Section: .. / 0910-exploits /

Page 2 of 9
<< 1 2 3 4 5 6 7 8 9 >> Files 25 - 50 of 210

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	upnp_location.rb.txt
Description:	This Metasploit module exploits the Mac OS X mDNSResponder UPnP location overflow.
Homepage:	http://www.metasploit.com
File Size:	5371
Last Modified:	Oct 28 15:58:46 2009
MD5 Checksum:	00933391fec89081e5a6100903e69651

/// File Name:	quicktime_rtsp_content_type.rb.txt
Description:	This Metasploit module exploits the Mac OS X Quicktime RTSP Content-Type overflow.
Homepage:	http://www.metasploit.com
File Size:	5278
Last Modified:	Oct 28 16:01:22 2009
MD5 Checksum:	380966feca11229459ef798d1bee894d

/// File Name:	manyargs.rb.txt
Description:	This exploit connects to a system's modem over dialup and exploits a buffer overflow vulnerability in it's System V derived /bin/login. The vulnerability is triggered by providing a large number of arguments.
Author:	I)ruid
File Size:	5171
Related OSVDB(s):	690,691
Related CVE(s):	CVE-2001-0797
Last Modified:	Oct 27 11:38:16 2009
MD5 Checksum:	51afebbc895b33a74c8ba7e02248e61f

/// File Name:	freebsddevfs-racecondition.txt
Description:	FreeBSD version 7.2 VFS/devfs race condition local root exploit.
Author:	Przemyslaw Frasunek
Related File:	FreeBSD-SA-09-14.devfs.txt
File Size:	5156
Last Modified:	Oct 8 14:23:23 2009
MD5 Checksum:	aff10f17f7a072f73efb05e1a9ea494c

/// File Name:	mozilla_compareto.rb.txt
Description:	This Metasploit module exploits a code execution vulnerability in the Mozilla Suite, Mozilla Firefox, and Mozilla Thunderbird applications. This exploit module is a direct port of Aviv Raff's HTML PoC.
Author:	Aviv Raff,H D Moore
Homepage:	http://www.metasploit.com
File Size:	5132
Related OSVDB(s):	17968
Related CVE(s):	CVE-2005-2265
Last Modified:	Oct 27 17:01:03 2009
MD5 Checksum:	4d11bb8de765d259995301791ec60b38

/// File Name:	java_calendar_deserialize.rb.txt
Description:	This Metasploit module exploits a flaw in the deserialization of Calendar objects in the Sun JVM. The payload can be either a native payload which is generated as an executable and dropped/executed on the target or a shell from within the Java applet in the target browser. The effected Java versions are JDK and JRE 6 Update 10 and earlier, JDK and JRE 5.0 Update 16 and earlier, SDK and JRE 1.4.2_18 and earlier (SDK and JRE 1.3.1 are not affected).
Author:	sf,H D Moore
Homepage:	http://www.metasploit.com
File Size:	5114
Related OSVDB(s):	50500
Related CVE(s):	CVE-2008-5353
Last Modified:	Oct 27 16:58:33 2009
MD5 Checksum:	adddfd511b0cb82ba52be9f260b8602f

/// File Name:	joomla_tinybrowser.rb.txt
Description:	This Metasploit module exploits a vulnerability in the TinyMCE/tinybrowser plugin. This plugin is not secured in version 1.5.12 of joomla and allows the upload of files on the remote server. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.
Author:	spinbad
File Size:	5082
Last Modified:	Oct 30 14:10:22 2009
MD5 Checksum:	8bf22f8e32a8a748e30581d85e45e524

/// File Name:	nginx-dos.txt
Description:	nginx versions 0.7.0 through 0.7.61, 0.6.0 through 0.6.38, 0.5.0 through 0.5.37, and 0.4.0 through 0.4.14 suffer from a remote null pointer dereferencing vulnerability. Proof of concept code included.
Author:	zeus penguin
File Size:	4972
Last Modified:	Oct 23 13:55:00 2009
MD5 Checksum:	14adedcf029f6a34749e1f0d7b331821

