Section:  .. / 0910-exploits  /

Page 8 of 9
<< 1 2 3 4 5 6 7 8 9 >> Files 175 - 200 of 210
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: spamassassin_exec.rb.txt
Description:
This Metasploit module exploits a flaw in the SpamAssassin spamd service by specifying a malicious vpopmail User header, when running with vpopmail and paranoid modes enabled (non-default). Versions prior to 3.1.3 are vulnerable.
Author:patrick
Homepage:http://www.metasploit.com
File Size:1878
Related OSVDB(s):26177
Related CVE(s):CVE-2006-2447
Last Modified:Oct 28 19:38:45 2009
MD5 Checksum:bf09f798b36904890a7967b9288a6b07

 ///  File Name: sphpblog_file_upload.rb.txt
Description:
This Metasploit module combines three separate issues within The Simple PHP Blog (versions 0.4.0 and below) application to upload arbitrary data and thus execute a shell. The first vulnerability exposes the hash file (password.txt) to unauthenticated users. The second vulnerability lies within the image upload system provided to logged-in users; there is no image validation function in the blogger to prevent an authenticated user from uploading any file type. The third vulnerability occurs within the blog comment functionality, allowing arbitrary files to be deleted.
Author:Matteo Cantoni
File Size:6197
Related OSVDB(s):19012
Related CVE(s):CVE-2005-2733
Last Modified:Oct 30 14:53:25 2009
MD5 Checksum:06420dea2b1236798228c7e9d86f4beb

 ///  File Name: spider-crash.txt
Description:
Spider Solitaire local crash proof of concept exploit for Windows XP SP2.
Author:SirGod
File Size:644
Last Modified:Oct 15 16:18:52 2009
MD5 Checksum:cd0e6c2fb6d427fee9e324cda7c58cdb

 ///  File Name: squid_ntlm_authenticate.rb.txt
Description:
This is an exploit for Squid's NTLM authenticate overflow (libntlmssp.c). Due to improper bounds checking in ntlm_check_auth, it is possible to overflow the 'pass' variable on the stack with user controlled data of a user defined length.
Author:skape
File Size:4150
Related OSVDB(s):6791
Related CVE(s):CVE-2004-0541
Last Modified:Oct 27 16:24:50 2009
MD5 Checksum:1e35db4061c87b08d4b474ab69753bdd

 ///  File Name: squirrelmail_pgp_plugin.rb.txt
Description:
This Metasploit module exploits a command execution vulnerability in the PGP plugin of SquirrelMail.
Author:Nicob
File Size:4117
Related OSVDB(s):3178
Related CVE(s):CVE-2003-0990
Last Modified:Oct 30 14:55:07 2009
MD5 Checksum:f40d9630123bae27245952521986482e

 ///  File Name: svnserve_date.rb.txt
Description:
This is a Metasploit exploit for the Subversion date parsing overflow. This exploit is for the svnserve daemon (svn:// protocol) and will not work for Subversion over webdav (http[s]://). This exploit should never crash the daemon, and should be safe to do multi-hits.
Author:spoonm
File Size:3508
Related OSVDB(s):6301
Related CVE(s):CVE-2004-0397
Last Modified:Oct 27 20:42:17 2009
MD5 Checksum:0010e127a5fce0a8edf07f3d560aa14f

 ///  File Name: tagprinter_exec.rb.txt
Description:
This Metasploit module exploits an arbitrary command execution flaw in the in.lpd service shipped with all versions of Irix.
Author:H D Moore
File Size:1802
Related OSVDB(s):8573
Related CVE(s):CVE-2001-0800
Last Modified:Oct 27 12:00:56 2009
MD5 Checksum:aaac787725921154a9d2ef24eafe6599

 ///  File Name: tbmnetcms-xss.txt
Description:
TBmnetCMS version 1.0 suffers from a cross site scripting vulnerability.
Author:drunken danish rednecks
File Size:862
Last Modified:Oct 19 19:01:22 2009
MD5 Checksum:5446ec7ec2f2978c1b97219124073e6d

