Section:  .. / 0911-exploits  /

Page 13 of 18
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 >> Files 300 - 325 of 449
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: ultravnc_client.rb.txt
Description:
This Metasploit module exploits a buffer overflow in UltraVNC Win32 Viewer 1.0.1 Release.
Author:MC
Homepage:http://www.metasploit.com
File Size:2086
Related OSVDB(s):24456
Related CVE(s):CVE-2006-1652
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:fc24e404ba08435986a311f023fd3a36

 ///  File Name: universal_agent.rb.txt
Description:
This Metasploit module exploits a convoluted heap overflow in the CA BrightStor Universal Agent service. Triple userland exception results in heap growth and execution of dereferenced function pointer at a specified address.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:5362
Related OSVDB(s):15471
Related CVE(s):CVE-2005-1018
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:70e1c9cdbe903e8b64ddaefbef79d28c

 ///  File Name: ursoft_w32dasm.rb.txt
Description:
This Metasploit module exploits a buffer overflow in W32Dasm <= v8.93. By creating a malicious file and convincing a user to disassemble the file with a vulnerable version of W32Dasm, the Imports/Exports function is copied to the stack and arbitrary code may be executed locally as the user.
Author:patrick
Homepage:http://www.metasploit.com
File Size:14059
Related OSVDB(s):13169
Related CVE(s):CVE-2005-0308
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:8bb330dbe39f9d0d3d68d6036fe39c7c

 ///  File Name: verypdf_pdfview.rb.txt
Description:
The VeryPDF PDFView ActiveX control is prone to a heap buffer-overflow because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application.
Author:MC,dean
Homepage:http://www.metasploit.com
File Size:3797
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:e58818f751b87b21e8472d617ccecb36

 ///  File Name: videolan_tivo.rb.txt
Description:
This Metasploit module exploits a buffer overflow in VideoLAN VLC 0.9.4. By creating a malicious TY file, a remote attacker could overflow a buffer and execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2653
Related OSVDB(s):49181
Related CVE(s):CVE-2008-4654
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:a0a342f35b74298fffac9e02e6777cdb

 ///  File Name: vuplayer_cue.rb.txt
Description:
This Metasploit module exploits a stack over flow in VUPlayer <= 2.49. When the application is used to open a specially crafted cue file, an buffer is overwritten allowing for the execution of arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:1974
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:2ee13abaf3a0468a85f10cc3d6af9b0f

 ///  File Name: vuplayer_m3u.rb.txt
Description:
This Metasploit module exploits a stack over flow in VUPlayer <= 2.49. When the application is used to open a specially crafted m3u file, an buffer is overwritten allowing for the execution of arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2657
Related CVE(s):CVE-2006-6251
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:361a558ba73d21a13817ff2170f079ea

 ///  File Name: w3who_query.rb.txt
Description:
This Metasploit module exploits a stack overflow in the w3who.dll ISAPI application. This vulnerability was discovered Nicolas Gregoire and this code has been successfully tested against Windows 2000 and Windows XP (SP2). When exploiting Windows XP, the payload must call RevertToSelf before it will be able to spawn a command shell.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:3026
Related OSVDB(s):12258
Related CVE(s):CVE-2004-1134
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:89125aafc4fb654536650e438ab573ca

 ///  File Name: warftpd_165_pass.rb.txt
Description:
This exploits the buffer overflow found in the PASS command in War-FTPD 1.65. This particular module will only work reliably against Windows 2000 targets. The server must be configured to allow anonymous logins for this exploit to succeed. A failed attempt will bring down the service completely.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:1956
Related OSVDB(s):875
Related CVE(s):CVE-1999-0256
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:a92c43e0326e0758b54de91798efc69f

 ///  File Name: wftpd_size.rb.txt
Description:
This Metasploit module exploits a buffer overflow in the SIZE verb in Texas Imperial's Software WFTPD 3.23.
Author:MC
Homepage:http://www.metasploit.com
File Size:1710
Related OSVDB(s):28134
Related CVE(s):CVE-2006-4318
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:98c09235cd743056b3ab519af113872b

 ///  File Name: winamp_playlist_unc.rb.txt
Description:
This Metasploit module exploits a vulnerability in the Winamp media player. This flaw is triggered when a audio file path is specified, inside a playlist, that consists of a UNC path with a long computer name. This Metasploit module delivers the playlist via the browser. This Metasploit module has only been successfully tested on Winamp 5.11 and 5.12.
Author:Faithless,H D Moore
Homepage:http://www.metasploit.com
File Size:3842
Related OSVDB(s):22789
Related CVE(s):CVE-2006-0476
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:b753637df39bb9c32fd9d92a177c11fb

 ///  File Name: winamp_ultravox.rb.txt
Description:
This Metasploit module exploits a stack overflow in Winamp 5.24. By sending an overly long artist tag, a remote attacker may be able to execute arbitrary code. This vulnerability can be exploited from the browser or the winamp client itself.
Author:MC
Homepage:http://www.metasploit.com
File Size:3815
Related OSVDB(s):41707
Related CVE(s):CVE-2008-0065
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:d632f909bd4f4f0598f353782ff6f415

 ///  File Name: wincomlpd_admin.rb.txt
Description:
This Metasploit module exploits a stack overflow in WinComLPD <= 3.0.2. By sending an overly long authentication packet to the remote administration service, an attacker may be able to execute arbitrary code.
Author:MC0911-exploits/wincomlpd_admin.rb.txt 9d188c96959cfee2212f6e47a2629feb This Metasploit module exploits a stack overflow in WinComLPD <= 3.0.2 By sending an overly long authentication packet to the remote administration service,http://www.metasploit.com.
Homepage:http://www.metasploit.com
File Size:1907
Related OSVDB(s):42861
Related CVE(s):CVE-2008-5159
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:9d188c96959cfee2212f6e47a2629feb

