Section: .. / 0910-exploits /

Page 2 of 9
<< 1 2 3 4 5 6 7 8 9 >> Files 25 - 50 of 210

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	boxalino-traversal.txt
Description:	Boxalino suffers from a directory traversal vulnerability.
Author:	Axel Neumann
Homepage:	http://www.csnc.ch/
File Size:	2613
Related CVE(s):	CVE-2009-1479
Last Modified:	Oct 20 23:12:34 2009
MD5 Checksum:	366da064432d058a1a415fb3f17ba27e

/// File Name:	bpseh-overflow.txt
Description:	BulletProof FTP Client version 2.63 build 56 buffer overflow exploit that creates a malicious .bps file.
Author:	Rafael Sousa
File Size:	1804
Last Modified:	Oct 7 21:47:26 2009
MD5 Checksum:	cde084c1bf168d8a0d724f67e3a7eb23

/// File Name:	cacti_graphimage_exec.rb.txt
Description:	This Metasploit module exploits an arbitrary command execution vulnerability in the Raxnet Cacti 'graph_view.php' script. All versions of Raxnet Cacti prior to 0.8.6-d are vulnerable.
Author:	David Maciejak
File Size:	2572
Related OSVDB(s):	17539
Last Modified:	Oct 30 14:03:33 2009
MD5 Checksum:	a01ab56d13daa20513d8cad08ab4cadf

/// File Name:	cerberus306-dos.txt
Description:	Cerberus FTP version 3.0.6 suffers from a remote denial of service vulnerability.
Author:	Francis Provencher
File Size:	3448
Last Modified:	Oct 1 21:33:24 2009
MD5 Checksum:	946fcfd03ceaec0392b0eba5e2527e70

/// File Name:	cgihelper-XSS.txt
Description:	CGI Helper version 1.00 suffers from a cross site scripting vulnerability.
Author:	Paulo Santos
File Size:	826
Last Modified:	Oct 5 19:38:35 2009
MD5 Checksum:	ebc454ebbbb5cf23828240e0b75723e1

/// File Name:	cherokee-traversal.txt
Description:	Cherokee versions 0.5.4 and below suffer from a directory traversal vulnerability.
Author:	Dr_IDE
File Size:	940
Last Modified:	Oct 28 18:07:43 2009
MD5 Checksum:	403962f079e8d92ce379c49951d70cda

/// File Name:	cherokee054-dos.txt
Description:	Cherokee web server version 0.5.4 remote denial of service exploit.
Author:	Usman Saeed
Homepage:	http://www.xc0re.net/
File Size:	3155
Last Modified:	Oct 26 17:22:37 2009
MD5 Checksum:	e1b14a3bd33860cb9c3158059084d5c0

/// File Name:	clamav_milter_blackhole.rb.txt
Description:	This Metasploit module exploits a flaw in the Clam AntiVirus suite 'clamav-milter' (Sendmail mail filter). Versions prior to 0.92.2 are vulnerable. When implemented with black hole mode enabled, it is possible to execute commands remotely due to an insecure popen call.
Author:	patrick
Homepage:	http://www.metasploit.com
File Size:	2771
Related OSVDB(s):	36909
Related CVE(s):	CVE-2007-4560
Last Modified:	Oct 28 19:40:46 2009
MD5 Checksum:	82c785f79a6f63dee51ba000a284f213

/// File Name:	cleanup_exec.rb.txt
Description:	This exploit abuses an unpublished vulnerability in the HP-UX LPD service. This flaw allows an unauthenticated attacker to execute arbitrary commands with the privileges of the root user. The LPD service is only exploitable when the address of the attacking system can be resolved by the target. This vulnerability was silently patched with the buffer overflow flaws addressed in HP Security Bulletin HPSBUX0208-213.
Author:	H D Moore
File Size:	2641
Related OSVDB(s):	9638
Related CVE(s):	CVE-2002-1472
Last Modified:	Oct 27 11:56:03 2009
MD5 Checksum:	b31be42182fecda91b552ea1d4d7343d

/// File Name:	communitytranslate-rfi.txt
Description:	Community Translate suffers from a remote file inclusion vulnerability.
Author:	NoGe
File Size:	472
Last Modified:	Oct 12 17:25:01 2009
MD5 Checksum:	04a576e2167e9a0bd8ff2503d9f43517

/// File Name:	contentkeeperweb_mimencode.rb.txt
Description:	This Metasploit module exploits the ContentKeeper Web Appliance. Versions prior to 125.10 are affected. This module exploits a combination of weaknesses to enable remote command execution as the Apache user. Following exploitation it is possible to abuse an insecure PATH call to 'ps' etc in setuid 'benetool' to escalate to root.
Author:	patrick
Homepage:	http://www.metasploit.com
File Size:	2578
Related OSVDB(s):	54551,54552
Last Modified:	Oct 28 19:35:16 2009
MD5 Checksum:	d9d583b51da3ea97779cd2b73646e602

/// File Name:	CORE-2009-0812.txt
Description:	Core Security Technologies Advisory - Multiple cross-site scripting vulnerabilities (both stored and reflected) have been found in the web interface of Hyperic HQ, which can be exploited by an attacker to execute arbitrary JavaScript code in the context of the browser of a legitimate logged in user.
Homepage:	http://www.coresecurity.com/corelabs/
File Size:	11531
Related CVE(s):	CVE-2009-2897, CVE-2009-2898
Last Modified:	Oct 5 19:13:18 2009
MD5 Checksum:	c84787eba30a9d9b9513c1d252ec6232

