Section: .. / 0910-exploits /

Page 4 of 9
<< 1 2 3 4 5 6 7 8 9 >> Files 75 - 100 of 210

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	linksys_apply_cgi.rb.txt
Description:	This Metasploit module exploits a stack overflow in apply.cgi on the Linksys WRT54G and WRT54GS routers. According to iDefense who discovered this vulnerability, all WRT54G versions prior to 4.20.7 and all WRT54GS version prior to 1.05.2 may be be affected.
Author:	Julien Tinnes,Raphael Rigo
Related File:	09.13.05-5.txt
File Size:	3277
Related OSVDB(s):	19389
Related CVE(s):	CVE-2005-2799
Last Modified:	Oct 27 13:36:55 2009
MD5 Checksum:	f46d36d7aa558c865de93b54fe9cb04b

/// File Name:	novelbof.txt
Description:	Novell eDirectory version 8.8 SP5 for Windows proof of concept buffer overflow exploit.
Author:	karak0rsan,murderkey
Homepage:	http://tcc.hellcode.net/
File Size:	3268
Last Modified:	Oct 26 14:48:37 2009
MD5 Checksum:	453bca7988f2f24cb5de8234768537fb

/// File Name:	wmacon-overflow.txt
Description:	Free WMA MP3 Converter version 1.1 local buffer overflow exploit that creates a malicious .wav file and executes a reverse shell.
Author:	KriPpLer
Homepage:	http://www.x-sploited.com/
File Size:	3224
Last Modified:	Oct 7 22:11:35 2009
MD5 Checksum:	398f50ac5a94babc7421a669566879d0

/// File Name:	mckesson-passwd.txt
Description:	McKesson Horizon Clinical Infrastructure, also know as McKesson HCI, utilizes hardcoded passwords for Oracle database access. This is very disturbing considering they claim to be installed in 70% of all hospitals in the United States. Versions 7.6, 7.8, 10.0, and 10.1 are all affected.
File Size:	3179
Last Modified:	Oct 19 18:13:04 2009
MD5 Checksum:	295de0dcb4b14bae7523d8203022dec4

/// File Name:	cherokee054-dos.txt
Description:	Cherokee web server version 0.5.4 remote denial of service exploit.
Author:	Usman Saeed
Homepage:	http://www.xc0re.net/
File Size:	3155
Last Modified:	Oct 26 17:22:37 2009
MD5 Checksum:	e1b14a3bd33860cb9c3158059084d5c0

/// File Name:	lsass_cifs.rb.txt
Description:	This Metasploit module exploits a stack overflow in the NetWare CIFS.NLM driver. Since the driver runs in the kernel space, a failed exploit attempt can cause the OS to reboot.
Author:	toto
File Size:	3138
Related OSVDB(s):	12790
Last Modified:	Oct 28 14:51:12 2009
MD5 Checksum:	d4b13b929126920753288d33c74b948f

/// File Name:	firefox_queryinterface.rb.txt
Description:	This Metasploit module exploits a code execution vulnerability in the Mozilla Firefox browser. To reliably exploit this vulnerability, we need to fill almost a gigabyte of memory with our nop sled and payload. This module has been tested on OS X 10.3 with the stock Firefox 1.5.0 package.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	3107
Related OSVDB(s):	22893
Related CVE(s):	CVE-2006-0295
Last Modified:	Oct 27 16:49:39 2009
MD5 Checksum:	b158bc86d5bf60d7467ced07314943c5

/// File Name:	pegasusmc-dos.txt
Description:	Pegasus Mail Client version 4.51 suffers from a remote buffer overflow vulnerability. Proof of concept denial of service code included.
Author:	Francis Provencher
File Size:	3085
Last Modified:	Oct 23 14:11:49 2009
MD5 Checksum:	6b9040c53e0c1197f0131e4112e3e806