 ///  File Name: tftgallery-xss.txt
Description:
TFTgallery version 0.13 is susceptible to a cross site scripting vulnerability.
Author:Blake
File Size:162
Last Modified:Oct 26 16:25:29 2009
MD5 Checksum:90b84bca7d77ab774194b253aa45f9a6

 ///  File Name: tikiwiki_graph_formula_exec.rb.txt
Description:
TikiWiki versions 1.9.8 and below contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'tiki-graph_formula.php' script not properly sanitizing user input supplied to the f variable, which may allow a remote attacker to execute arbitrary PHP commands resulting in a loss of integrity.
Author:Matteo Cantoni
File Size:4921
Related OSVDB(s):40478
Related CVE(s):CVE-2007-5423
Last Modified:Oct 30 14:57:02 2009
MD5 Checksum:9bb463f184aa6ec072b62cc3720e38e1

 ///  File Name: tikiwiki_jhot_exec.rb.txt
Description:
TikiWiki contains a flaw that may allow a malicious user to execute arbitrary PHP code. The issue is triggered due to the jhot.php script not correctly verifying uploaded files. It is possible that the flaw may allow arbitrary PHP code execution by uploading a malicious PHP script resulting in a loss of integrity. The vulnerability has been reported in Tikiwiki version 1.9.4.
Author:Matteo Cantoni
File Size:7407
Related OSVDB(s):28456
Related CVE(s):CVE-2006-4602
Last Modified:Oct 30 14:58:37 2009
MD5 Checksum:bfe0080ed3f0b35548031d6376c39223

 ///  File Name: trans2open.rc.txt
Description:
This Metasploit module exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8. This particular module is capable of exploiting the bug on Mac OS X PowerPC systems.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:2660
Related OSVDB(s):4469
Related CVE(s):CVE-2003-0201
Last Modified:Oct 28 16:03:53 2009
MD5 Checksum:106a9258f6f5ff6fa77fc7c7c272ea31

 ///  File Name: ttyprompt.rb.txt
Description:
This Metasploit module uses a buffer overflow in the Solaris 'login' application to bypass authentication in the telnet daemon.
Author:MC,cazz
File Size:2167
Related OSVDB(s):690
Related CVE(s):CVE-2001-0797
Last Modified:Oct 28 19:32:02 2009
MD5 Checksum:f5056b503daf505f4150aa873c19a321

 ///  File Name: twonkymedia-xss.txt
Description:
TwonkyMedia Server versions 4.4.17 and below and 5.0.65 and below suffer from multiple cross site scripting vulnerabilities.
Author:Davide Canali
File Size:4788
Last Modified:Oct 23 13:20:43 2009
MD5 Checksum:784142affb4a1ea0c01fb26aa68c7d4e

 ///  File Name: type77.rb.txt
Description:
This Metasploit module exploits a stack overflow in the Arkeia backup client for the Mac OS X platform. This vulnerability affects all versions up to and including 5.3.3 and has been tested with Arkeia 5.3.1 on Mac OS X 10.3.5.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:2928
Related OSVDB(s):14011
Related CVE(s):CVE-2005-0491
Last Modified:Oct 28 14:55:21 2009
MD5 Checksum:9aca80e8f1b4ff06430e71ac93ba6595

 ///  File Name: U3D-overrun.py.txt
Description:
This is a detailed analysis regarding the U3D CLODProgressiveMeshDeclaration initialization array overrun that affects Adobe Acrobat Reader versions 7.x, 8.x, and 9.x. Exploit included.
Author:Felipe Andres Manzano
File Size:22734
Related CVE(s):CVE-2009-2994
Last Modified:Oct 27 10:51:18 2009
MD5 Checksum:5f19c6d7ff938e0ce48d2133fe048576

 ///  File Name: upnp_location.rb.txt
Description:
This Metasploit module exploits the Mac OS X mDNSResponder UPnP location overflow.
Homepage:http://www.metasploit.com
File Size:5371
Last Modified:Oct 28 15:58:46 2009
MD5 Checksum:00933391fec89081e5a6100903e69651

