Buffer overflow.
They are still very prevalent.
Here is a list of just the ones published in the last month from milw0rm.
2009-04-23 CoolPlayer Portable 2.19.1 (Skin) Buffer Overflow Exploit 590 R D Stack
2009-04-22 CoolPlayer Portable 2.19.1 (m3u) Buffer Overflow Exploit #2 571 R D His0k4
2009-04-22 CoolPlayer Portable 2.19.1 (m3u) Buffer Overflow Exploit 655 R D Stack
2009-04-20 Linux Kernel 2.6 UDEV Local Privilege Escalation Exploit 9465 R D kcope
2009-04-17 cTorrent/DTorrent (.Torrent File) Buffer Overflow Exploit 2377 R D Michael Brooks
2009-04-16 Oracle APEX 3.2 Unprivileged DB users can see APEX password hashes 1393 R D Alexander Kornbrust
2009-04-15 Star Downloader Free <= 1.45 (.dat) Universal SEH Overwrite Exploit 1195 R D dun
2009-04-14 Easy RM to MP3 Converter Universal Stack Overflow Exploit 1009 R D Stack
2009-04-14 Shadow Stream Recorder (.m3u file) Universal Stack Overflow Exploit 849 R D AlpHaNiX
2009-04-13 BulletProof FTP Client 2009 (.bps) Buffer Overflow Exploit (SEH) 1221 R D His0k4
2009-04-13 Mini-stream Ripper 3.0.1.1 .m3u Universal Stack Overflow Exploit 695 R D Stack
2009-04-13 Mini-stream RM-MP3 Converter 3.0.0.7 .m3u Stack Overflow Exploit 591 R D Stack
2009-04-13 ASX to MP3 Converter 3.0.0.7 .m3u Universal Stack Overflow Exploit 454 R D Stack
2009-04-13 WM Downloader 3.0.0.9 .m3u Universal Stack Overflow Exploit 461 R D Stack
2009-04-13 RM Downloader 3.0.0.9 .m3u Universal Stack Overflow Exploit 443 R D Stack
2009-04-13 HTML Email Creator <= 2.1b668 (html) Local SEH Overwrite Exploit 590 R D dun
2009-04-08 OTSTurntables 1.00.027 (.m3u/.ofl file) Universal BOF Exploit 1047 R D AlpHaNiX
2009-04-08 Linux Kernel < 2.6.29 exit_notify() Local Privilege Escalation Exploit 15040 R D gat3way
2009-04-03 UltraISO <= 9.3.3.2685 CCD/IMG Universal Buffer Overflow Exploit 6556 R D SkD
2009-03-30 Trend Micro Internet Security Pro 2009 Priviliege Escalation PoC 3162 R D b1@ckeYe
2009-03-30 AtomixMP3 <= 2.3 (playlist) Universal SEH Overwrite Exploit 1388 R D His0k4
2009-03-30 Abee Chm eBook Creator 2.11 (FileName) Local Stack Overflow Exploit 1066 R D Encrypt3d.M!nd
2009-03-29 pam-krb5 < 3.13 Local Privilege Escalation Exploit 3149 R D Jon Oberheide
2009-03-29 PowerCHM 5.7 (hhp) Local Buffer Overflow Exploit 1642 R D LiquidWorm
2009-03-27 Abee Chm Maker 1.9.5 (CMP File) Stack overflow Exploit 1139 R D Encrypt3d.M!nd
2009-03-24 Adobe Acrobat Reader JBIG2 Universal Exploit Bind Shell port 5500 7526 R D Black Security
2009-03-23 POP Peeper 3.4.0.0 .html file Universal SEH Overwrite Exploit 1229 R D Stack
2009-03-23 POP Peeper 3.4.0.0 .eml file Universal SEH Overwrite Exploit 951 R D Stack
2009-03-23 eXeScope 6.50 Local Buffer Overflow Exploit 1268 R D Koshi
2009-03-23 Zinf Audio Player 2.2.1 (.pls) Universal Seh Overwrite Exploit 824 R D His0k4
spyware wrote: Threadlock please.
OP, get the fuck outta here. Before you start asking questions regarding topics you don't understand, understand first.
Why are you angry all the time? :P you can explain to the guy his mistake with a little bit more LOVE instead of flaming his ass for no reason xD
Although your honesty pawns ^^
Demons Halo wrote: [quote]spyware wrote: Threadlock please.
OP, get the fuck outta here. Before you start asking questions regarding topics you don't understand, understand first.
Why are you angry all the time? :P you can explain to the guy his mistake with a little bit more LOVE instead of flaming his ass for no reason xD
Although your honesty pawns ^1
No it doesn't. It Sucks.
/quote ↩
MoshBat wrote: [quote]Demons Halo wrote: flaming his ass for no reason xD Shut the fuck up you stupid, inbred twat. Do you honestly not see a reason for that? Can you see the reason for this? Bleh. How many fucking idiots must I see every day?
And I'll leave it up to you to figure out which of those questions are actually meant to be answered, or rather, not rhetorical. [/quote]
you need to chill a bit ^^ If you want you can come over together with COM, C4p & Fritzo to my house and we can talk about this like real girls do :$
honestly not everyone is as well informed as you guys are about this stuff. n00bs (including myself) likes to ask some questions every now and then :P so I see no reason to bust the guys ass, even though it's fun reading… xD
FEEL THE LOVE!!!! :xx:
spyware wrote: Threadlock please.
OP, get the fuck outta here. Before you start asking questions regarding topics you don't understand, understand first.
I see your shitty point but did you have to bring it out like an asshole? I remember reading that this place was friendly and up until I asked a question I thought that was true.
MoshBat wrote: [quote]godofcereal wrote: [quote]spyware wrote: Threadlock please.
OP, get the fuck outta here. Before you start asking questions regarding topics you don't understand, understand first.
I see your shitty point but did you have to bring it out like an asshole? I remember reading that this place was friendly and up until I asked a question I thought that was true.[/quote] Never believe what people say. And we say stuff like arseholes because it works. You pay attention, do you not?[/quote] Yes I pay attention, but I asked because I wanted to know if they were common or not and while getting an answer, I get flamed aswell.
godofcereal wrote: How ofter do you really see them? Not in missions but in the real cyber world. Not extremely often, but it sure happens. The first one I ever found was in Zoran Cindori's HTTP Server and it allowed me to set the HTTP root to the server's actual file system root, meaning that I could download any file from the server and not only from the HTTP_documents folder or whatever it was called.