Section:  .. / 0911-exploits  /

Page 8 of 18
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 >> Files 175 - 200 of 449
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: kmeleon-overrun.txt
Description:
K-Meleon version 1.5.3 suffers from a remote array overrun vulnerability that allows for arbitrary code execution.
Author:Maksymilian Arciemowicz
Homepage:http://securityreason.com/
File Size:7205
Related CVE(s):CVE-2009-0689
Last Modified:Nov 19 23:18:25 2009
MD5 Checksum:77a8692a8d922a730d4eb910224dfb1a

 ///  File Name: krweb-rfi.txt
Description:
KR-Web versions 1.1b2 and below suffer from a remote file inclusion vulnerability.
Author:cr4wl3r
File Size:1117
Last Modified:Nov 23 18:31:40 2009
MD5 Checksum:35c6fa19f7b9a4634f39d8aca5a8d5c4

 ///  File Name: landesk_aolnsrvr.rb.txt
Description:
This Metasploit module exploits a stack overflow in LANDesk Management Suite 8.7. By sending an overly long string to the Alert Service, a buffer is overwritten and arbitrary code can be executed.
Author:MC
Homepage:http://www.metasploit.com
File Size:3570
Related OSVDB(s):34964
Related CVE(s):CVE-2007-1674
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:979bebbf9ed55c7056aa872337593709

 ///  File Name: leapftp_pasv_reply.rb.txt
Description:
This Metasploit module exploits a buffer overflow in the LeapWare LeapFTP v2.7.3.600 client that is triggered through an excessively long PASV reply command. This Metasploit module was ported from the original exploit by drG4njubas with minor improvements.
Author:Patrick Webster
Homepage:http://www.metasploit.com
File Size:3413
Related OSVDB(s):4587
Related CVE(s):CVE-2003-0558
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:495b1f160949d056f8a3de5e69dff903

 ///  File Name: lgserver.rb.txt
Description:
This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup for Laptops & Desktops 11.1. By sending a specially crafted request, an attacker could overflow the buffer and execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:1814
Related OSVDB(s):31593
Related CVE(s):CVE-2007-0449
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:df8461e892a3befd9ff6d9588ef5347d

 ///  File Name: lgserver_rxrlogin.rb.txt
Description:
This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup for Laptops & Desktops 11.1. By sending a specially crafted request, an attacker could overflow the buffer and execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2351
Related OSVDB(s):41353
Related CVE(s):CVE-2007-5003
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:47e858e7068b1e322bed8fa831f9ba6c

 ///  File Name: lgserver_rxsuselicenseini.rb.txt
Description:
This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup for Laptops & Desktops 11.1. By sending a specially crafted request (rxsUseLicenseIni), an attacker could overflow the buffer and execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2287
Related OSVDB(s):35329
Related CVE(s):CVE-2007-3216
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:1e2622b896ed2dbf40613822c81ab714

 ///  File Name: license_gcr.rb.txt
Description:
This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup 11.0. By sending a specially crafted request to the lic98rmtd.exe service, an attacker could overflow the buffer and execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2051
Related OSVDB(s):14389
Related CVE(s):CVE-2005-0581
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:bd4485391cbe393dd3a1c8d05c29a8a4

 ///  File Name: linux-pipe.txt
Description:
Proof of concept local privilege escalation exploit for the Linux kernel pipe.c vulnerability.
Author:Matthew Bergin
File Size:855
Last Modified:Nov 5 20:49:08 2009
MD5 Checksum:f48631c160fe9a3418e50bba8e33e470

 ///  File Name: logitechvideocall_start.rb.txt
Description:
This Metasploit module exploits a stack overflow in the Logitech VideoCall ActiveX Control (wcamxmp.dll 2.0.3470.448). By sending a overly long string to the "Start()" method, an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2419
Related OSVDB(s):36820
Related CVE(s):CVE-2007-2918
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:1b2d8872da65415d679a3fcc4c9732d8

 ///  File Name: lpviewer_url.rb.txt
Description:
This Metasploit module exploits a stack overflow in LPViewer ActiveX control (LPControll.dll 3.2.0.2). When sending an overly long string to the URL() property an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:3485
Related OSVDB(s):48946
Related CVE(s):CVE-2008-4384
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:efcffbe4b20269596e2d4ce175089440

 ///  File Name: lyften-sql.txt
Description:
The Joomla Lyftenbloggie component version 1.0.4 suffers from a remote SQL injection vulnerability.
Author:kaMtiEz
Homepage:http://www.indonesiancoder.com/
File Size:2610
Last Modified:Nov 27 16:19:37 2009
MD5 Checksum:cb9da27b63591515c16b9f892ee1dd0a

 ///  File Name: lyris_listmanager_weak_pass.rb.txt
Description:
This Metasploit module exploits a weak password vulnerability in the Lyris ListManager MSDE install. During installation, the 'sa' account password is set to 'lminstall'. Once the install completes, it is set to 'lyris' followed by the process ID of the installer. This Metasploit module brute forces all possible process IDs that would be used by the installer.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:2155
Related OSVDB(s):21559
Related CVE(s):CVE-2005-4145
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:864f7fbdc2116d42407934a82f15897c

 ///  File Name: macrovision_downloadandexecute.rb.t..>
Description:
This Metasploit module exploits a stack overflow in Macrovision InstallShield Update Service(Isusweb.dll 6.0.100.54472). By passing an overly long ProductCode string to the DownloadAndExecute method, an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2906
Related OSVDB(s):38347
Related CVE(s):CVE-2007-5660
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:034b4cbcee2c4e79533c437059536541

