Section:  .. / 0911-exploits  /

Page 3 of 18
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 >> Files 50 - 75 of 449
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: apache_mod_rewrite_ldap.rb.txt
Description:
 This Metasploit module exploits the mod_rewrite LDAP protocol scheme handling flaw discovered by Mark Dowd, which produces an off-by-one overflow. Apache versions 1.3.29-36, 2.0.47-58, and 2.2.1-2 are vulnerable. This Metasploit module requires REWRITEPATH to be set accurately. In addition, the target must have 'RewriteEngine on' configured, with a specific 'RewriteRule' condition enabled to allow for exploitation. The flaw affects multiple platforms, however this module currently only supports Windows based installations.
Author:patrick
Homepage:http://www.metasploit.com
File Size:2837
Related OSVDB(s):27588
Related CVE(s):CVE-2006-3747
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:24ecf483512ef6982eb1b227d15ee15a

 ///  File Name: apple_itunes_playlist.rb.txt
Description:
 This Metasploit module exploits a stack overflow in Apple ITunes 4.7 build 4.7.0.42. By creating a URL link to a malicious PLS file, a remote attacker could overflow a buffer and execute arbitrary code. When using this module, be sure to set the URIPATH with an extension of '.pls'.
Author:MC
Homepage:http://www.metasploit.com
File Size:2181
Related OSVDB(s):12833
Related CVE(s):CVE-2005-0043
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:2f0010313c0494bc25e2563cadffc6da

 ///  File Name: apple_quicktime_rtsp.rb.txt
Description:
 This Metasploit module exploits a buffer overflow in Apple QuickTime 7.1.3. This Metasploit module was inspired by MOAB-01-01-2007. The Browser target for this module was tested against IE 6 and Firefox 1.5.0.3 on Windows XP SP0/2; Firefox 3 blacklists the QuickTime plugin.
Author:MC,egypt
Homepage:http://www.metasploit.com
File Size:4865
Related OSVDB(s):31023
Related CVE(s):CVE-2007-0015
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:d2ab9eb9d899356379e076fe8e98c51f

 ///  File Name: apple_quicktime_rtsp_response.rb.tx..>
Description:
 This Metasploit module exploits a stack overflow in Apple QuickTime 7.3. By sending an overly long RTSP response to a client, an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2991
Related OSVDB(s):40876
Related CVE(s):CVE-2007-6166
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:53ef97f1a29b0a357f71238f64bf8af4

 ///  File Name: ask_shortformat.rb.txt
Description:
 This Metasploit module exploits a stack overflow in Ask.com Toolbar 4.0.2.53. An attacker may be able to execute arbitrary code by sending an overly long string to the "ShortFormat()" method in askbar.dll.
Author:MC
Homepage:http://www.metasploit.com
File Size:2590
Related OSVDB(s):37735
Related CVE(s):CVE-2007-5107
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:6468ef0292a337f26024734a3db1ef31

 ///  File Name: asus_dpcproxy_overflow.rb.txt
Description:
 This Metasploit module exploits a stack overflow in Asus Dpcroxy version 2.0.0.19. It should be vulnerable until version 2.0.0.24.
Author:Jacopo Cervini
Homepage:http://www.metasploit.com
File Size:1920
Related OSVDB(s):43638
Related CVE(s):CVE-2008-1491
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:ee9690acdd567d76a763e07626bad2d4

 ///  File Name: athocgov_completeinstallation.rb.tx..>
Description:
 This Metasploit module exploits a stack overflow in AtHocGov IWSAlerts. When sending an overly long string to the CompleteInstallation() method of AtHocGovTBr.dll (6.1.4.36) an attacker may be able to execute arbitrary code. This vulnerability was silently patched by the vendor.
Author:MC
Homepage:http://www.metasploit.com
File Size:4097
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:7a69f327cb1b6c6fd85573375b96bec6

