Section:  .. / 0910-exploits  /

Page 3 of 9
<< 1 2 3 4 5 6 7 8 9 >> Files 50 - 75 of 210
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: DSECRG-2009-017.txt
Description:
The VSFLEXGrid component of the SAP GUI is susceptible to a buffer overflow vulnerability.
Author:Elazar Broad,Sh2kerr
Homepage:http://www.dsec.ru/
File Size:4105
Last Modified:Oct 7 22:01:45 2009
MD5 Checksum:e099ceb6469ff2385a8770fa9e668cf2

 ///  File Name: dwebpro-exec.txt
Description:
DWebPro suffers from a remote command execution vulnerability.
Author:Rafael Sousa
File Size:551
Last Modified:Oct 17 15:59:47 2009
MD5 Checksum:21b5612fe9b4cb961c3be5a8f7709cb2

 ///  File Name: eclipsebirt-xss.txt
Description:
Eclipse BIRT versions 2.2.1 and below suffer from a cross site scripting vulnerability.
Author:euronymous
File Size:2050
Last Modified:Oct 15 14:49:02 2009
MD5 Checksum:81d8a19633ed901c8d14f8ccc2ffc970

 ///  File Name: empirecms47-sql.txt
Description:
EmpireCMS47 remote SQL injection exploit that snags the administrative password hash.
Author:Securitylab Security Research
Homepage:http://securitylab.ir/
File Size:1831
Last Modified:Oct 5 19:18:48 2009
MD5 Checksum:10a022ce126a500a67e1d563d7ff60dc

 ///  File Name: eurekamc-dos.txt
Description:
Eureka Mail Client version 2.2q suffers from a remote buffer overflow vulnerability. Proof of concept denial of service code included.
Author:Francis Provencher
File Size:3032
Last Modified:Oct 23 14:10:33 2009
MD5 Checksum:beb4542e9762edd2816a9576dae31553

 ///  File Name: EverFocus_Edsr_Exploit.tar.gz
Description:
The Everfocus EDSR firmware fails to correctly handle authentication and sessions. This remote exploit takes advantages of versions 1.4 and below and lets you view the live cameras of remote DVRs.
Author:Andrea Fabrizi
Homepage:http://www.andreafabrizi.it/
File Size:67659
Last Modified:Oct 14 21:02:54 2009
MD5 Checksum:0110c0963015b92c7829d39f94c7d024

 ///  File Name: ezrecipezee-rfi.txt
Description:
EZRecipeZee version 91 CMS suffers from a remote file inclusion vulnerability.
Author:kaMtiEz
Homepage:http://www.indonesiancoder.com/
File Size:3353
Last Modified:Oct 12 15:52:40 2009
MD5 Checksum:6c2948a170403895753faba51097ebac

 ///  File Name: ezsneezycal-rfi.txt
Description:
EZsneezyCal CMS version 95.1 through 95.2 remote file inclusion exploit.
Author:kaMtiEz
Homepage:http://www.indonesiancoder.com/
File Size:3425
Last Modified:Oct 12 15:53:46 2009
MD5 Checksum:9356774662575bc6e3651174d7c20c6e

 ///  File Name: facebook-redir.txt
Description:
Facebook has an open redirector. It may be by design and the debate goes on about the use of these, but it is there nonetheless.
Author:599eme Man
File Size:835
Last Modified:Oct 23 14:06:12 2009
MD5 Checksum:01758e24d271f794579e501ded632b44

 ///  File Name: femitter103-disclose.txt
Description:
Femitter HTTP Server version 1.03 suffers from a remote source disclosure vulnerability.
Author:Dr_IDE
File Size:583
Last Modified:Oct 12 17:19:13 2009
MD5 Checksum:58995d4bdfc75490df8c92fb56f7bf42

 ///  File Name: firefox_escape_retval.rb.txt
Description:
This Metasploit module exploits a memory corruption vulnerability in the Mozilla Firefox browser. This flaw occurs when a bug in the javascript interpreter fails to preserve the return value of the escape() function and results in uninitialized memory being used instead. This module has only been tested on Windows, but should work on other platforms as well with the current targets.
Author:H D Moore,Simon Berry-Byrne
File Size:5581
Related OSVDB(s):55846
Last Modified:Oct 27 16:35:44 2009
MD5 Checksum:6116e92fca1903ed3250f521944da945

 ///  File Name: firefox_queryinterface.rb.txt
Description:
This Metasploit module exploits a code execution vulnerability in the Mozilla Firefox browser. To reliably exploit this vulnerability, we need to fill almost a gigabyte of memory with our nop sled and payload. This module has been tested on OS X 10.3 with the stock Firefox 1.5.0 package.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:3107
Related OSVDB(s):22893
Related CVE(s):CVE-2006-0295
Last Modified:Oct 27 16:49:39 2009
MD5 Checksum:b158bc86d5bf60d7467ced07314943c5

 ///  File Name: freebsddevfs-racecondition.txt
Description:
FreeBSD version 7.2 VFS/devfs race condition local root exploit.
Author:Przemyslaw Frasunek
Related File:FreeBSD-SA-09-14.devfs.txt
File Size:5156
Last Modified:Oct 8 14:23:23 2009
MD5 Checksum:aff10f17f7a072f73efb05e1a9ea494c