/// File Name:	tikiwiki_graph_formula_exec.rb.txt
Description:	TikiWiki versions 1.9.8 and below contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'tiki-graph_formula.php' script not properly sanitizing user input supplied to the f variable, which may allow a remote attacker to execute arbitrary PHP commands resulting in a loss of integrity.
Author:	Matteo Cantoni
File Size:	4921
Related OSVDB(s):	40478
Related CVE(s):	CVE-2007-5423
Last Modified:	Oct 30 14:57:02 2009
MD5 Checksum:	9bb463f184aa6ec072b62cc3720e38e1

/// File Name:	twonkymedia-xss.txt
Description:	TwonkyMedia Server versions 4.4.17 and below and 5.0.65 and below suffer from multiple cross site scripting vulnerabilities.
Author:	Davide Canali
File Size:	4788
Last Modified:	Oct 23 13:20:43 2009
MD5 Checksum:	784142affb4a1ea0c01fb26aa68c7d4e

/// File Name:	httpdx14-overflow.txt
Description:	httpdx web server version 1.4 if vulnerable to a remote buffer overflow vulnerable when supplied a long GET request. Exploit is written for httpdx 1.4 on Windows XP SP3 and binds a shell to port 58821.
Author:	Pankaj Kohli
Homepage:	http://www.pank4j.com/
File Size:	4702
Last Modified:	Oct 8 14:08:14 2009
MD5 Checksum:	00b412c87dc078e5022add43ffd4f5c3

/// File Name:	imgsrv.py.txt
Description:	Ada Image Server version 0.6.6 SEH overwrite exploit. Written in python. Binds a shell to port 4444.
Author:	Blake
File Size:	4621
Last Modified:	Oct 7 21:52:57 2009
MD5 Checksum:	56866ba940b43b0183eef2242682d5fd

/// File Name:	NSOADV-2009-003.txt
Description:	Websense Email Security suffers from a cross site scripting vulnerability. Proof of concept code included.
Author:	Nikolas Sotiriu
Homepage:	http://sotiriu.de/
File Size:	4611
Last Modified:	Oct 20 23:38:57 2009
MD5 Checksum:	dc4e383f65ff502591b67ad9deedb564

/// File Name:	opera_historysearch.rb.txt
Description:	Certain constructs are not escaped correctly by Opera's History Search results. These can be used to inject scripts into the page, which can then be used to modify configuration settings and execute arbitrary commands. Affects Opera versions between 9.50 and 9.61.
Author:	Aviv Raff,Roberto Suggi Liverani Craig
File Size:	4598
Related OSVDB(s):	49472
Related CVE(s):	CVE-2008-4696
Last Modified:	Oct 27 17:10:14 2009
MD5 Checksum:	b217cb641cbc6f7e36e3f249a2a4cc1e

/// File Name:	opera_configoverwrite.rb.txt
Description:	Opera web browser in versions 9.10 and below allows unrestricted script access to its configuration page, opera:config, allowing an attacker to change settings and potentially execute arbitrary code.
File Size:	4463
Last Modified:	Oct 27 17:08:05 2009
MD5 Checksum:	a1c3a6e51e21635db81c032dda7ed33c

/// File Name:	vmware-fission.c
Description:	VMware Fusion versions 2.0.5 and below vmx86 kext local kernel root exploit.
Author:	mu-b
Homepage:	http://www.digit-labs.org/
Related File:	VMSA-2009-0013.txt
File Size:	4450
Related CVE(s):	CVE-2009-3281
Last Modified:	Oct 2 13:14:01 2009
MD5 Checksum:	75dafadc5e750f285ab923e290910006

