Section: .. / 0911-exploits /

Page 17 of 18
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 >> Files 400 - 425 of 449

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	ultravnc_client.rb.txt
Description:	This Metasploit module exploits a buffer overflow in UltraVNC Win32 Viewer 1.0.1 Release.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2086
Related OSVDB(s):	24456
Related CVE(s):	CVE-2006-1652
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	fc24e404ba08435986a311f023fd3a36

/// File Name:	universal_agent.rb.txt
Description:	This Metasploit module exploits a convoluted heap overflow in the CA BrightStor Universal Agent service. Triple userland exception results in heap growth and execution of dereferenced function pointer at a specified address.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	5362
Related OSVDB(s):	15471
Related CVE(s):	CVE-2005-1018
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	70e1c9cdbe903e8b64ddaefbef79d28c

/// File Name:	unixstream-dos.txt
Description:	Proof of concept code that demonstrates the denial of service vulnerability in the Linux kernel unix_stream_connect() function.
Author:	Tomoki Sekiyama
File Size:	684
Last Modified:	Nov 18 08:03:08 2009
MD5 Checksum:	255bd9458bfe19652f3b5de92299ac2e

/// File Name:	ursoft_w32dasm.rb.txt
Description:	This Metasploit module exploits a buffer overflow in W32Dasm <= v8.93. By creating a malicious file and convincing a user to disassemble the file with a vulnerable version of W32Dasm, the Imports/Exports function is copied to the stack and arbitrary code may be executed locally as the user.
Author:	patrick
Homepage:	http://www.metasploit.com
File Size:	14059
Related OSVDB(s):	13169
Related CVE(s):	CVE-2005-0308
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	8bb330dbe39f9d0d3d68d6036fe39c7c

/// File Name:	verypdf_pdfview.rb.txt
Description:	The VeryPDF PDFView ActiveX control is prone to a heap buffer-overflow because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application.
Author:	MC,dean
Homepage:	http://www.metasploit.com
File Size:	3797
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	e58818f751b87b21e8472d617ccecb36

/// File Name:	videolan_tivo.rb.txt
Description:	This Metasploit module exploits a buffer overflow in VideoLAN VLC 0.9.4. By creating a malicious TY file, a remote attacker could overflow a buffer and execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2653
Related OSVDB(s):	49181
Related CVE(s):	CVE-2008-4654
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	a0a342f35b74298fffac9e02e6777cdb

/// File Name:	vuplayer_cue.rb.txt
Description:	This Metasploit module exploits a stack over flow in VUPlayer <= 2.49. When the application is used to open a specially crafted cue file, an buffer is overwritten allowing for the execution of arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	1974
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	2ee13abaf3a0468a85f10cc3d6af9b0f

/// File Name:	vuplayer_m3u.rb.txt
Description:	This Metasploit module exploits a stack over flow in VUPlayer <= 2.49. When the application is used to open a specially crafted m3u file, an buffer is overwritten allowing for the execution of arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2657
Related CVE(s):	CVE-2006-6251
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	361a558ba73d21a13817ff2170f079ea

/// File Name:	w3infotech-sql.txt
Description:	W3infotech suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Author:	ViRuS_HiMa
File Size:	2460
Last Modified:	Nov 23 23:35:03 2009
MD5 Checksum:	51a87d84a2be974b52ca440455cf9b4b

/// File Name:	w3who_query.rb.txt
Description:	This Metasploit module exploits a stack overflow in the w3who.dll ISAPI application. This vulnerability was discovered Nicolas Gregoire and this code has been successfully tested against Windows 2000 and Windows XP (SP2). When exploiting Windows XP, the payload must call RevertToSelf before it will be able to spawn a command shell.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	3026
Related OSVDB(s):	12258
Related CVE(s):	CVE-2004-1134
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	89125aafc4fb654536650e438ab573ca

/// File Name:	waraxe-2009-sugarcrm.txt
Description:	Sugar CRM versions 5.5.0.RC2 and 5.2.0j suffer from remote SQL injection, unauthorized access, remote file inclusion, and code execution vulnerabilities.
Author:	Janek Vind aka waraxe
Homepage:	http://www.waraxe.us/
File Size:	1867
Last Modified:	Nov 30 20:39:47 2009
MD5 Checksum:	62d57fc4c68a29e58d623580a2ce9159

/// File Name:	warftpd_165_pass.rb.txt
Description:	This exploits the buffer overflow found in the PASS command in War-FTPD 1.65. This particular module will only work reliably against Windows 2000 targets. The server must be configured to allow anonymous logins for this exploit to succeed. A failed attempt will bring down the service completely.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	1956
Related OSVDB(s):	875
Related CVE(s):	CVE-1999-0256
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	a92c43e0326e0758b54de91798efc69f

/// File Name:	warftpd_165_user.rb.txt
Description:	This Metasploit module exploits a buffer overflow found in the USER command of War-FTPD 1.65.
Author:	Fairuzan Roslan
Homepage:	http://www.metasploit.com
File Size:	2040
Related OSVDB(s):	875
Related CVE(s):	CVE-1999-0256
Last Modified:	Oct 30 17:01:48 2009
MD5 Checksum:	3435c07010f11d33b212804e0c189e2f