/// File Name:	eurekamc-dos.txt
Description:	Eureka Mail Client version 2.2q suffers from a remote buffer overflow vulnerability. Proof of concept denial of service code included.
Author:	Francis Provencher
File Size:	3032
Last Modified:	Oct 23 14:10:33 2009
MD5 Checksum:	beb4542e9762edd2816a9576dae31553

/// File Name:	awstats_migrate_exec.rb.txt
Description:	This Metasploit module exploits an arbitrary command execution vulnerability in the AWStats CGI script. AWStats v6.4 and v6.5 are vulnerable. Perl based payloads are recommended with this module. The vulnerability is only present when AllowToUpdateStatsFromBrowser is enabled in the AWstats configuration file (non-default).
Author:	patrick
Homepage:	http://www.metasploit.com
File Size:	3020
Related OSVDB(s):	25284
Related CVE(s):	CVE-2006-2237
Last Modified:	Oct 30 13:58:36 2009
MD5 Checksum:	d879552f700a6ae226a70d8f51143a4a

/// File Name:	joomlarecerca-sql.txt
Description:	The Joomla Recerca component suffers from a remote SQL injection vulnerability.
Author:	Don Tukulesto
Homepage:	http://www.indonesiancoder.com/
File Size:	2995
Last Modified:	Oct 7 21:41:38 2009
MD5 Checksum:	2279e12d0654479761e15478811f9298

/// File Name:	php_vbulletin_template.rb.txt
Description:	This Metasploit module exploits an arbitrary PHP code execution flaw in the vBulletin web forum software. This vulnerability is only present when the "Add Template Name in HTML Comments" option is enabled. All versions of vBulletin prior to 3.0.7 are affected.
Author:	str0ke
File Size:	2990
Related OSVDB(s):	14047
Related CVE(s):	CVE-2005-0511
Last Modified:	Oct 30 14:45:56 2009
MD5 Checksum:	c83f9da07beaf589f9aa2e8ad6021a4f

/// File Name:	joomlabl-rfi.txt
Description:	Joomla Book Library component version 1.0 suffers from a remote file inclusion vulnerability.
Author:	kaMtiEz
Homepage:	http://www.indonesiancoder.com/
File Size:	2984
Last Modified:	Oct 19 20:19:45 2009
MD5 Checksum:	89097808011a11a12f745242df7ccaa3

/// File Name:	freebsdpipe-racecondition.txt
Description:	FreeBSD version 6.4 pipeclose()/knlist_cleardel() race condition exploit that results in a NULL pointer dereference and runs code in kernel mode giving a root shell and escaping from jail.
Author:	Przemyslaw Frasunek
Related File:	FreeBSD-SA-09-13.pipe.txt
File Size:	2978
Last Modified:	Oct 8 14:13:41 2009
MD5 Checksum:	0cdc6263e3e3de633c7e777c3fde8d8a

/// File Name:	ut2004_secure.rb.txt
Description:	This is an exploit for the GameSpy secure query in the Unreal Engine. This exploit only requires one UDP packet, which can be both spoofed and sent to a broadcast address. Usually, the GameSpy query server listens on port 7787, but you can manually specify the port as well. The RunServer.sh script will automatically restart the server upon a crash, giving us the ability to bruteforce the service and exploit it multiple times.
Author:	onetwo
File Size:	2929
Related OSVDB(s):	7217
Related CVE(s):	CVE-2004-0608
Last Modified:	Oct 27 12:03:08 2009
MD5 Checksum:	1fe6cf0edfe8f646bf3e727a7cb23670

/// File Name:	type77.rb.txt
Description:	This Metasploit module exploits a stack overflow in the Arkeia backup client for the Mac OS X platform. This vulnerability affects all versions up to and including 5.3.3 and has been tested with Arkeia 5.3.1 on Mac OS X 10.3.5.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	2928
Related OSVDB(s):	14011
Related CVE(s):	CVE-2005-0491
Last Modified:	Oct 28 14:55:21 2009
MD5 Checksum:	9aca80e8f1b4ff06430e71ac93ba6595