 ///  File Name: attftp_long_filename.rb.txt
Description:
 This Metasploit module exploits a stack overflow in AT-TFTP v1.9, by sending a request (get/write) for an overly long file name.
Author:Patrick Webster
Homepage:http://www.metasploit.com
File Size:2414
Related OSVDB(s):11350
Related CVE(s):CVE-2006-6184
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:55996fc83e282053a9d1f271282bcf7e

 ///  File Name: autodesk_idrop.rb.txt
Description:
 This Metasploit module exploits a heap-based memory corruption vulnerability in Autodesk IDrop ActiveX control (IDrop.ocx) version 17.1.51.160. An attacker can execute arbitrary code by triggering a heap use after free condition using the Src, Background, PackageXml properties.
Author:Elazar Broad,Trancer
Homepage:http://www.metasploit.com
File Size:4124
Related OSVDB(s):53265
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:037140349d314f924d03d94351da0c4e

 ///  File Name: badblue_ext_overflow.rb.txt
Description:
 This is a stack overflow exploit for BadBlue version 2.5.
Author:acaro
Homepage:http://www.metasploit.com
File Size:1915
Related OSVDB(s):14238
Related CVE(s):CVE-2005-0595
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:a443d82c96a4d2cdb6be4d4d82f037f2

 ///  File Name: badblue_passthru.rb.txt
Description:
 This Metasploit module exploits a stack overflow in the PassThru functionality in ext.dll in BadBlue 2.72b and earlier.
Author:MC
Homepage:http://www.metasploit.com
File Size:1920
Related OSVDB(s):42416
Related CVE(s):CVE-2007-6377
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:0e1ee4241d028ab720144a5a3bc8d711

 ///  File Name: bakbone_netvault_heap.rb.txt
Description:
 This Metasploit module exploits a heap overflow in the BakBone NetVault Process Manager service. This code is a direct port of the netvault.c code written by nolimit and BuzzDee.
Author:H D Moore,nolimit
Homepage:http://www.metasploit.com
File Size:4455
Related OSVDB(s):15234
Related CVE(s):CVE-2005-1009
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:875f10d61e00f6e28f4dd5afef4dd48c

 ///  File Name: bea_weblogic_jsessionid.rb.txt
Description:
 This Metasploit module exploits a 0day in the JSESSION cookie value when clustering is configured.
Author:Pusscat
Homepage:http://www.metasploit.com
File Size:1821
Related OSVDB(s):51311
Related CVE(s):CVE-2008-5457
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:ec909b5a52fa949dc001b04b2ae78954

 ///  File Name: bea_weblogic_transfer_encoding.rb.t..>
Description:
 This Metasploit module exploits a stack based buffer overflow in the BEA Weblogic Apache plugin. This vulnerability exists in the error reporting for unknown Transfer-Encoding headers. You may have to run this twice due to timing issues with handlers.
Author:Pusscat
Homepage:http://www.metasploit.com
File Size:2282
Related OSVDB(s):49283
Related CVE(s):CVE-2008-4008
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:74af4e2126b11ad29de9538e2e13079b

 ///  File Name: bearshare_setformatlikesample.rb.tx..>
Description:
 This Metasploit module exploits a stack overflow in the NCTAudioFile2.Audio ActiveX Control provided by BearShare 6.0.2.26789. By sending a overly long string to the "SetFormatLikeSample()" method, an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2477
Related OSVDB(s):32032
Related CVE(s):CVE-2007-0018
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:e52fa5a62ccba780e1cf47122114cb77

 ///  File Name: belkin_bulldog.rb.txt
Description:
 This Metasploit module exploits a stack overflow in Belkin Bulldog Plus 4.0.2 build 1219. When sending a specially crafted http request, an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:1945
Related OSVDB(s):54395
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:0e6cc12f1405f1054d70415ee14b0c92