 ///  File Name: windows_rsh.rb.txt
Description:
This Metasploit module exploits a vulnerability in Windows RSH daemon 1.8. The vulnerability is due to a failure to check for the length of input sent to the RSH server. A CPORT of 512 -> 1023 must be configured for the exploit to be successful.
Author:MC
Homepage:http://www.metasploit.com
File Size:1970
Related OSVDB(s):38572
Related CVE(s):CVE-2007-4006
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:1603713e8e042c6cb1ac7c650a3ead01

 ///  File Name: windvd7_applicationtype.rb.txt
Description:
This Metasploit module exploits a stack overflow in IASystemInfo.dll ActiveX control in InterVideo WinDVD 7. By sending a overly long string to the "ApplicationType()" property, an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2493
Related OSVDB(s):34315
Related CVE(s):CVE-2007-0348
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:df9567fe4de65a1eb827c7dec308dd52

 ///  File Name: winvnc_http_get.rb.txt
Description:
This Metasploit module exploits a buffer overflow in the AT&T WinVNC version <= v3.3.3r7 web server. When debugging mode with logging is enabled (non-default), an overly long GET request can overwrite the stack. This exploit does not work well with VNC payloads!
Author:patrick
Homepage:http://www.metasploit.com
File Size:1900
Related OSVDB(s):6280
Related CVE(s):CVE-2001-0168
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:1e2bbe98c84d7157907bc18478f14418

 ///  File Name: winzip_fileview.rb.txt
Description:
The FileView ActiveX control (WZFILEVIEW.FileViewCtrl.61) could allow a remote attacker to execute arbitrary code on the system. The control contains several unsafe methods and is marked safe for scripting and safe for initialization. A remote attacker could exploit this vulnerability to execute arbitrary code on the victim system. WinZip 10.0 <= Build 6667 are vulnerable.
Author:dean
Homepage:http://www.metasploit.com
File Size:4132
Related OSVDB(s):30433
Related CVE(s):CVE-2006-5198
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:93a6c98b454e30c0e115617c5211c2bb

 ///  File Name: wmailserver.rb.txt
Description:
This Metasploit module exploits a stack overflow in SoftiaCom WMailserver 1.0 (SMTP) via a SEH frame overwrite.
Author:MC
Homepage:http://www.metasploit.com
File Size:1727
Related OSVDB(s):17883
Related CVE(s):CVE-2005-2287
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:1c0ce3119d7cd9177bb7b44143d8e42c

 ///  File Name: wsftp_server_503_mkd.rb.txt
Description:
This Metasploit module exploits the buffer overflow found in the MKD command in IPSWITCH WS_FTP Server 5.03 discovered by Reed Arvin.
Author:Efrain Torres,Reed Arvin
Homepage:http://www.metasploit.com
File Size:2070
Related OSVDB(s):12509
Related CVE(s):CVE-2004-1135
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:539d9fbaf6a97b6b59263a8a01f93ef5

 ///  File Name: wsftp_server_505_xmd5.rb.txt
Description:
This Metasploit module exploits a buffer overflow in the XMD5 verb in IPSWITCH WS_FTP Server 5.05.
Author:MC
Homepage:http://www.metasploit.com
File Size:1806
Related OSVDB(s):28939
Related CVE(s):CVE-2006-4847
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:ac8ba4d739caa328fa997973974577d5

 ///  File Name: xitami_if_mod_since.rb.txt
Description:
This Metasploit module exploits a stack overflow in the iMatix Corporation Xitami Web Server. If a malicious user sends an If-Modified-Since header containing an overly long string, it may be possible to execute a payload remotely. Due to size constraints, this module uses the Egghunter technique. You may wish to adjust WfsDelay appropriately.
Author:patrick
Homepage:http://www.metasploit.com
File Size:2509
Related OSVDB(s):40594,40595
Related CVE(s):CVE-2007-5067
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:48d6579e6e00ef854fbca505ed14d8f4

 ///  File Name: xlink_client.rb.txt
Description:
This Metasploit module exploits a stack overflow in Xlink FTP Client 32 Version 3.01 that comes bundled with Omni-NFS Enterprise 5.2. When a overly long FTP server response is received by a client, arbitrary code may be executed.
Author:MC
Homepage:http://www.metasploit.com
File Size:2059
Related OSVDB(s):33969
Related CVE(s):CVE-2006-5792
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:ab29abeb42a291212c29b62ef4f76b98

 ///  File Name: xlink_nfsd.rb.txt
Description:
This Metasploit module exploits a stack overflow in Xlink Omni-NFS Server 5.2 When sending a specially crafted nfs packet, an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2166
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:a6ba4f8a3c96c5acb15f84169eccc517

 ///  File Name: xlink_server.rb.txt
Description:
This Metasploit module exploits a stack overflow in Xlink FTP Server that comes bundled with Omni-NFS Enterprise 5.2. When a overly long FTP request is sent to the server, arbitrary code may be executed.
Author:MC
Homepage:http://www.metasploit.com
File Size:2020
Related OSVDB(s):58646
Related CVE(s):CVE-2006-5792
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:b289fbc40cf19530e264ad1e543c9ff6

 ///  File Name: xmplay_asx.rb.txt
Description:
This Metasploit module exploits a stack overflow in XMPlay 3.3.0.4. The vulnerability is caused due to a boundary error within the parsing of playlists containing an overly long file name. This Metasploit module uses the ASX file format.
Author:MC
Homepage:http://www.metasploit.com
File Size:2313
Related OSVDB(s):30537
Related CVE(s):CVE-2006-6063
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:70b8bf64fe2c9efce535ef3054e39e03