Section: .. / 0910-exploits /

Page 4 of 9
<< 1 2 3 4 5 6 7 8 9 >> Files 75 - 100 of 210

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	ib_pwd_db_aliased.rb.txt
Description:	This Metasploit module exploits a stack overflow in Borland InterBase by sending a specially crafted attach request.
Author:	Adriano Lima
Homepage:	http://www.risesecurity.org/
File Size:	2101
Related OSVDB(s):	38607
Related CVE(s):	CVE-2007-5243
Last Modified:	Oct 27 16:17:04 2009
MD5 Checksum:	20990f30e3c1bca0c41eb265d3de6ca7

/// File Name:	ib_open_marker_file.rb.txt
Description:	This Metasploit module exploits a stack overflow in Borland InterBase by sending a specially crafted attach request.
Author:	Adriano Lima
Homepage:	http://www.risesecurity.org/
File Size:	2133
Related OSVDB(s):	38610
Related CVE(s):	CVE-2007-5244
Last Modified:	Oct 27 16:15:26 2009
MD5 Checksum:	f6c842774ee783e5ac3505f466abf25e

/// File Name:	ib_jrd8_create_database.rb.txt
Description:	This Metasploit module exploits a stack overflow in Borland InterBase by sending a specially crafted create request.
Author:	Adriano Lima
Homepage:	http://www.risesecurity.org/
File Size:	2146
Related OSVDB(s):	38606
Related CVE(s):	CVE-2007-5243
Last Modified:	Oct 27 16:14:02 2009
MD5 Checksum:	66eb6005ee3f9ffc7a052a19a632ee73

/// File Name:	ib_inet_connect.rb.txt
Description:	This Metasploit module exploits a stack overflow in Borland InterBase by sending a specially crafted service attach request.
Author:	Adriano Lima
Homepage:	http://www.risesecurity.org/
File Size:	2244
Related OSVDB(s):	38605
Related CVE(s):	CVE-2009-5243
Last Modified:	Oct 27 16:12:34 2009
MD5 Checksum:	039beeb0e71e77b3753f7a53673f30bc

/// File Name:	gld_postfix.rb.txt
Description:	This Metasploit module exploits a stack overflow in the Salim Gasmi GLD versions 1.4 and below greylisting daemon for Postfix. By sending an overly long string the stack can be overwritten.
Author:	patrick
File Size:	1556
Related OSVDB(s):	15492
Related CVE(s):	CVE-2005-1099
Last Modified:	Oct 27 16:09:02 2009
MD5 Checksum:	5ac7cd236c99292df4a30f70d1f4ce83

/// File Name:	madwifi_giwscan_cb.rb.txt
Description:	This Metasploit module exploits a stack-based buffer overflow in the Madwifi driver.
Author:	Julien Tinnes,Laurent Butti
File Size:	8932
Related OSVDB(s):	31267
Related CVE(s):	CVE-2006-6332
Last Modified:	Oct 27 14:09:44 2009
MD5 Checksum:	08745c6fa50ec188b98852ec2891a8bd

/// File Name:	imap_uw_lsub.rb.txt
Description:	This Metasploit module exploits a buffer overflow in the 'LSUB' command of the University of Washington IMAP service. This vulnerability can only be exploited with a valid username and password.
Author:	patrick
File Size:	1932
Related OSVDB(s):	12037
Related CVE(s):	CVE-2000-0284
Last Modified:	Oct 27 13:47:33 2009
MD5 Checksum:	d5073c5825c30d4318a8c8afe36b8b80

/// File Name:	snortbopre.rb.txt
Description:	This Metasploit module exploits a stack overflow in the Back Orifice pre-processor module included with Snort versions 2.4.0, 2.4.1, 2.4.2, and 2.4.3. This vulnerability could be used to completely compromise a Snort sensor, and would typically gain an attacker full root or administrative privileges.
Author:	Lau KaiJern
File Size:	2402
Related OSVDB(s):	20034
Related CVE(s):	CVE-2005-3252
Last Modified:	Oct 27 13:43:05 2009
MD5 Checksum:	2380abc1b12bb852042aa564e3e1b09f

