joined: 29.11.08
Rank: Monster |
|
Yeah but thats milw0rm, thats hundreds of people contributing.
Have you ever found one yourself?
HTS top poster. |
|
|
| Author |
RE: Buffer overflow. |
stdio
Member
Posts: 375
Location: omnipresent
Joined: 06.04.08
Rank: God |
|
|
godofcereal wrote:
Yeah but thats milw0rm, thats hundreds of people contributing.
Have you ever found one yourself?
yes
I'm sorry, I cant hear you over the sound of how awesome I am! |
|
|
| Author |
RE: Buffer overflow. |
spyware
Member
Posts: 4190
Location: The Netherlands
Joined: 14.04.07
Rank: God
Warn Level: 90
|
|
Threadlock please.
OP, get the fuck outta here. Before you start asking questions regarding topics you don't understand, understand first.
"The chowner of property." - Zeph Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term. - Carl Sagan Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor? - Ebert |
|
|
| Author |
RE: Buffer overflow. |
Demons Halo
Member
Posts: 261
Location: Sweden
Joined: 26.03.09
Rank: Hacker Level 1 |
|
|
spyware wrote:
Threadlock please.
OP, get the fuck outta here. Before you start asking questions regarding topics you don't understand, understand first.
Why are you angry all the time? 
you can explain to the guy his mistake with a little bit more LOVE instead of flaming his ass for no reason xD
Although your honesty pawns ^^
|
|
|
| Author |
RE: Buffer overflow. |
Sir Hackalot
Banned
Posts: 33
Location: Denmark
Joined: 30.04.06
Rank: Newbie |
|
Demons Halo wrote:
spyware wrote:
Threadlock please.
OP, get the fuck outta here. Before you start asking questions regarding topics you don't understand, understand first.
Why are you angry all the time?
you can explain to the guy his mistake with a little bit more LOVE instead of flaming his ass for no reason xD
Although your honesty pawns ^^
No it doesn't. It Sucks. |
|
|
| Author |
RE: Buffer overflow. |
AldarHawk
The Manager
Posts: 1661
Location: Canada
Joined: 26.01.06
Rank: God |
|
Anways, Just because hundreds of people are contributing does not mean that no one finds them. There are hundreds found...thus the hundreds of people contribute.
They are very common. You just need to know how to control the information to get the results you wish.
|
 
|
| Author |
RE: Buffer overflow. |
Demons Halo
Member
Posts: 261
Location: Sweden
Joined: 26.03.09
Rank: Hacker Level 1 |
|
MoshBat wrote:
Demons Halo wrote:
flaming his ass for no reason xD
Shut the fuck up you stupid, inbred twat.
Do you honestly not see a reason for that?
Can you see the reason for this?
Bleh. How many fucking idiots must I see every day?
And I'll leave it up to you to figure out which of those questions are actually meant to be answered, or rather, not rhetorical.
you need to chill a bit ^^
If you want you can come over together with COM, C4p & Fritzo to my house and we can talk about this like real girls do :$
honestly not everyone is as well informed as you guys are about this stuff. n00bs (including myself) likes to ask some questions every now and then so I see no reason to bust the guys ass, even though it's fun reading... xD
FEEL THE LOVE!!!! 
|
|
|
| Author |
RE: Buffer overflow. |
godofcereal
Member
Posts: 11
Location: Ireland
Joined: 29.11.08
Rank: Monster |
|
|
spyware wrote:
Threadlock please.
OP, get the fuck outta here. Before you start asking questions regarding topics you don't understand, understand first.
I see your shitty point but did you have to bring it out like an asshole? I remember reading that this place was friendly and up until I asked a question I thought that was true. |
|
|
| Author |
RE: Buffer overflow. |
godofcereal
Member
Posts: 11
Location: Ireland
Joined: 29.11.08
Rank: Monster |
|
MoshBat wrote:
godofcereal wrote:
spyware wrote:
Threadlock please.
OP, get the fuck outta here. Before you start asking questions regarding topics you don't understand, understand first.
I see your shitty point but did you have to bring it out like an asshole? I remember reading that this place was friendly and up until I asked a question I thought that was true.
Never believe what people say.
And we say stuff like arseholes because it works.
You pay attention, do you not?
Yes I pay attention, but I asked because I wanted to know if they were common or not and while getting an answer, I get flamed aswell.
HTS top poster. |
|
|
| Author |
RE: Buffer overflow. |
Uber0n
Member
Posts: 1963
Location: Sweden
Joined: 13.06.06
Rank: God |
|
|
godofcereal wrote:
How ofter do you really see them? Not in missions but in the real cyber world.
Not extremely often, but it sure happens. The first one I ever found was in Zoran Cindori's HTTP Server and it allowed me to set the HTTP root to the server's actual file system root, meaning that I could download any file from the server and not only from the HTTP_documents folder or whatever it was called.
http://uber0n.webs.com/ |
|
|
Main:
