Section:  .. / 0911-exploits  /

Page 10 of 18
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 >> Files 225 - 250 of 449
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: nis2004_antispam.rb.txt
Description:
This Metasploit module exploits a stack overflow in Norton AntiSpam 2004. When sending an overly long string to the LaunchCustomRuleWizard() method of symspam.dll (2004.1.0.147) an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2908
Related OSVDB(s):6249
Related CVE(s):CVE-2004-0363
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:123387e04f4080e8c6add6b875c08b28

 ///  File Name: nmap_stor.rb.txt
Description:
This Metasploit module exploits a stack overflow in Novell's Netmail 3.52 NMAP STOR verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution.
Author:MC
Homepage:http://www.metasploit.com
File Size:1621
Related OSVDB(s):31363
Related CVE(s):CVE-2006-6424
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:929d5bb49a88a714b4a34820d2e39e38

 ///  File Name: novell_messenger_acceptlang.rb.txt
Description:
This Metasploit module exploits a stack overflow in Novell GroupWise Messenger Server v2.0. This flaw is triggered by any HTTP request with an Accept-Language header greater than 16 bytes. To overwrite the return address on the stack, we must first pass a memcpy() operation that uses pointers we supply. Due to the large list of restricted characters and the limitations of the current encoder modules, very few payloads are usable.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:2184
Related OSVDB(s):24617
Related CVE(s):CVE-2006-0992
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:dcdb2decfd0bb7a24c41d523bb8fd16c

 ///  File Name: novell_netmail_append.rb.txt
Description:
This Metasploit module exploits a stack overflow in Novell's Netmail 3.52 IMAP APPEND verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution.
Author:MC
Homepage:http://www.metasploit.com
File Size:1958
Related OSVDB(s):31362
Related CVE(s):CVE-2006-6425
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:fd5c7de42beeacbca445b99c768cf27a

 ///  File Name: novell_netmail_auth.rb.txt
Description:
This Metasploit module exploits a stack overflow in Novell's NetMail 3.52 IMAP AUTHENTICATE GSSAPI command. By sending an overly long string, an attacker can overwrite the buffer and control program execution. Using the PAYLOAD of windows/shell_bind_tcp or windows/shell_reverse_tcp allows for the most reliable results.
Author:MC
Homepage:http://www.metasploit.com
File Size:2278
Related OSVDB(s):55175
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:15660a0a1a706f47a39e33a44c7c85f2

 ///  File Name: novell_netmail_status.rb.txt
Description:
This Metasploit module exploits a stack overflow in Novell's Netmail 3.52 IMAP STATUS verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution.
Author:MC
Homepage:http://www.metasploit.com
File Size:1853
Related OSVDB(s):20956
Related CVE(s):CVE-2005-3314
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:d8dbf78e23cb34c721cb3b0508144405

 ///  File Name: novelliprint_executerequest.rb.txt
Description:
This Metasploit module exploits a stack overflow in Novell iPrint Client 4.26. When sending an overly long string to the ExecuteRequest() property of ienipp.ocx an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:3599
Related OSVDB(s):42063
Related CVE(s):CVE-2008-0935
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:d27ab2496f2aa9a5475fa9ea0a9bd440

 ///  File Name: novelliprint_getdriversettings.rb.t..>
Description:
This Metasploit module exploits a stack overflow in Novell iPrint Client 4.34. When sending an overly long string to the GetDriverSettings() property of ienipp.ocx an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:3698
Related OSVDB(s):46194
Related CVE(s):CVE-2008-2908
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:1726ea2925684ae8e8da8a3cb8002fa2

 ///  File Name: nowsms.rb.txt
Description:
This Metasploit module exploits a stack overflow in Now SMS/MMS Gateway v2007.06.27. By sending a specially crafted GET request, an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:1908
Related OSVDB(s):42953
Related CVE(s):CVE-2008-0871
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:e01726994afd53539513ff818a33c783

 ///  File Name: nsiislog_post.rb.txt
Description:
This exploits a buffer overflow found in the nsiislog.dll ISAPI filter that comes with Windows Media Server. This Metasploit module will also work against the 'patched' MS03-019 version. This vulnerability was addressed by MS03-022.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:2879
Related OSVDB(s):4535
Related CVE(s):CVE-2003-0349
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:dba62c8353b819b884473034652946c3

 ///  File Name: oracle9i_xdb_ftp_pass.rb.txt
Description:
By passing an overly long string to the PASS command, a stack based buffer overflow occurs. David Litchfield, has illustrated multiple vulnerabilities in the Oracle 9i XML Database (XDB), during a seminar on "Variations in exploit methods between Linux and Windows" presented at the Blackhat conference.
Author:MC
Homepage:http://www.metasploit.com
File Size:2362
Related OSVDB(s):2449
Related CVE(s):CVE-2003-0727
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:4012e434c06da55ebf571269af1b896b

 ///  File Name: oracle9i_xdb_ftp_unlock.rb.txt
Description:
By passing an overly long token to the UNLOCK command, a stack based buffer overflow occurs.
Author:David Litchfield,MC
Homepage:http://www.metasploit.com
File Size:2591
Related OSVDB(s):2449
Related CVE(s):CVE-2003-0727
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:7d14265dbae5952c543d354d372ba779

 ///  File Name: orbit_connecting.rb.txt
Description:
This Metasploit module exploits a stack overflow in Orbit Downloader 2.8.4. When an attacker serves up a malicious web site, arbitrary code may be executed. The PAYLOAD windows/shell_bind_tcp works best.
Author:MC
Homepage:http://www.metasploit.com
File Size:2612
Related OSVDB(s):52294
Related CVE(s):CVE-2009-0187
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:1a99975be54b85c979da853c728b0314

 ///  File Name: osb_ndmp_auth.rb.txt
Description:
The module exploits a stack overflow in Oracle Secure Backup. When sending a specially crafted NDMP_CONNECT_CLIENT_AUTH packet, an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2646
Related OSVDB(s):51340
Related CVE(s):CVE-2008-5444
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:fddd4904ec29cd341e1b063cecfe53e9

 ///  File Name: owc_spreadsheet_msdso.rb.txt
Description:
This Metasploit module exploits a memory corruption vulnerability within the Office Web Component Spreadsheet ActiveX control. This module was based on an exploit found in the wild.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:3440
Related OSVDB(s):55806
Related CVE(s):CVE-2009-1136
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:bee50eb7ea8616846ffa5017d862a768

 ///  File Name: poppeeper_date.rb.txt
Description:
This Metasploit module exploits a stack overflow in POP Peeper v3.4. When a specially crafted DATE string is sent to a client, an attacker may be able to execute arbitrary code. This Metasploit module is based off of krakowlabs code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2391
Related CVE(s):CVE-2009-1029
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:fffa9e9e873c745509d75effaf51ea31

 ///  File Name: poppeeper_uidl.rb.txt
Description:
This Metasploit module exploits a stack overflow in POP Peeper v3.4. When a specially crafted UIDL string is sent to a client, an attacker may be able to execute arbitrary code. This Metasploit module is based off of krakowlabs code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2164
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:40651534ccde6577a368af7decb4b014

 ///  File Name: privatewire_gateway.rb.txt
Description:
This exploits a buffer overflow in the ADMCREG.EXE used in the PrivateWire Online Registration Facility.
Author:Michael Thumann
Homepage:http://www.metasploit.com
File Size:2570
Related OSVDB(s):26861
Related CVE(s):CVE-2006-3252
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:881423333005da6b9fe1fac5cec489b8

 ///  File Name: proftp_banner.rb.txt
Description:
This Metasploit module exploits a buffer overflow in the ProFTP 2.9 client that is triggered through an excessively long welcome message.
Author:His0k4
Homepage:http://www.metasploit.com
File Size:1756
Related OSVDB(s):57394
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:13e3daf2400ee66187ef628a2253ea83

 ///  File Name: psexec.rb.txt
Description:
This Metasploit module uses a valid administrator username and password (or password hash) to execute an arbitrary payload. This Metasploit module is similar to the "psexec" utility provided by SysInternals. Unfortunately, this module is not able to clean up after itself. The service and payload file listed in the output will need to be manually removed after access has been gained. The service created by this tool uses a randomly chosen name and description, so the services list can become cluttered after repeated exploitation.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:7017
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:ec78b183c6635c79b969beaba936aa7e

 ///  File Name: psoproxy91_overflow.rb.txt
Description:
This Metasploit module exploits a buffer overflow in the PSO Proxy v0.91 web server. If a client sends an excessively long string the stack is overwritten.
Author:Patrick Webster
Homepage:http://www.metasploit.com
File Size:2490
Related OSVDB(s):4028
Related CVE(s):CVE-2004-0313
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:9b76c4175d0f6b59c70322827f6bc2b9

 ///  File Name: putty_msg_debug.rb.txt
Description:
This Metasploit module exploits a buffer overflow in the PuTTY SSH client that is triggered through a validation error in SSH.c.
Author:MC
Homepage:http://www.metasploit.com
File Size:2707
Related OSVDB(s):8044
Related CVE(s):CVE-2002-1359
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:65ee1cd53af36dfa1d31dcd33abf4058

 ///  File Name: quick_tftp_pro_mode.rb.txt
Description:
This Metasploit module exploits a stack overflow in the Quick TFTP Pro server product. MS Update KB926436 screws up the opcode address being used in oledlg.dll resulting in a DoS. This is a port of a sploit by Mati "muts" Aharoni.
Author:Saint Patrick
Homepage:http://www.metasploit.com
File Size:1648
Related OSVDB(s):43784
Related CVE(s):CVE-2008-1610
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:c50b8633f0106eb5634c1b9b610522d0

 ///  File Name: racer_503beta5.rb.txt
Description:
This Metasploit module exploits the Racer Car and Racing Simulator game versions v0.5.3 beta 5 and earlier. Both the client and server listen on UDP port 26000. By sending an overly long buffer we are able to execute arbitrary code remotely.
Author:Trancek
Homepage:http://www.metasploit.com
File Size:1915
Related OSVDB(s):39601
Related CVE(s):CVE-2007-4370
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:1d0731b2eb9aa4f8e9d63e9dcb136e95

 ///  File Name: realplayer_import.rb.txt
Description:
This Metasploit module exploits a stack overflow in RealOne Player V2 Gold Build 6.0.11.853 and RealPlayer 10.5 Build 6.0.12.1483. By sending an overly long string to the "Import()" method, an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:3168
Related OSVDB(s):41430
Related CVE(s):CVE-2007-5601
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:28ec5b2e4fb9fb6f4822464854ebdae1