Tag: Code Execution

security advisory

PostgreSQL pgAdmin4 – Insecure Library Loading Allows Code Execution

This vulnerability can allow attackers to execute arbitrary code on vulnerable installations of pgAdmin4 software. pgAdmin4 is a GUI application for database server administration, and comes packaged with PostgreSQL package.

User interaction is required to exploit this vulnerability in that the malicious dll file(s) should be saved in any of the DLL search paths.

Confirmed on products
pgAdmin4 v1.1: Current version packaged with PostgreSQL v9.6.1.1 (Windows x86 Current version)

Uncategorized

UPlus FTP Server v1.7.1.0.1 remote buffer overflow exploit published

Hi All,

Posted another remote code execution exploit on Exploit-db an hour back. It is published now 🙂

###

#!/usr/bin/python

import socket,sys,base64

print “””

#

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

    UPlusFTP Server v1.7.1.01 [ HTTP ] Remote BoF Exploit PoC

    Discovered by : Karn Ganeshen                          …

Uncategorized

2 Remote Buffer Overflow Code Execution Exploits Published

Hey folks,

As of late, I am reading up on buffer overflows. This is one topic I had been escaping for quite a time. …