/// File Name:	nagios3_statuswml_ping.rb.txt
Description:	This Metasploit module abuses a metacharacter injection vulnerability in the Nagios3 statuswml.cgi script. This flaw is triggered when shell metacharacters are present in the parameters to the ping and traceroute commands.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	2878
Related OSVDB(s):	55281
Related CVE(s):	CVE-2009-2288
Last Modified:	Oct 30 14:33:33 2009
MD5 Checksum:	8369632633bc7915a367b2218ef452f3

/// File Name:	proc-access.txt
Description:	It appears that manipulation of file descriptors via /proc can circumvent permissions on parent directories of the file.
Author:	Pavel Machek
File Size:	2874
Last Modified:	Oct 23 16:16:47 2009
MD5 Checksum:	43ddfec3b4e663a94f8e7c784aeb31a8

/// File Name:	zoiper_dos.py.txt
Description:	ZoIPer Call-Info remote denial of service crash exploit.
Author:	Tomer Bitton
File Size:	2872
Last Modified:	Oct 14 17:28:03 2009
MD5 Checksum:	bebd0289f4f762598d2632d79eea87b2

/// File Name:	joomlaajaxchat-rfi.txt
Description:	Joomla Ajax Chat component version 1.0 suffers from a remote file inclusion vulnerability.
Author:	kaMtiEz
Homepage:	http://www.indonesiancoder.com/
File Size:	2808
Last Modified:	Oct 19 20:18:07 2009
MD5 Checksum:	3d0e7fde3b12f34d1f0d90430dffc2e3

/// File Name:	webstar_ftp_user.rb.txt
Description:	This Metasploit module exploits a stack overflow in the logging routine of the WebSTAR FTP server. Reliable code execution is obtained by a series of hops through the System library.
Author:	Dino A Dai Zovi,H D Moore
Homepage:	http://www.metasploit.com
File Size:	2808
Related OSVDB(s):	7794
Related CVE(s):	CVE-2004-0695
Last Modified:	Oct 28 15:04:04 2009
MD5 Checksum:	01773c137607442fb4bdcd6af39f4e16

/// File Name:	opendocman-sqlxss.txt
Description:	OpenDocMan version 1.2.5 suffers from cross site scripting and a remote SQL injection vulnerability that allows for authentication bypass.
Author:	Amol Naik
Related Exploit:	opendocman-1.2rc3.txt
File Size:	2802
Last Modified:	Oct 20 23:34:13 2009
MD5 Checksum:	1244726c9da6f364e1b486bad736fd2e

/// File Name:	clamav_milter_blackhole.rb.txt
Description:	This Metasploit module exploits a flaw in the Clam AntiVirus suite 'clamav-milter' (Sendmail mail filter). Versions prior to 0.92.2 are vulnerable. When implemented with black hole mode enabled, it is possible to execute commands remotely due to an insecure popen call.
Author:	patrick
Homepage:	http://www.metasploit.com
File Size:	2771
Related OSVDB(s):	36909
Related CVE(s):	CVE-2007-4560
Last Modified:	Oct 28 19:40:46 2009
MD5 Checksum:	82c785f79a6f63dee51ba000a284f213

/// File Name:	geeklogjs-upload.txt
Description:	Geeklog versions 1.6.0sr2 and below suffer from a remote file upload vulnerability.
Author:	JaL0h
File Size:	2758
Last Modified:	Oct 5 19:15:26 2009
MD5 Checksum:	a87351e29090be9f00ab4dc067a997d6

/// File Name:	ONSEC-09-019.txt
Description:	Mura CMS versions 5.1 and below suffer from a cross site scripting vulnerability.
Author:	Vladimir Vorontsov
File Size:	2745
Last Modified:	Oct 29 19:10:24 2009
MD5 Checksum:	c704de36c333d5d41d1a7322de40af60