Section:  .. / 0911-exploits  /

Page 15 of 18
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 >> Files 350 - 375 of 449
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: simplog-xssxsrf.txt
Description:
Simplog version 0.9.3.2 suffers from cross site scripting and cross site request forgery vulnerabilities.
Author:Amol Naik
File Size:2782
Last Modified:Nov 18 10:04:43 2009
MD5 Checksum:57f65fc265203800577b00cd794815f8

 ///  File Name: sipxezphone_cseq.rb.txt
Description:
This Metasploit module exploits a buffer overflow in SIPfoundry's sipXezPhone version 0.35a. By sending an long CSeq header, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the affected application.
Author:MC
Homepage:http://www.metasploit.com
File Size:2318
Related OSVDB(s):27122
Related CVE(s):CVE-2006-3524
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:e6ef398d8cc4914b72f93725e4bd8069

 ///  File Name: sipxphone_cseq.rb.txt
Description:
This Metasploit module exploits a buffer overflow in SIPfoundry's sipXphone 2.6.0.27. By sending an overly long CSeq value, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the affected application.
Author:MC
Homepage:http://www.metasploit.com
File Size:2366
Related OSVDB(s):27122
Related CVE(s):CVE-2006-3524
Last Modified:Oct 30 17:02:30 2009
MD5 Checksum:e12837715461982da0378b11fb7ab725

 ///  File Name: slimftpd_list_concat.rb.txt
Description:
This Metasploit module exploits a stack overflow in the SlimFTPd server. The flaw is triggered when a LIST command is received with an overly-long argument. This vulnerability affects all versions of SlimFTPd prior to 3.16 and was discovered by Raphael Rigo.
Author:Fairuzan Roslan
Homepage:http://www.metasploit.com
File Size:1830
Related OSVDB(s):18172
Related CVE(s):CVE-2005-2373
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:6da2313875c54279748142df3eb0ffa8

 ///  File Name: smb_relay.rb.txt
Description:
This Metasploit module will relay SMB authentication requests to another host, gaining access to an authenticated SMB session if successful. If the connecting user is an administrator and network logins are allowed to the target machine, this module will execute an arbitrary payload. To exploit this, the target system must try to authenticate to this module. The easiest way to force a SMB authentication attempt is by embedding a UNC path (\\\\\\\\SERVER\\\\SHARE) into a web page or email message. When the victim views the web page or email, their system will automatically connect to the server specified in the UNC share (the IP address of the system running this module) and attempt to authenticate. Unfortunately, this module is not able to clean up after itself. The service and payload file listed in the output will need to be manually removed after access has been gained. The service created by this tool uses a randomly chosen name and description, so the services list can become cluttered after repeated exploitation. The SMB authentication relay attack was first reported by Sir Dystic on March 31st, 2001 at @lanta.con in Atlanta, Georgia. On November 11th 2008 Microsoft released bulletin MS08-068. This bulletin includes a patch which prevents the relaying of challenge keys back to the host which issued them, preventing this exploit from working in the default configuration. It is still possible to set the SMBHOST parameter to a third-party host that the victim is authorized to access, but the "reflection" attack has been effectively broken.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:14556
Related OSVDB(s):49736
Related CVE(s):CVE-2008-4037
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:d205c4ca89f0c3ebef2501ee6f238df5

 ///  File Name: SN-2009-02.txt
Description:
ToutVirtual VirtualIQ Pro version 3.2 build 7882 suffers from cross site scripting, cross site request forgery, directory traversal, and code execution vulnerabilities.
Author:Alberto Trivero,Claudio Criscione
Homepage:http://www.securenetwork.it/advisories/
File Size:6385
Related CVE(s):CVE-2008-2938, CVE-2006-3835
Last Modified:Nov 16 19:59:14 2009
MD5 Checksum:db0756a516815b6718a7f2c4a5099533

