Coding : Sécurité Programmation Réseaux

Welcome to Coding : Sécurité Programmation Réseaux

Create an Account

Home | Submit News Your Account Content | Topics | Top 10

Accueil

· Home
· Listing des Articles
· Top 10
· Repository des Exploits

Les sujets / parties

· C / C ++
· Visual Basic
· Asm
· Reseaux
· Java
· Securite
· Divers

Utile

· Listing des Articles

· Telecharger
· Le Forum
· Liens
· Proposer un article

Top20 des Downloads

· 1: Etude des reseaux generalites et protocoles
· 2: Cheval de troie en VB avec sources
· 3: Netcat 1.1
· 4: Keylogger
· 5: Etudes des reseaux hauts debits architectures et protocoles
· 6: Ecoute de port
· 7: Etude du Smart Spoofing
· 8: Win Packet Capture Utils
· 9: Tutorial on Traffic Interception on Switched Lan using ARP spoofing
· 10: Cours de C

User Info

Coding : Sécurité Programmation Réseaux Exploit Library!

Panda Security ActiveScan 2.0 (Update) Remote BOF Exploit

Panda Security ActiveScan 2.0 (Update) Remote BOF ExploitAuthor:  	Karol Wiesek <karol [at] wiesek {dizd0t} pl>
Homepage:	http://karol.wiesek.pl/

There exists two vulnerabilities in Panda Security ActiveScan 2.0 Update function.
1) typical overflow ( this exploit )
2) Update function allows to install any ( attacker suplied ) CABinet into victims system

Panda Security have not respond in any manner, thus i have no information of any patches, plans for patching ...

* UPDATE * 

Panda has patched newest version, so update will not connect to custom ( attacker supplied ) URL.

Exploit:
http://karol.wiesek.pl/files/panda.tgz
http://milw0rm.com/sploits/2008-panda.tgz

# milw0rm.com [2008-07-04]

PHP-Nuke Copyright © 2005 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.25 Seconds