Section: .. / 0911-exploits /

Page 2 of 18
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 >> Files 25 - 50 of 449

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	serenityaudio-overflow.txt
Description:	Serenity Audio Player playlist buffer overflow exploit that creates a malicious .m3u file. Versions 3.2.3 and below are affected.
Author:	mr_me
File Size:	3901
Last Modified:	Nov 27 16:23:11 2009
MD5 Checksum:	0d5ccd038d4d630629baef93f693c5e1

/// File Name:	phpbazar211fix-sql.txt
Description:	phpBazar versions 2.1.1fix and below suffer from a remote SQL injection vulnerability.
Author:	MizoZ
File Size:	453
Last Modified:	Nov 27 16:21:55 2009
MD5 Checksum:	489762af1f6fadc7f5eada367701202b

/// File Name:	lyften-sql.txt
Description:	The Joomla Lyftenbloggie component version 1.0.4 suffers from a remote SQL injection vulnerability.
Author:	kaMtiEz
Homepage:	http://www.indonesiancoder.com/
File Size:	2610
Last Modified:	Nov 27 16:19:37 2009
MD5 Checksum:	cb9da27b63591515c16b9f892ee1dd0a

/// File Name:	cacti087e-xss.txt
Description:	Cacti versions 0.8.7e and below suffer from cross site scripting and privilege escalation vulnerabilities.
Author:	Moritz Naumann
File Size:	5548
Related CVE(s):	CVE-2009-4032
Last Modified:	Nov 27 16:16:19 2009
MD5 Checksum:	c9b52762868a585b0277459094ec071e

/// File Name:	dreamftp_format.rb.txt
Description:	This Metasploit module exploits a format string overflow in the BolinTech Dream FTP Server version 1.02. Based on the exploit by SkyLined.
Author:	Patrick Webster
Homepage:	http://www.metasploit.com
File Size:	2017
Related OSVDB(s):	4986
Related CVE(s):	CVE-2004-2074
Last Modified:	Nov 27 14:44:51 2009
MD5 Checksum:	55e93a8c4908c4d63480497ce0fc8a2a

/// File Name:	gamsoft_telsrv_username.rb.txt
Description:	This Metasploit module exploits a username sprintf stack overflow in GAMSoft TelSrv 1.5. Other versions may also be affected. The service terminates after exploitation, so you only get one chance!
Author:	Patrick Webster
Homepage:	http://www.metasploit.com
File Size:	3348
Related OSVDB(s):	373
Related CVE(s):	CVE-2000-0665
Last Modified:	Nov 26 14:33:09 2009
MD5 Checksum:	81c0ca72a3bf52428d3463f2bd1c3c6f

/// File Name:	3cdaemon_ftp_user.rb.txt
Description:	This Metasploit module exploits a vulnerability in the 3Com 3CDaemon FTP service. This package is being distributed from the 3Com web site and is recommended in numerous support documents. This Metasploit module uses the USER command to trigger the overflow.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	2555
Related OSVDB(s):	12810,12811
Related CVE(s):	CVE-2005-0277
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	e239adfc397826851ade8a440f39721d

/// File Name:	acdsee_xpm.rb.txt
Description:	This Metasploit module exploits a buffer overflow in ACDSee 9.0. When viewing a malicious XPM file with the ACDSee product, a remote attacker could overflow a buffer and execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2140
Related OSVDB(s):	35236
Related CVE(s):	CVE-2007-2193
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	6eeadc6c451782b8faeb52b6fe8d2a03

/// File Name:	activepdf_webgrabber.rb.txt
Description:	This Metasploit module exploits a stack overflow in activePDF WebGrabber 3.8. When sending an overly long string to the GetStatus() method of APWebGrb.ocx (3.8.2.0) an attacker may be able to execute arbitrary code. This control is not marked safe for scripting, so choose your attack vector accordingly.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	3833
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	759b1bf3c64ad3a6991c7beb56cfe9e5

/// File Name:	adobe_collectemailinfo.rb.txt
Description:	This Metasploit module exploits a buffer overflow in Adobe Reader and Adobe Acrobat Professional 8.1.1. By creating a specially crafted pdf that a contains malformed Collab.collectEmailInfo() call, an attacker may be able to execute arbitrary code.
Author:	Didier Stevens,MC
Homepage:	http://www.metasploit.com
File Size:	5532
Related OSVDB(s):	41495
Related CVE(s):	CVE-2007-5659
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	dfc63320a3e857a6b265b1889566df3b

/// File Name:	adobe_geticon.rb.txt
Description:	This Metasploit module exploits a buffer overflow in Adobe Reader and Adobe Acrobat Professional < 8.1.4. By creating a specially crafted pdf that a contains malformed Collab.getIcon() call, an attacker may be able to execute arbitrary code.
Author:	Didier Stevens,MC,jduck
Homepage:	http://www.metasploit.com
File Size:	5606
Related OSVDB(s):	53647
Related CVE(s):	CVE-2009-0927
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	1f2320eef87406c95ea5b7edbe4b85eb

/// File Name:	adobe_jbig2decode.rb.txt
Description:	This Metasploit module exploits a heap-based pointer corruption flaw in Adobe Reader 9.0.0 and earlier. This Metasploit module relies upon javascript for the heap spray.
Author:	Didier Stevens,MC,Russell Sanford,natron,redsand
Homepage:	http://www.metasploit.com
File Size:	7821
Related OSVDB(s):	52073
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	19c89751bf0373e4af9b9aa3630c9a20

/// File Name:	adobe_pdf_embedded_exe.rb.txt
Description:	This Metasploit module embeds a Metasploit payload into an existing PDF file. The resulting PDF can be sent to a target as part of a social engineering attack.
Author:	Colin Ames
Homepage:	http://www.metasploit.com
File Size:	11869
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	9d5bf734432f0c2bcea426977e592d45