 ///  File Name: macrovision_unsafe.rb.txt
Description:
This Metasploit module allows attackers to execute code via an unsafe methods in Macrovision InstallShield 2008.
Author:MC
Homepage:http://www.metasploit.com
File Size:2386
Related OSVDB(s):38347
Related CVE(s):CVE-2007-5660
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:8445f61fc25f5e18432b2a7a7a3d3c91

 ///  File Name: mailcarrier_smtp_ehlo.rb.txt
Description:
This Metasploit module exploits the MailCarrier v2.51 suite SMTP service. The stack is overwritten when sending an overly long EHLO command.
Author:Patrick Webster
Homepage:http://www.metasploit.com
File Size:2186
Related OSVDB(s):11174
Related CVE(s):CVE-2004-1638
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:c8bb30a738c45bb59743f2aa28d035a8

 ///  File Name: mailenable_auth_header.rb.txt
Description:
This Metasploit module exploits a remote buffer overflow in the MailEnable web service. The vulnerability is triggered when a large value is placed into the Authorization header of the web request. MailEnable Enterprise Edition versions prior to 1.0.5 and MailEnable Professional versions prior to 1.55 are affected.
Author:David Maciejak
Homepage:http://www.metasploit.com
File Size:1871
Related OSVDB(s):15913,15737
Related CVE(s):CVE-2005-1348
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:5f28e22f23a19b0de5470c0882d24451

 ///  File Name: mailenable_login.rb.txt
Description:
MailEnable's IMAP server contains a buffer overflow vulnerability in the Login command.
Author:MC
Homepage:http://www.metasploit.com
File Size:1914
Related OSVDB(s):32125
Related CVE(s):CVE-2006-6423
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:06e22a16b5a95a62bf3121e135f76630

 ///  File Name: mailenable_status.rb.txt
Description:
MailEnable's IMAP server contains a buffer overflow vulnerability in the STATUS command. With proper credentials, this could allow for the execution of arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:1980
Related OSVDB(s):17844
Related CVE(s):CVE-2005-2278
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:71f5fcc54613b0417a35b32296e4b05f

 ///  File Name: mailenable_w3c_select.rb.txt
Description:
This Metasploit module exploits a buffer overflow in the W3C logging functionality of the MailEnable IMAPD service. Logging is not enabled by default and this exploit requires a valid username and password to exploit the flaw. MailEnable Professional version 1.6 and prior and MailEnable Enterprise version 1.1 and prior are affected.
Author:MC
Homepage:http://www.metasploit.com
File Size:1994
Related OSVDB(s):19842
Related CVE(s):CVE-2005-3155
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:872352f8eaf8761886ca628f3e9ad956

 ///  File Name: maxdb_webdbm_database.rb.txt
Description:
This Metasploit module exploits a stack overflow in the MaxDB WebDBM service. By sending a specially-crafted HTTP request that contains an overly long database name. A remote attacker could overflow a buffer and execute arbitrary code on the system with privileges of the wahttp process. This Metasploit module has been tested against MaxDB 7.6.00.16 and MaxDB 7.6.00.27.
Author:MC
Homepage:http://www.metasploit.com
File Size:2472
Related OSVDB(s):28300
Related CVE(s):CVE-2006-4305
Last Modified:Oct 30 17:01:57 2009
MD5 Checksum:8e06deb4c7b5790bea7c107e694e65bb

 ///  File Name: maxdb_webdbm_get_overflow.rb.txt
Description:
This Metasploit module exploits a stack overflow in the MaxDB WebDBM service. This service is included with many recent versions of the MaxDB and SAPDB products. This particular module is capable of exploiting Windows systems through the use of an SEH frame overwrite. The offset to the SEH frame may change depending on where MaxDB has been installed, this module assumes a web root path with the same length as: C:\\Program Files\\sdb\\programs\\web\\Documents
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:2668
Related OSVDB(s):15816
Related CVE(s):CVE-2005-0684
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:e3ef8665099910df82532e192c7e0725

 ///  File Name: mcafee_epolicy_source.rb.txt
Description:
This is an exploit for the McAfee HTTP Server (NAISERV.exe). McAfee ePolicy Orchestrator 2.5.1 <= 3.5.0 and ProtectionPilot 1.1.0 are known to be vulnerable. By sending a large 'Source' header, the stack can be overwritten. This Metasploit module is based on the exploit by xbxice and muts. Due to size constraints, this module uses the Egghunter technique. You may wish to adjust WfsDelay appropriately.
Author:H D Moore,muts,patrick,xbxice
Homepage:http://www.metasploit.com
File Size:3123
Related OSVDB(s):29421
Related CVE(s):CVE-2006-5156
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:20f6347fee8fd448c8404aaf76680f61

 ///  File Name: mcafee_hercules_deletesnapshot.rb.t..>
Description:
This Metasploit module exploits a stack overflow in McAfee Remediation Agent 4.5.0.41. When sending an overly long string to the DeleteSnapshot() method of enginecom.dll (3.7.0.9) an attacker may be able to execute arbitrary code. This control is not marked safe for scripting, so choose your attack vector accordingly.
Author:MC
Homepage:http://www.metasploit.com
File Size:4561
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:30b6004a5deb721219522362363fdb24

 ///  File Name: mcafee_mcsubmgr_vsprintf.rb.txt
Description:
This Metasploit module exploits a flaw in the McAfee Subscription Manager ActiveX control. Due to an unsafe use of vsprintf, it is possible to trigger a stack overflow by passing a large string to one of the COM-exposed routines, such as IsAppExpired. This vulnerability was discovered by Karl Lynn of eEye.
Author:skape
Homepage:http://www.metasploit.com
File Size:3216
Related OSVDB(s):27698
Related CVE(s):CVE-2006-3961
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:a12decca05d657650a2cc4c18d2aa4e2