/// File Name:	cubecart4-bypass.txt
Description:	CubeCart 4 suffers from a really nasty session management bypass vulnerability.
Author:	Bogdan Calin
Homepage:	http://www.acunetix.com/
File Size:	9130
Last Modified:	Oct 30 15:37:01 2009
MD5 Checksum:	7581bc6c05ca76a7306651bb56bb45f3

/// File Name:	CVE-2009-1979.zip
Description:	Proof of concept exploit for Oracle Database versions 10.1.0.5 and 10.2.0.4 that relates to an improper AUTH_SESSKEY parameter length validation.
Author:	Dennis Yurichev
File Size:	36296
Related CVE(s):	CVE-2009-1979
Last Modified:	Oct 30 15:38:16 2009
MD5 Checksum:	660b662ab4b883cfab9655f94f942ca7

/// File Name:	dazzleblast-rfi.txt
Description:	Dazzle Blast suffers from a remote file inclusion vulnerability.
Author:	NoGe
File Size:	465
Last Modified:	Oct 12 17:23:34 2009
MD5 Checksum:	233f8b8d9b59e7e83ec1c17658496aa3

/// File Name:	ddwrt_cgibin_exec.rb.txt
Description:	This Metasploit module abuses a metacharacter injection vulnerability in the HTTP management server of wireless gateways running DD-WRT. This flaw allows an unauthenticated attacker to execute arbitrary commands as the root user account.
Author:	H D Moore,gat3way
File Size:	1870
Related OSVDB(s):	55990
Related CVE(s):	CVE-2009-2765
Last Modified:	Oct 27 13:30:59 2009
MD5 Checksum:	88878a65f95d5419e26c672e623f4f47

/// File Name:	dedecms-sql.txt
Description:	DedeCMS version 5.1 suffers from a remote SQL injection vulnerability.
Author:	Securitylab Security Research
Homepage:	http://securitylab.ir/
File Size:	1454
Last Modified:	Oct 14 17:14:24 2009
MD5 Checksum:	4cb5bd86108db76f5de0d811b839b5b8

/// File Name:	describe.rb.txt
Description:	This Metasploit module exploits a buffer overflow in RealServer 7/8/9 and was based on Johnny Cyberpunk's THCrealbad exploit. This code should reliably exploit Linux, BSD, and Windows-based servers.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	2116
Related OSVDB(s):	4468
Last Modified:	Oct 27 18:18:44 2009
MD5 Checksum:	6094aa9a91491f3755f7e3cd2e7c367a

/// File Name:	distcc_exec.rb.txt
Description:	This Metasploit module uses a documented security weakness to execute arbitrary commands on any system running distccd.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	2643
Related OSVDB(s):	13378
Related CVE(s):	CVE-2004-2687
Last Modified:	Oct 28 19:37:04 2009
MD5 Checksum:	07af102ab61b4945263c0c9f76b12255

/// File Name:	ditcms-xss.txt
Description:	Dit.CMS version 1.3 suffers from a cross site scripting vulnerability.
Author:	drunken danish rednecks
File Size:	670
Last Modified:	Oct 14 19:28:59 2009
MD5 Checksum:	8529db82d24d553fb58a3f787f097690

/// File Name:	docebo3603-sql.txt
Description:	Docebo version 3.6.0.3 suffers multiple remote SQL injection vulnerabilities.
Author:	Andrea Fabrizi
Homepage:	http://www.andreafabrizi.it/
Related File:	docebo-sql.txt
File Size:	1595
Last Modified:	Oct 12 15:49:03 2009
MD5 Checksum:	d3cbfd1f1ae0e7166b1f31fdb543af2d

/// File Name:	dogfood_spell_exec.rb.txt
Description:	This Metasploit module exploits a previously unpublished vulnerability in the Dogfood CRM mail function which is vulnerable to command injection in the spell check feature. Because of character restrictions, this exploit works best with the double-reverse telnet payload. This vulnerability was discovered by LSO and affects version 2.0.10.
Author:	LSO
File Size:	2444
Related OSVDB(s):	54707
Last Modified:	Oct 30 14:06:37 2009
MD5 Checksum:	681a3fad02a7853735d87a2231ee793c

/// File Name:	dopewars-dos.txt
Description:	Dopewars version 1.5.12 is susceptible to a remote denial of service vulnerability.
Author:	dougtko
File Size:	317
Last Modified:	Oct 6 19:44:14 2009
MD5 Checksum:	ebc60cc56ed981cccfdbd1f6c9d76b12

/// File Name:	dreampoll-sqlxss.txt
Description:	DreamPoll version 3.1 suffers from remote SQL injection and cross site scripting vulnerabilities.
Author:	mark from infosecstuff
Homepage:	http://www.infosecstuff.com/
File Size:	1245
Last Modified:	Oct 8 14:04:09 2009
MD5 Checksum:	6c22961fa1b861070a4b5cbd60047b9a

/// File Name:	DSECRG-09-048.txt
Description:	Multiple security vulnerabilities have been identified with certain HP LaserJet printers, HP Color LaserJet printers and HP Digital Senders. The vulnerabilities could be exploited remotely by Cross Site Scripting (XSS).
Author:	Sh2kerr
Homepage:	http://www.dsec.ru/
File Size:	3692
Related CVE(s):	CVE-2009-2684
Last Modified:	Oct 7 21:58:53 2009
MD5 Checksum:	99df8a78da2c54d7d9ee8799401c476b