/// File Name:	peercast_url.rb.txt
Description:	This Metasploit module exploits a stack overflow in PeerCast versions 0.1216 and below. The vulnerability is caused due to a boundary error within the handling of URL parameters.
Author:	MC
File Size:	1737
Related OSVDB(s):	23777
Related CVE(s):	CVE-2006-1148
Last Modified:	Oct 27 13:39:52 2009
MD5 Checksum:	1c9cb1b1efa0dfa224662c3ae0c34aea

/// File Name:	linksys_apply_cgi.rb.txt
Description:	This Metasploit module exploits a stack overflow in apply.cgi on the Linksys WRT54G and WRT54GS routers. According to iDefense who discovered this vulnerability, all WRT54G versions prior to 4.20.7 and all WRT54GS version prior to 1.05.2 may be be affected.
Author:	Julien Tinnes,Raphael Rigo
Related File:	09.13.05-5.txt
File Size:	3277
Related OSVDB(s):	19389
Related CVE(s):	CVE-2005-2799
Last Modified:	Oct 27 13:36:55 2009
MD5 Checksum:	f46d36d7aa558c865de93b54fe9cb04b

/// File Name:	gpsd_format_string.rb.txt
Description:	This Metasploit module exploits a format string vulnerability in the Berlios GPSD server. This vulnerability was discovered by Kevin Finisterre.
Author:	Yann Senotier
File Size:	3470
Related OSVDB(s):	13199
Related CVE(s):	CVE-2004-1388
Last Modified:	Oct 27 13:34:08 2009
MD5 Checksum:	1ec91941f1bc13abceae6f652fc8b8e7

/// File Name:	ddwrt_cgibin_exec.rb.txt
Description:	This Metasploit module abuses a metacharacter injection vulnerability in the HTTP management server of wireless gateways running DD-WRT. This flaw allows an unauthenticated attacker to execute arbitrary commands as the root user account.
Author:	H D Moore,gat3way
File Size:	1870
Related OSVDB(s):	55990
Related CVE(s):	CVE-2009-2765
Last Modified:	Oct 27 13:30:59 2009
MD5 Checksum:	88878a65f95d5419e26c672e623f4f47

/// File Name:	alcatel_omnipcx_mastercgi_exec.rb.t..>
Description:	This Metasploit module abuses a metacharacter injection vulnerability in the HTTP management interface of the Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 and earlier. The Unified Maintenance Tool contains a 'masterCGI' binary which allows an unauthenticated attacker to execute arbitrary commands by specifying shell metacharacters as the 'user' within the 'ping' action to obtain 'httpd' user access. This module only supports command line payloads, as the httpd process kills the reverse/bind shell spawn after the HTTP 200 OK response.
Author:	patrick
File Size:	2386
Related OSVDB(s):	40521
Related CVE(s):	CVE-2007-3010
Last Modified:	Oct 27 13:25:59 2009
MD5 Checksum:	e35d8f41ae5ff6a9548b0feef3d49d72

/// File Name:	ut2004_secure.rb.txt
Description:	This is an exploit for the GameSpy secure query in the Unreal Engine. This exploit only requires one UDP packet, which can be both spoofed and sent to a broadcast address. Usually, the GameSpy query server listens on port 7787, but you can manually specify the port as well. The RunServer.sh script will automatically restart the server upon a crash, giving us the ability to bruteforce the service and exploit it multiple times.
Author:	onetwo
File Size:	2929
Related OSVDB(s):	7217
Related CVE(s):	CVE-2004-0608
Last Modified:	Oct 27 12:03:08 2009
MD5 Checksum:	1fe6cf0edfe8f646bf3e727a7cb23670

/// File Name:	tagprinter_exec.rb.txt
Description:	This Metasploit module exploits an arbitrary command execution flaw in the in.lpd service shipped with all versions of Irix.
Author:	H D Moore
File Size:	1802
Related OSVDB(s):	8573
Related CVE(s):	CVE-2001-0800
Last Modified:	Oct 27 12:00:56 2009
MD5 Checksum:	aaac787725921154a9d2ef24eafe6599

/// File Name:	cleanup_exec.rb.txt
Description:	This exploit abuses an unpublished vulnerability in the HP-UX LPD service. This flaw allows an unauthenticated attacker to execute arbitrary commands with the privileges of the root user. The LPD service is only exploitable when the address of the attacking system can be resolved by the target. This vulnerability was silently patched with the buffer overflow flaws addressed in HP Security Bulletin HPSBUX0208-213.
Author:	H D Moore
File Size:	2641
Related OSVDB(s):	9638
Related CVE(s):	CVE-2002-1472
Last Modified:	Oct 27 11:56:03 2009
MD5 Checksum:	b31be42182fecda91b552ea1d4d7343d

