Full Disclosure mailing list archives

Re: SHOUTcast Server 1.8.x remote heap overrun exploit binary version

From: "airsupply () freebsdchina org" <airsupply () freebsdchina org>
Date: Tue, 24 Feb 2004 14:19:22 -0800

Alexander wrote:

http://www.securitylab.ru/42976.html (in russian!)

shoutdown.01.tar.gz: SHOUTcast 1.9.2 remote heap overrun exploit. Binds
rootshell on port 26112.

Note: this is binary version. Compiled on Linux/x86 with gcc3.2. Source code
wont be distributed.



Autor: ?D4rkGr3y? of m00 Security

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

our exp source code at  http://www.0x557.org/release/shoutexp.py

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

SHOUTcast Server 1.8.x remote heap overrun exploit binary version Alexander (Feb 23)
- Re: SHOUTcast Server 1.8.x remote heap overrun exploit binary version airsupply () freebsdchina org (Feb 23)
  - Re: SHOUTcast Server 1.8.x remote heap overrun exploit binary version -={|TooManyMirrors|}=- (Feb 24)
    - Re: SHOUTcast Server 1.8.x remote heap overrun exploit binary version Tim (Feb 24)