 ///  File Name: softartisans_getdrivename.rb.txt
Description:
This Metasploit module exploits a stack overflow in SoftArtisans XFile FileManager ActiveX control (SAFmgPwd.dll 2.0.5.3). When sending an overly long string to the GetDriveName() method an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:3523
Related OSVDB(s):47794
Related CVE(s):CVE-2007-1682
Last Modified:Oct 30 17:01:29 2009
MD5 Checksum:931e920ee423b3ac8d2458c849da3eef

 ///  File Name: sonicwall_addrouteentry.rb.txt
Description:
This Metasploit module exploits a stack overflow in SonicWall SSL-VPN NetExtender. By sending an overly long string to the "AddRouteEntry()" method located in the NELaunchX.dll (1.0.0.26) Control, an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2530
Related OSVDB(s):39069
Related CVE(s):CVE-2007-5603
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:25a2470439eee0ef94b7e32b36a0187e

 ///  File Name: sql_agent.rb.txt
Description:
This Metasploit module exploits a vulnerability in the CA BrightStor Agent for Microsoft SQL Server. This vulnerability was discovered by cybertronic[at]gmx.net.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:3285
Related OSVDB(s):18501
Related CVE(s):CVE-2005-1272
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:93b1fd3d0e47bc8ce60517ff98dfb31b

 ///  File Name: ssl-mitm.c
Description:
This is a proof of concept exploit for the man-in-the-middle vulnerability related to SSL/TLS.
Author:Pavel Kankovsky
Related File:Renegotiating_TLS.pdf
File Size:8819
Last Modified:Nov 5 20:19:39 2009
MD5 Checksum:7c6436c06bcd90517f2546bb095b48b3

 ///  File Name: steamcast_useragent.rb.txt
Description:
This Metasploit module exploits a stack overflow in Streamcast <= 0.9.75. By sending an overly long User-Agent in a HTTP GET request, an attacker may be able to execute arbitrary code.
Author:LSO
Homepage:http://www.metasploit.com
File Size:2517
Related OSVDB(s):42670
Related CVE(s):CVE-2008-0550
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:ff86d6337908db93622e5473f73a7a79

 ///  File Name: sweetrice-rfi.txt
Description:
SweetRice versions 0.5.0 and below suffer from a remote file inclusion vulnerability.
Author:cr4wl3r
File Size:1067
Last Modified:Nov 30 16:45:55 2009
MD5 Checksum:3d27a18a44df86988ad5170e0dc8201f

 ///  File Name: sweetrice-rfilfi.txt
Description:
SweetRice versions 0.5.3 and below suffer from remote and local file inclusion vulnerabilities.
Author:cr4wl3r
File Size:1646
Last Modified:Nov 30 16:49:55 2009
MD5 Checksum:b46cf962896f315d87bf1a6dec158bb7

 ///  File Name: SWRX-2009-001.txt
Description:
The McAfee Network Security Manager suffers from a cross site scripting vulnerability.
Author:Daniel King
File Size:6860
Related CVE(s):CVE-2009-3565
Last Modified:Nov 17 13:57:03 2009
MD5 Checksum:4bcab0a4fedebb625765112b1a5be21f

 ///  File Name: SWRX-2009-002.txt
Description:
The McAfee Network Security Manager suffers from authentication bypass and session hijacking vulnerabilities.
Author:Daniel King
File Size:7472
Related CVE(s):CVE-2009-3566
Last Modified:Nov 17 13:59:58 2009
MD5 Checksum:4052cbc602f4bcb69136a5643ac19e2e

 ///  File Name: sybase_easerver.rb.txt
Description:
This Metasploit module exploits a stack overflow in the Sybase EAServer Web Console. The offset to the SEH frame appears to change depending on what version of Java is in use by the remote server, making this exploit somewhat unreliable.
Author:anonymous
Homepage:http://www.metasploit.com
File Size:2709
Related OSVDB(s):17996
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:022610843921f687d371180e3385f1eb

 ///  File Name: sybsec-adv17.txt
Description:
Cisco VPN Client 0day integer overflow denial of service proof of concept code.
Author:Alex Hernandez
File Size:6351
Last Modified:Nov 19 23:13:44 2009
MD5 Checksum:7e510e9de03030493f7d24697b283b22

 ///  File Name: symantec_altirisdeployment_download..>
Description:
This Metasploit module allows remote attackers to install and execute arbitrary files on a users file system via AeXNSPkgDLLib.dll (6.0.0.1418). This Metasploit module was tested against Symantec Altiris Deployment Solution 6.9 sp3.
Author:MC
Homepage:http://www.metasploit.com
File Size:3282
Related OSVDB(s):57893
Related CVE(s):CVE-2009-3028
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:63b30a7f342329aab1989ff8497d1825

 ///  File Name: symantec_appstream_unsafe.rb.txt
Description:
This Metasploit module exploits a vulnerability in Symantec AppStream Client 5.x. The vulnerability is in the LaunchObj ActiveX control (launcher.dll 5.1.0.82) containing the "installAppMgr()" method. The insecure method can be exploited to download and execute arbitrary files in the context of the currently logged-on user.
Author:MC
Homepage:http://www.metasploit.com
File Size:2475
Related OSVDB(s):51410
Related CVE(s):CVE-2008-4388
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:80f9309f70ba7008d48ae30ac880f364

 ///  File Name: symantec_backupexec_pvcalendar.rb.t..>
Description:
This Metasploit module exploits a stack overflow in Symantec BackupExec Calendar Control. By sending an overly long string to the "_DOWText0" property located in the pvcalendar.ocx control, an attacker may be able to execute arbitrary code.
Author:Elazar Broad
Homepage:http://www.metasploit.com
File Size:4118
Related OSVDB(s):42358
Related CVE(s):CVE-2007-6016
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:1df8f24fcdcece9e8eb4a56262167732

 ///  File Name: symantec_consoleutilities_browseand..>
Description:
This Metasploit module exploits a stack overflow in Symantec ConsoleUtilities. By sending an overly long string to the "BrowseAndSaveFile()" method located in the AeXNSConsoleUtilities.dll (6.0.0.1846) Control, an attacker may be able to execute arbitrary code.
Author:Nikolas Sotiriu
Homepage:http://sotiriu.de/
Related File:NSOADV-2009-001.txt
File Size:4562
Related CVE(s):CVE-2009-3031
Last Modified:Nov 2 23:55:45 2009
MD5 Checksum:af9c77caa7285c2b431af6ba1a6c948d

 ///  File Name: symantec_iao.rb.txt
Description:
This Metasploit module exploits a stack overflow in Intel Alert Originator Service msgsys.exe. When an attacker sends a specially crafted alert, arbitrary code may be executed.
Author:MC
Homepage:http://www.metasploit.com
File Size:3152
Related CVE(s):CVE-2009-1430
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:afdb296bf78973aaaf8bcab8d5c96233

 ///  File Name: symantec_rtvscan.rb.txt
Description:
This Metasploit module exploits a stack overflow in Symantec Client Security 3.0.x. This Metasploit module has only been tested against Symantec Client Security 3.0.2 build 10.0.2.2000.
Author:MC
Homepage:http://www.metasploit.com
File Size:2631
Related OSVDB(s):25846
Related CVE(s):CVE-2006-2630
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:728688ce2820f18640eab13e02d1cc72

 ///  File Name: sys-lt-compressworkspacetreeV2.sql...>
Description:
Oracle SYS.LT.COMPRESSWORKSPACETREE exploit that grants DBA permissions to an unprivileged user.
Author:Andrea Purificato
Homepage:http://rawlab.mindcreations.com/
File Size:1100
Last Modified:Nov 30 16:56:13 2009
MD5 Checksum:7a5070a07d3c49bad91dc9555a805682

 ///  File Name: sys-lt-mergeworkspaceV2.sql.txt
Description:
Oracle SYS.LT.MERGEWORKSPACE exploit that grants DBA permissions to an unprivileged user.
Author:Andrea Purificato
Homepage:http://rawlab.mindcreations.com/
File Size:1065
Last Modified:Nov 30 16:58:24 2009
MD5 Checksum:0caff07fa6764014d34718102e3497bf