/// File Name:	xtacacsd_report.rb.txt
Description:	This Metasploit module exploits a stack overflow in XTACACSD versions 4.1.2 and below. By sending a specially crafted XTACACS packet with an overly long username, an attacker may be able to execute arbitrary code.
Author:	MC
File Size:	2421
Related OSVDB(s):	58140
Related CVE(s):	CVE-2008-7232
Last Modified:	Oct 27 11:43:47 2009
MD5 Checksum:	0dd40e3202619f4add892cc5cef93a44

/// File Name:	manyargs.rb.txt
Description:	This exploit connects to a system's modem over dialup and exploits a buffer overflow vulnerability in it's System V derived /bin/login. The vulnerability is triggered by providing a large number of arguments.
Author:	I)ruid
File Size:	5171
Related OSVDB(s):	690,691
Related CVE(s):	CVE-2001-0797
Last Modified:	Oct 27 11:38:16 2009
MD5 Checksum:	51afebbc895b33a74c8ba7e02248e61f

/// File Name:	mercantec_softcart.rb.txt
Description:	This is an exploit for an undisclosed buffer overflow in the SoftCart.exe CGI as shipped with Mercantec's shopping cart software. It is possible to execute arbitrary code by passing a malformed CGI parameter in an HTTP GET request. This issue is known to affect SoftCart version 4.00b.
Author:	trew,skape
File Size:	2336
Related OSVDB(s):	9011
Related CVE(s):	CVE-2004-2221
Last Modified:	Oct 27 11:35:26 2009
MD5 Checksum:	d90c8be4dea2e6e590bf5767c2ab4e57

/// File Name:	U3D-overrun.py.txt
Description:	This is a detailed analysis regarding the U3D CLODProgressiveMeshDeclaration initialization array overrun that affects Adobe Acrobat Reader versions 7.x, 8.x, and 9.x. Exploit included.
Author:	Felipe Andres Manzano
File Size:	22734
Related CVE(s):	CVE-2009-2994
Last Modified:	Oct 27 10:51:18 2009
MD5 Checksum:	5f19c6d7ff938e0ce48d2133fe048576

/// File Name:	NGS00532.txt
Description:	SharePoint Team Services suffers from a remote source code disclosure vulnerability in its download facility.
Author:	Daniel Martin
File Size:	4217
Last Modified:	Oct 26 19:37:17 2009
MD5 Checksum:	b5a6103f707376e91e9192d422dd25ea

/// File Name:	xpantispy-overflow.txt
Description:	xp-AntiSpy versions 3.9.7-4 and below local buffer overflow exploit that creates a malicious .xpas file.
Author:	Dr_IDE
File Size:	1106
Last Modified:	Oct 26 17:59:32 2009
MD5 Checksum:	f45f07bcfd3d7386c3a5f5ab8292d996

/// File Name:	cherokee054-dos.txt
Description:	Cherokee web server version 0.5.4 remote denial of service exploit.
Author:	Usman Saeed
Homepage:	http://www.xc0re.net/
File Size:	3155
Last Modified:	Oct 26 17:22:37 2009
MD5 Checksum:	e1b14a3bd33860cb9c3158059084d5c0

/// File Name:	jetty-xssdisclose.txt
Description:	Jetty versions 6.x and 7.x suffer from cross site scripting, injection, and information disclosure vulnerabilities.
Author:	Antonio Parata,Francesco Ongaro,Giovanni Pellerano
Homepage:	http://www.ush.it/
File Size:	15429
Last Modified:	Oct 26 16:42:12 2009
MD5 Checksum:	aef5b932405a374f8c291772b008fbb9

/// File Name:	9sg_runcms_store_sql.txt
Description:	RunCMS version 2M1 store() remote SQL injection exploit.
Author:	Nine:Situations:Group::bookoo
Homepage:	http://retrogod.altervista.org/
File Size:	11960
Last Modified:	Oct 26 16:27:01 2009
MD5 Checksum:	406fdee87817625e5c47c1ab53e007cc