 ///  File Name: ut2004_secure.rb.txt
Description:
This is an exploit for the GameSpy secure query in the Unreal Engine. This exploit only requires one UDP packet, which can be both spoofed and sent to a broadcast address. Usually, the GameSpy query server listens on port 7787, but you can manually specify the port as well. The RunServer.sh script will automatically restart the server upon a crash, giving us the ability to bruteforce the service and exploit it multiple times.
Author:onetwo
File Size:2929
Related OSVDB(s):7217
Related CVE(s):CVE-2004-0608
Last Modified:Oct 27 12:03:08 2009
MD5 Checksum:1fe6cf0edfe8f646bf3e727a7cb23670

 ///  File Name: veritas_netbackup_cmdexec.rb.txt
Description:
This Metasploit module allows arbitrary command execution on an ephemeral port opened by Veritas NetBackup, whilst an administrator is authenticated. The port is opened and allows direct console access as root or SYSTEM from any source address.
Author:patrick
Homepage:http://www.metasploit.com
File Size:2110
Related OSVDB(s):11026
Related CVE(s):CVE-2004-1389
Last Modified:Oct 27 17:28:39 2009
MD5 Checksum:8427f7207c40d2c8437b522340d70c3a

 ///  File Name: vmware-fission.c
Description:
VMware Fusion versions 2.0.5 and below vmx86 kext local kernel root exploit.
Author:mu-b
Homepage:http://www.digit-labs.org/
Related File:VMSA-2009-0013.txt
File Size:4450
Related CVE(s):CVE-2009-3281
Last Modified:Oct 2 13:14:01 2009
MD5 Checksum:75dafadc5e750f285ab923e290910006

 ///  File Name: vmware-pop.c
Description:
VMware Fusion versions 2.0.5 and below vmx86 kext local denial of service proof of concept exploit.
Author:mu-b
Homepage:http://www.digit-labs.org/
Related File:VMSA-2009-0013.txt
File Size:1689
Related CVE(s):CVE-2009-3282
Last Modified:Oct 2 13:13:39 2009
MD5 Checksum:288f13bdb114b3d32560a1506e266d07

 ///  File Name: vmware86.tar.gz
Description:
VMWare Workstation Virtual 8086 Linux Local ring0 exploit.
Author:Julien Tinnes,Tavis Ormandy
File Size:2320
Related CVE(s):CVE-2009-2267
Last Modified:Oct 27 17:56:54 2009
MD5 Checksum:f0fbf0b88d488847d728b1c5ed6154de

 ///  File Name: waraxe-2009-SA075.txt
Description:
Vivvo CMS version 4.1.5.1 suffers from a remote file disclosure vulnerability.
Author:Janek Vind aka waraxe
Homepage:http://www.waraxe.us/
File Size:4122
Last Modified:Oct 22 11:37:00 2009
MD5 Checksum:360b4a9d73951843936418fba3ef120b

 ///  File Name: webstar_ftp_user.rb.txt
Description:
This Metasploit module exploits a stack overflow in the logging routine of the WebSTAR FTP server. Reliable code execution is obtained by a series of hops through the System library.
Author:Dino A Dai Zovi,H D Moore
Homepage:http://www.metasploit.com
File Size:2808
Related OSVDB(s):7794
Related CVE(s):CVE-2004-0695
Last Modified:Oct 28 15:04:04 2009
MD5 Checksum:01773c137607442fb4bdcd6af39f4e16

 ///  File Name: wmacon-overflow.txt
Description:
Free WMA MP3 Converter version 1.1 local buffer overflow exploit that creates a malicious .wav file and executes a reverse shell.
Author:KriPpLer
Homepage:http://www.x-sploited.com/
File Size:3224
Last Modified:Oct 7 22:11:35 2009
MD5 Checksum:398f50ac5a94babc7421a669566879d0