Michael Thumann

7 exploits Active since Aug 2005
CVE-2006-3252 METASPLOIT ruby WORKING POC
PrivateWire Gateway <= 3.7 - Remote Code Execution via Long GET Request
Buffer overflow in the Online Registration Facility for Algorithmic Research PrivateWire VPN software up to 3.7 allows remote attackers to execute arbitrary code via a long GET request.
CVE-2005-1983 METASPLOIT ruby WORKING POC
Microsoft Windows 2000 and XP SP1 - Stack-Based Buffer Overflow in Plug and Play Service
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
CVE-2006-3252 EXPLOITDB WORKING POC
PrivateWire Gateway <= 3.7 - Remote Code Execution via Long GET Request
Buffer overflow in the Online Registration Facility for Algorithmic Research PrivateWire VPN software up to 3.7 allows remote attackers to execute arbitrary code via a long GET request.
EIP-2026-119145 EXPLOITDB perl WORKING POC
SIPfoundry sipXtapi - 'CSeq' Remote Buffer Overflow
CVE-2006-3252 EXPLOITDB ruby WORKING POC
PrivateWire Gateway <= 3.7 - Remote Code Execution via Long GET Request
Buffer overflow in the Online Registration Facility for Algorithmic Research PrivateWire VPN software up to 3.7 allows remote attackers to execute arbitrary code via a long GET request.
CVE-2005-1983 EXPLOITDB ruby WORKING POC
Microsoft Windows 2000 and XP SP1 - Stack-Based Buffer Overflow in Plug and Play Service
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
CVE-2006-3524 EXPLOITDB perl WORKING POC
SIPfoundry sipXtapi <20060324 - RCE
Buffer overflow in SIPfoundry sipXtapi released before 20060324 allows remote attackers to execute arbitrary code via a long CSeq field value in an INVITE message.