/// File Name:	adobe_robohelper_authbypass.rb.txt
Description:	This Metasploit module exploits a authentication bypass vulnerability which allows remote attackers to upload and execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2452
Related CVE(s):	CVE-2009-3068
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	0e773fbe21185160e80f9dad6116e67e

/// File Name:	adobe_utilprintf.rb.txt
Description:	This Metasploit module exploits a buffer overflow in Adobe Reader and Adobe Acrobat Professional < 8.1.3. By creating a specially crafted pdf that a contains malformed util.printf() entry, an attacker may be able to execute arbitrary code.
Author:	Didier Stevens,MC
Homepage:	http://www.metasploit.com
File Size:	5325
Related OSVDB(s):	49520
Related CVE(s):	CVE-2008-2992
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	9be8b233672ca2f0bc7d59c93c556e68

/// File Name:	aim_goaway.rb.txt
Description:	This Metasploit module exploits a flaw in the handling of AOL Instant Messenger's 'goaway' URI handler. An attacker can execute arbitrary code by supplying a overly sized buffer as the 'message' parameter. This issue is known to affect AOL Instant Messenger 5.5.
Author:	skape,thief
Homepage:	http://www.metasploit.com
File Size:	2485
Related OSVDB(s):	8398
Related CVE(s):	CVE-2004-0636
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	4fae910f9a5bd3cc5c5719545a2c7926

/// File Name:	aim_triton_cseq.rb.txt
Description:	This Metasploit module exploits a buffer overflow in AOL's AIM Triton 1.0.4. By sending an overly long CSeq value, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the affected application.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2344
Related OSVDB(s):	27122
Related CVE(s):	CVE-2006-3524
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	a5d945c220a5e95dc0306e44c6ef4a60

/// File Name:	alphastor_agent.rb.txt
Description:	This Metasploit module exploits a stack overflow in EMC AlphaStor 3.1. By sending a specially crafted message, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2191
Related OSVDB(s):	45714
Related CVE(s):	CVE-2008-2158
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	162e1a23d366db63d95be99eb8532767

/// File Name:	altap_salamander_pdb.rb.txt
Description:	This Metasploit module exploits a buffer overflow in Altap Salamander <= v2.5. By creating a malicious file and convincing a user to view the file with the Portable Executable Viewer plugin within a vulnerable version of Salamander, the PDB file string is copied onto the stack and the SEH can be overwritten.
Author:	patrick
Homepage:	http://www.metasploit.com
File Size:	75190
Related OSVDB(s):	37579
Related CVE(s):	CVE-2007-3314
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	8b0b10257bd6ddb25ec195a14935643f

/// File Name:	altn_webadmin.rb.txt
Description:	Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM level privileges.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	3011
Related OSVDB(s):	2207
Related CVE(s):	CVE-2003-0471
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	074b91fb379203291975a7da1395ab4a

/// File Name:	amaya_bdo.rb.txt
Description:	This Metasploit module exploits a stack overflow in the Amaya v11 Browser. By sending an overly long string to the "bdo" tag, an attacker may be able to execute arbitrary code.
Author:	Rob Carter,dookie
Homepage:	http://www.metasploit.com
File Size:	2281
Related OSVDB(s):	55721
Related CVE(s):	CVE-2009-0323
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	6e4b64402e5782329a0fbdb9390c9f91

/// File Name:	ani_loadimage_chunksize.rb.txt
Description:	This Metasploit module exploits a buffer overflow vulnerability in the LoadAniIcon() function of USER32.dll. The flaw is triggered through Outlook Express by using the CURSOR style sheet directive to load a malicious .ANI file. This vulnerability was discovered by Alexander Sotirov of Determina and was rediscovered, in the wild, by McAfee.
Author:	H D Moore,skape
Homepage:	http://www.metasploit.com
File Size:	9857
Related OSVDB(s):	33629
Related CVE(s):	CVE-2007-0038, CVE-2007-1765
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	894c8dd4988bc61b523bf1b4fe614257

/// File Name:	aol_ampx_convertfile.rb.txt
Description:	This Metasploit module exploits a stack-based buffer overflow in AOL IWinAmpActiveX class (AmpX.dll) version 2.4.0.6 installed via AOL Radio website. By setting an overly long value to 'ConvertFile()', an attacker can overrun a buffer and execute arbitrary code.
Author:	Trancer,rgod
Homepage:	http://www.metasploit.com
File Size:	4035
Related OSVDB(s):	54706
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	d4dc59c45b216b5b0e5026124d44c045

/// File Name:	aol_icq_downloadagent.rb.txt
Description:	This Metasploit module allows remote attackers to download and execute arbitrary files on a users system via the DownloadAgent function of the ICQPhone.SipxPhoneManager ActiveX control.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2542
Related CVE(s):	CVE-2006-5650
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	14f3b45b733f30fd8e7b04a04f7fac35

/// File Name:	apache_chunked.rb.txt
Description:	This Metasploit module exploits the chunked transfer integer wrap vulnerability in Apache version 1.2.x to 1.3.24. This particular module has been tested with all versions of the official Win32 build between 1.3.9 and 1.3.24. Additionally, it should work against most co-branded and bundled versions of Apache (Oracle 8i, 9i, IBM HTTPD, etc). You will need to use the Check() functionality to determine the exact target version prior to launching the exploit. The version of Apache bundled with Oracle 8.1.7 will not automatically restart, so if you use the wrong target value, the server will crash.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	7146
Related OSVDB(s):	838
Related CVE(s):	CVE-2002-0392
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	e3d3d24a04a5fa710ddd92b1a78239b0