Andres Tarasco

14 exploits Active since Sep 2006
EIP-2026-119297 EXPLOITDB c WORKING POC
Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow (2)
EIP-2026-119296 EXPLOITDB c WORKING POC
Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow (1)
EIP-2026-119217 EXPLOITDB c WORKING POC
TIBCO Rendezvous 7.4.11 - add router Remote Buffer Overflow
CVE-2007-2221 EXPLOITDB html WORKING POC
Microsoft Windows Media Server - RCE
Unspecified vulnerability in the mdsauth.dll COM object in Microsoft Windows Media Server in the Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; or 7 on Windows Vista allows remote attackers to overwrite arbitrary files via unspecified vectors, aka the "Arbitrary File Rewrite Vulnerability."
CVE-2007-1644 EXPLOITDB c WORKING POC
Microsoft Windows DNS Server - Unauthenticated DNS Record Manipulation via Dynamic Update Mechanism
The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM) attacks on web traffic, conduct pharming attacks by poisoning DNS records, and cause a denial of service (erroneous name resolution).
CVE-2007-1748 EXPLOITDB text WORKING POC
Windows 2000 Server SP4 and Server 2003 SP1/SP2 - Remote Code Execution via DNS RPC Zone Name Overflow
Stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to execute arbitrary code via a long zone name containing character constants represented by escape sequences.
CVE-2008-4037 EXPLOITDB text WORKING POC
Microsoft Windows - Remote Code Execution via SMB Credential Reflection
Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka "SMB Credential Reflection Vulnerability." NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.
CVE-2007-3039 EXPLOITDB text WORKING POC
Microsoft Message Queuing - Stack-based Buffer Overflow via RPC Opnum 0x06
Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4, and Windows XP SP2 allows attackers to execute arbitrary code via a long string in an opnum 0x06 RPC call to port 2103. NOTE: this is remotely exploitable on Windows 2000 Server.
CVE-2006-4676 EXPLOITDB c WORKING POC
TIBCO RendezVous <7.4.11 - Info Disclosure
TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which allows local users to obtain sensitive information by decoding the log file.
EIP-2026-117587 EXPLOITDB c WORKING POC
Microsoft Windows XP/2000/2003 - Keyboard Event Privilege Escalation
EIP-2026-117517 EXPLOITDB c WORKING POC
Microsoft Windows - ACLs Privilege Escalation (2)
CVE-2006-5854 EXPLOITDB c WORKING POC
Novell Netware Client 4.91-4.91 SP2 - Remote Code Execution via Spooler Service Buffer Overflow
Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions.
EIP-2026-117512 EXPLOITDB c WORKING POC
Microsoft Windows - 'keybd_event' Local Privilege Escalation
CVE-2007-0444 EXPLOITDB c WORKING POC
Citrix MetaFrame - Stack-based Buffer Overflow in Print Provider Library via Long Arguments
Stack-based buffer overflow in the print provider library (cpprov.dll) in Citrix Presentation Server 4.0, MetaFrame Presentation Server 3.0, and MetaFrame XP 1.0 allows local users and remote attackers to execute arbitrary code via long arguments to the (1) EnumPrintersW and (2) OpenPrinter functions.