/// File Name:	wftpd_size.rb.txt
Description:	This Metasploit module exploits a buffer overflow in the SIZE verb in Texas Imperial's Software WFTPD 3.23.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	1710
Related OSVDB(s):	28134
Related CVE(s):	CVE-2006-4318
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	98c09235cd743056b3ab519af113872b

/// File Name:	whois20-xss.txt
Description:	Whois Server version 2.0 suffers from a cross site scripting vulnerability.
Author:	ViRuS_HiMa
File Size:	2584
Last Modified:	Nov 2 23:49:41 2009
MD5 Checksum:	9f65ac534da1e6ae1755d1f9813b3467

/// File Name:	win7-crash.txt
Description:	Proof of concept exploit that demonstrates a remote kernel crash vulnerability in Windows 7.
Author:	laurent gaffie
File Size:	3294
Last Modified:	Nov 16 21:29:18 2009
MD5 Checksum:	32c8d4453a50cfdce6475335332288c6

/// File Name:	winamp_playlist_unc.rb.txt
Description:	This Metasploit module exploits a vulnerability in the Winamp media player. This flaw is triggered when a audio file path is specified, inside a playlist, that consists of a UNC path with a long computer name. This Metasploit module delivers the playlist via the browser. This Metasploit module has only been successfully tested on Winamp 5.11 and 5.12.
Author:	Faithless,H D Moore
Homepage:	http://www.metasploit.com
File Size:	3842
Related OSVDB(s):	22789
Related CVE(s):	CVE-2006-0476
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	b753637df39bb9c32fd9d92a177c11fb

/// File Name:	winamp_ultravox.rb.txt
Description:	This Metasploit module exploits a stack overflow in Winamp 5.24. By sending an overly long artist tag, a remote attacker may be able to execute arbitrary code. This vulnerability can be exploited from the browser or the winamp client itself.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	3815
Related OSVDB(s):	41707
Related CVE(s):	CVE-2008-0065
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	d632f909bd4f4f0598f353782ff6f415

/// File Name:	wincomlpd_admin.rb.txt
Description:	This Metasploit module exploits a stack overflow in WinComLPD <= 3.0.2. By sending an overly long authentication packet to the remote administration service, an attacker may be able to execute arbitrary code.
Author:	MC0911-exploits/wincomlpd_admin.rb.txt 9d188c96959cfee2212f6e47a2629feb This Metasploit module exploits a stack overflow in WinComLPD <= 3.0.2 By sending an overly long authentication packet to the remote administration service,http://www.metasploit.com.
Homepage:	http://www.metasploit.com
File Size:	1907
Related OSVDB(s):	42861
Related CVE(s):	CVE-2008-5159
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	9d188c96959cfee2212f6e47a2629feb

/// File Name:	windows_rsh.rb.txt
Description:	This Metasploit module exploits a vulnerability in Windows RSH daemon 1.8. The vulnerability is due to a failure to check for the length of input sent to the RSH server. A CPORT of 512 -> 1023 must be configured for the exploit to be successful.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	1970
Related OSVDB(s):	38572
Related CVE(s):	CVE-2007-4006
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	1603713e8e042c6cb1ac7c650a3ead01

/// File Name:	windvd7_applicationtype.rb.txt
Description:	This Metasploit module exploits a stack overflow in IASystemInfo.dll ActiveX control in InterVideo WinDVD 7. By sending a overly long string to the "ApplicationType()" property, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2493
Related OSVDB(s):	34315
Related CVE(s):	CVE-2007-0348
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	df9567fe4de65a1eb827c7dec308dd52

/// File Name:	winvnc_http_get.rb.txt
Description:	This Metasploit module exploits a buffer overflow in the AT&T WinVNC version <= v3.3.3r7 web server. When debugging mode with logging is enabled (non-default), an overly long GET request can overwrite the stack. This exploit does not work well with VNC payloads!
Author:	patrick
Homepage:	http://www.metasploit.com
File Size:	1900
Related OSVDB(s):	6280
Related CVE(s):	CVE-2001-0168
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	1e2bbe98c84d7157907bc18478f14418

/// File Name:	winzip_fileview.rb.txt
Description:	The FileView ActiveX control (WZFILEVIEW.FileViewCtrl.61) could allow a remote attacker to execute arbitrary code on the system. The control contains several unsafe methods and is marked safe for scripting and safe for initialization. A remote attacker could exploit this vulnerability to execute arbitrary code on the victim system. WinZip 10.0 <= Build 6667 are vulnerable.
Author:	dean
Homepage:	http://www.metasploit.com
File Size:	4132
Related OSVDB(s):	30433
Related CVE(s):	CVE-2006-5198
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	93a6c98b454e30c0e115617c5211c2bb

/// File Name:	wmailserver.rb.txt
Description:	This Metasploit module exploits a stack overflow in SoftiaCom WMailserver 1.0 (SMTP) via a SEH frame overwrite.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	1727
Related OSVDB(s):	17883
Related CVE(s):	CVE-2005-2287
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	1c0ce3119d7cd9177bb7b44143d8e42c

/// File Name:	wordpress-bypass.txt
Description:	WordPress versions 2.0 through 2.7.1 suffer from a security bypass vulnerability in admin.php.
Author:	Fernando Arnaboldi
File Size:	409
Last Modified:	Nov 16 22:16:27 2009
MD5 Checksum:	aa45291eb0e4279fe7fa5d1532a8ae3d