 ///  File Name: bigant_server.rb.txt
Description:
 This Metasploit module exploits a stack overflow in BigAnt Server 2.2. By sending a specially crafted packet, an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:1900
Related OSVDB(s):44454
Related CVE(s):CVE-2008-1914
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:bdff331e09e3dcb3175415f2197439e8

 ///  File Name: bigant_server_250.rb.txt
Description:
 This exploits a stack overflow in the BigAnt Messaging Service, part of the BigAnt Server product suite. This Metasploit module was tested successfully against version 2.50 SP1.
Author:Dr_IDE
Homepage:http://www.metasploit.com
File Size:2097
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:b8c3695e97f2b2b70f97bd00056eb4ae

 ///  File Name: blackice_pam_icq.rb.txt
Description:
 This Metasploit module exploits a stack overflow in the ISS products that use the iss-pam1.dll ICQ parser (Blackice/RealSecure). Successful exploitation will result in arbitrary code execution as LocalSystem. This exploit only requires 1 UDP packet, which can be both spoofed and sent to a broadcast address. The ISS exception handler will recover the process after each overflow, giving us the ability to bruteforce the service and exploit it multiple times.
Author:spoonm
Homepage:http://www.metasploit.com
File Size:4777
Related OSVDB(s):4355
Related CVE(s):CVE-2004-0362
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:1c58d827d6f1aaeecff28a920e0a3da8

 ///  File Name: bluecoat_winproxy_host.rb.txt
Description:
 This Metasploit module exploits a buffer overflow in the Blue Coat Systems WinProxy service by sending a long port value for the Host header in a HTTP request.
Author:MC
Homepage:http://www.metasploit.com
File Size:1961
Related OSVDB(s):22238
Related CVE(s):CVE-2005-4085
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:6a872c00eb1961383ba93974bdafb62a

 ///  File Name: bomberclone_overflow.rb.txt
Description:
 This Metasploit module exploits a stack buffer overflow in Bomberclone 0.11.6 for Windows. The return address is overwritten with lstrcpyA memory address, the second and third value are the destination buffer, the fourth value is the source address of our buffer in the stack. This exploit is like a return in libc. ATTENTION The shellcode is exec ONLY when someone try to close bomberclone.
Author:acaro
Homepage:http://www.metasploit.com
File Size:2174
Related OSVDB(s):23263
Related CVE(s):CVE-2006-0460
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:43871d6e220ead4e9efcb1c617cb3286

 ///  File Name: bopup_comm.rb.txt
Description:
 This Metasploit module exploits a stack overflow in Bopup Communications Server 3.2.26.5460. By sending a specially crafted packet, an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2070
Related OSVDB(s):55275
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:9950c86723c462529c0ddf010425403b

 ///  File Name: borland_interbase.rb.txt
Description:
 This Metasploit module exploits a stack overflow in Borland Interbase 2007. By sending a specially crafted create-request packet, a remote attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2022
Related OSVDB(s):38602
Related CVE(s):CVE-2007-3566
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:758b178ae6d807059f2e66aa8748c5ec

 ///  File Name: borland_starteam.rb.txt
Description:
 This Metasploit module exploits a stack overflow in Borland CaliberRM 2006. By sending a specially crafted GET request to the STMulticastService, an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:1933
Related OSVDB(s):44039
Related CVE(s):CVE-2008-0311
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:9c5ce50f5e4af43e3d4622c1e9b2df1a

 ///  File Name: ca_brightstor_addcolumn.rb.txt
Description:
 The CA BrightStor ARCserve Backup ActiveX control (ListCtrl.ocx) is vulnerable to a stack-based buffer overflow. By passing an overly long argument to the AddColumn() method, a remote attacker could overflow a buffer and execute arbitrary code on the system.
Author:dean
Homepage:http://www.metasploit.com
File Size:3348
Related OSVDB(s):43214
Related CVE(s):CVE-2008-1472
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:f32567a5b886b9294455755b1bfa7d96