 ///  File Name: freebsdpipe-racecondition.txt
Description:
FreeBSD version 6.4 pipeclose()/knlist_cleardel() race condition exploit that results in a NULL pointer dereference and runs code in kernel mode giving a root shell and escaping from jail.
Author:Przemyslaw Frasunek
Related File:FreeBSD-SA-09-13.pipe.txt
File Size:2978
Last Modified:Oct 8 14:13:41 2009
MD5 Checksum:0cdc6263e3e3de633c7e777c3fde8d8a

 ///  File Name: freeschool-xss.txt
Description:
FreeSchool version 1.1.0 suffers from a cross site scripting vulnerability.
Author:drunken danish rednecks
File Size:895
Last Modified:Oct 14 19:24:04 2009
MD5 Checksum:3bd8bca0f4ed407b8e81f6d20af382ec

 ///  File Name: fuser.rb.txt
Description:
This Metasploit module exploits the argument injection vulnerability in the telnet daemon (in.telnetd) of Solaris 10 and 11.
Author:MC
File Size:2368
Related OSVDB(s):31881
Related CVE(s):CVE-2007-0882
Last Modified:Oct 28 19:30:37 2009
MD5 Checksum:5c9d0310bed692855ab74a2227508cc0

 ///  File Name: geeklogjs-upload.txt
Description:
Geeklog versions 1.6.0sr2 and below suffer from a remote file upload vulnerability.
Author:JaL0h
File Size:2758
Last Modified:Oct 5 19:15:26 2009
MD5 Checksum:a87351e29090be9f00ab4dc067a997d6

 ///  File Name: getunique.c
Description:
Mozilla Firefox version 3.5.3 local download manager exploit that demonstrates a temporary file creation vulnerability.
Author:Jeremy Brown
Homepage:http://jbrownsec.blogspot.com/
File Size:9684
Last Modified:Oct 28 16:15:00 2009
MD5 Checksum:ff0a70ec71952b02c7ea238923d542dc

 ///  File Name: gld_postfix.rb.txt
Description:
This Metasploit module exploits a stack overflow in the Salim Gasmi GLD versions 1.4 and below greylisting daemon for Postfix. By sending an overly long string the stack can be overwritten.
Author:patrick
File Size:1556
Related OSVDB(s):15492
Related CVE(s):CVE-2005-1099
Last Modified:Oct 27 16:09:02 2009
MD5 Checksum:5ac7cd236c99292df4a30f70d1f4ce83

 ///  File Name: gnupa-dos.txt
Description:
GPG4Win GNU Privacy Assistant proof of concept crash exploit.
Author:Dr_IDE
File Size:618
Last Modified:Oct 23 13:45:12 2009
MD5 Checksum:c0040a6bd64597ff98fb48ee354d95e5

 ///  File Name: google_proxystylesheet_exec.rb.txt
Description:
This Metasploit module exploits a feature in the Saxon XSLT parser used by the Google Search Appliance. This feature allows for arbitrary java methods to be called. Google released a patch and advisory to their client base in August of 2005 (GA-2005-08-m). The target appliance must be able to connect back to your machine for this exploit to work.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:4327
Related OSVDB(s):20981
Related CVE(s):CVE-2005-3757
Last Modified:Oct 30 14:08:54 2009
MD5 Checksum:8e61751b74839e299e2e895dbfd1c59f

 ///  File Name: gpg2kleo-dos.txt
Description:
GPG2/Kleopatra version 2.0.11 malformed certificate proof of concept crash exploit.
Author:Dr_IDE
File Size:731
Last Modified:Oct 21 12:33:21 2009
MD5 Checksum:883d80e50dd25567e2d109ea840a1b36

 ///  File Name: gpsd_format_string.rb.txt
Description:
This Metasploit module exploits a format string vulnerability in the Berlios GPSD server. This vulnerability was discovered by Kevin Finisterre.
Author:Yann Senotier
File Size:3470
Related OSVDB(s):13199
Related CVE(s):CVE-2004-1388
Last Modified:Oct 27 13:34:08 2009
MD5 Checksum:1ec91941f1bc13abceae6f652fc8b8e7

 ///  File Name: guardian-breakout.txt
Description:
A restricted shell break out is possible in Overland Guardian OS that allows a user to achieve uid 0 privilege escalation.
Author:trompele
File Size:393
Last Modified:Oct 20 23:07:59 2009
MD5 Checksum:0f47894a559476349893f9021d14b716

 ///  File Name: guestbook_ssi_exec.rb.txt
Description:
The Matt Wright guestbook.pl versions 2.3.1 and below CGI script contains a flaw that may allow arbitrary command execution. The vulnerability requires that HTML posting is enabled in the guestbook.pl script, and that the web server must have the Server-Side Include (SSI) script handler enabled for the '.html' file type. By combining the script weakness with non-default server configuration, it is possible to exploit this vulnerability successfully.
Author:patrick
Homepage:http://www.metasploit.com
File Size:2532
Related OSVDB(s):84
Related CVE(s):CVE-1999-1053
Last Modified:Oct 30 14:12:30 2009
MD5 Checksum:268d892de6ce7926d9ad13cc61ac426e