Doug Prostko

8 exploits Active since Nov 2008
CVE-2013-3843 METASPLOIT ruby WORKING POC
Monkey < 1.2.0 - Memory Corruption
Stack-based buffer overflow in the mk_request_header_process function in mk_request.c in Monkey HTTP Daemon (monkeyd) before 1.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP header.
CVE-2009-3591 METASPLOIT ruby WORKING POC
BEN Webb Dopewars - Improper Input Validation
Dopewars 1.5.12 allows remote attackers to cause a denial of service (segmentation fault) via a REQUESTJET message with an invalid location.
CVE-2008-5106 METASPLOIT ruby WORKING POC
Karjasoft Sami FTP Server - Memory Corruption
Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to an arbitrary command, which triggers the overflow when the SamyFtp.binlog log file is viewed in the management console. NOTE: this may overlap CVE-2006-0441 and CVE-2006-2212.
CVE-2012-10023 METASPLOIT CRITICAL ruby WORKING POC
FreeFloat FTP Server 1.0.0 - Buffer Overflow
A stack-based buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0. The server fails to properly validate input passed to the USER command, allowing remote attackers to overwrite memory and potentially execute arbitrary code. The flaw is triggered by sending an overly long username string, which overflows the buffer allocated for user authentication.
CVSS 9.8
EIP-2026-119103 EXPLOITDB ruby WORKING POC
Sami FTP Server - 'LIST' Buffer Overflow (Metasploit)
CVE-2009-3591 EXPLOITDB text WORKING POC
BEN Webb Dopewars - Improper Input Validation
Dopewars 1.5.12 allows remote attackers to cause a denial of service (segmentation fault) via a REQUESTJET message with an invalid location.
CVE-2009-3591 EXPLOITDB text WORKING POC
BEN Webb Dopewars - Improper Input Validation
Dopewars 1.5.12 allows remote attackers to cause a denial of service (segmentation fault) via a REQUESTJET message with an invalid location.
CVE-2013-3724 EXPLOITDB text WORKING POC
Monkey - Improper Input Validation
The mk_request_header_process function in mk_request.c in Monkey 1.1.1 allows remote attackers to cause a denial of service (thread crash and service outage) via a '\0' character in an HTTP request.