/// File Name:	sadmind_adm_build_path.rb.txt
Description:	This Metasploit module exploits a buffer overflow vulnerability in adm_build_path() function of sadmind daemon.
Author:	Adriano Lima
Homepage:	http://www.risesecurity.org/
File Size:	4446
Related OSVDB(s):	49111
Related CVE(s):	CVE-2008-4556
Last Modified:	Oct 28 19:21:21 2009
MD5 Checksum:	445586327b6a99350a42708bd196facb

/// File Name:	ONSEC-09-004.txt
Description:	Amiro.CMS versions 5.4.0.0 and below suffer from cross site scripting vulnerabilities.
Author:	Vladimir Vorontsov
File Size:	4443
Last Modified:	Oct 19 20:01:36 2009
MD5 Checksum:	3d07b62c68d1c12d93fc8c635689910f

/// File Name:	google_proxystylesheet_exec.rb.txt
Description:	This Metasploit module exploits a feature in the Saxon XSLT parser used by the Google Search Appliance. This feature allows for arbitrary java methods to be called. Google released a patch and advisory to their client base in August of 2005 (GA-2005-08-m). The target appliance must be able to connect back to your machine for this exploit to work.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	4327
Related OSVDB(s):	20981
Related CVE(s):	CVE-2005-3757
Last Modified:	Oct 30 14:08:54 2009
MD5 Checksum:	8e61751b74839e299e2e895dbfd1c59f

/// File Name:	BONSAI-2009-0101.txt
Description:	Achievo versions 1.3.4 and below suffer from cross site scripting vulnerabilities.
Author:	Ryan Dewhurst
File Size:	4311
Related CVE(s):	CVE-2009-2733
Last Modified:	Oct 14 19:06:03 2009
MD5 Checksum:	8248e8043b6e33957c3e8178a4578e43

/// File Name:	NGS00532.txt
Description:	SharePoint Team Services suffers from a remote source code disclosure vulnerability in its download facility.
Author:	Daniel Martin
File Size:	4217
Last Modified:	Oct 26 19:37:17 2009
MD5 Checksum:	b5a6103f707376e91e9192d422dd25ea

/// File Name:	sendmail_exec.rb.txt
Description:	This Metasploit module exploits an arbitrary command execution flaw in the in.lpd service shipped with all versions of Sun Solaris up to and including 8.0. This module uses a technique discovered by Dino Dai Zovi to exploit the flaw without needing to know the resolved name of the attacking system.
Author:	Dino A Dai Zovi,H D Moore
Homepage:	http://www.metasploit.com
File Size:	4166
Related OSVDB(s):	15131
Related CVE(s):	CVE-2001-1583
Last Modified:	Oct 28 16:43:46 2009
MD5 Checksum:	e38a9f11115d68bc3f3a83145bf7542a

/// File Name:	squid_ntlm_authenticate.rb.txt
Description:	This is an exploit for Squid's NTLM authenticate overflow (libntlmssp.c). Due to improper bounds checking in ntlm_check_auth, it is possible to overflow the 'pass' variable on the stack with user controlled data of a user defined length.
Author:	skape
File Size:	4150
Related OSVDB(s):	6791
Related CVE(s):	CVE-2004-0541
Last Modified:	Oct 27 16:24:50 2009
MD5 Checksum:	1e35db4061c87b08d4b474ab69753bdd

/// File Name:	waraxe-2009-SA075.txt
Description:	Vivvo CMS version 4.1.5.1 suffers from a remote file disclosure vulnerability.
Author:	Janek Vind aka waraxe
Homepage:	http://www.waraxe.us/
File Size:	4122
Last Modified:	Oct 22 11:37:00 2009
MD5 Checksum:	360b4a9d73951843936418fba3ef120b

/// File Name:	minishare155-overflow.txt
Description:	MiniShare HTTP server version 1.5.5 remote buffer overflow exploit that binds a shell to port 4444.
Author:	iM4n
File Size:	4120
Last Modified:	Oct 19 20:09:50 2009
MD5 Checksum:	246d187aa67e0473fd80dcc4c4d75347