Section: .. / 0911-exploits /

Page 10 of 18
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 >> Files 225 - 250 of 449

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	aol_icq_downloadagent.rb.txt
Description:	This Metasploit module allows remote attackers to download and execute arbitrary files on a users system via the DownloadAgent function of the ICQPhone.SipxPhoneManager ActiveX control.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2542
Related CVE(s):	CVE-2006-5650
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	14f3b45b733f30fd8e7b04a04f7fac35

/// File Name:	tape_engine.rb.txt
Description:	This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup r11.1 - r11.5. By sending a specially crafted DCERPC request, an attacker could overflow the buffer and execute arbitrary code.
Author:	MC,patrick
Homepage:	http://www.metasploit.com
File Size:	2535
Related OSVDB(s):	30637
Related CVE(s):	CVE-2006-6076
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	1a186d852a1b5f79ef9ef90277730d47

/// File Name:	sonicwall_addrouteentry.rb.txt
Description:	This Metasploit module exploits a stack overflow in SonicWall SSL-VPN NetExtender. By sending an overly long string to the "AddRouteEntry()" method located in the NELaunchX.dll (1.0.0.26) Control, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2530
Related OSVDB(s):	39069
Related CVE(s):	CVE-2007-5603
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	25a2470439eee0ef94b7e32b36a0187e

/// File Name:	steamcast_useragent.rb.txt
Description:	This Metasploit module exploits a stack overflow in Streamcast <= 0.9.75. By sending an overly long User-Agent in a HTTP GET request, an attacker may be able to execute arbitrary code.
Author:	LSO
Homepage:	http://www.metasploit.com
File Size:	2517
Related OSVDB(s):	42670
Related CVE(s):	CVE-2008-0550
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	ff86d6337908db93622e5473f73a7a79

/// File Name:	xitami_if_mod_since.rb.txt
Description:	This Metasploit module exploits a stack overflow in the iMatix Corporation Xitami Web Server. If a malicious user sends an If-Modified-Since header containing an overly long string, it may be possible to execute a payload remotely. Due to size constraints, this module uses the Egghunter technique. You may wish to adjust WfsDelay appropriately.
Author:	patrick
Homepage:	http://www.metasploit.com
File Size:	2509
Related OSVDB(s):	40594,40595
Related CVE(s):	CVE-2007-5067
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	48d6579e6e00ef854fbca505ed14d8f4

/// File Name:	oracle9i_xdb_pass.rb.txt
Description:	This Metasploit module exploits a stack overflow in the authorization code of the Oracle 9i HTTP XDB service. David Litchfield, has illustrated multiple vulnerabilities in the Oracle 9i XML Database (XDB), during a seminar on "Variations in exploit methods between Linux and Windows" presented at the Blackhat conference.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2501
Related OSVDB(s):	2449
Related CVE(s):	CVE-2003-0727
Last Modified:	Oct 30 17:01:59 2009
MD5 Checksum:	7f6075fb013baace03f43b207dae7782

/// File Name:	windvd7_applicationtype.rb.txt
Description:	This Metasploit module exploits a stack overflow in IASystemInfo.dll ActiveX control in InterVideo WinDVD 7. By sending a overly long string to the "ApplicationType()" property, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2493
Related OSVDB(s):	34315
Related CVE(s):	CVE-2007-0348
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	df9567fe4de65a1eb827c7dec308dd52

/// File Name:	psoproxy91_overflow.rb.txt
Description:	This Metasploit module exploits a buffer overflow in the PSO Proxy v0.91 web server. If a client sends an excessively long string the stack is overwritten.
Author:	Patrick Webster
Homepage:	http://www.metasploit.com
File Size:	2490
Related OSVDB(s):	4028
Related CVE(s):	CVE-2004-0313
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	9b76c4175d0f6b59c70322827f6bc2b9

/// File Name:	shttpd_post.rb.txt
Description:	This Metasploit module exploits a stack overflow in SHTTPD <= 1.34. The vulnerability is caused due to a boundary error within the handling of POST requests. Based on an original exploit by skOd but using a different method found by hdm.
Author:	H D Moore,LMH,skOd
Homepage:	http://www.metasploit.com
File Size:	2486
Related OSVDB(s):	29565
Related CVE(s):	CVE-2006-5216
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	b21fb21fbf2bc5aea9b40ebb37bd6696

/// File Name:	aim_goaway.rb.txt
Description:	This Metasploit module exploits a flaw in the handling of AOL Instant Messenger's 'goaway' URI handler. An attacker can execute arbitrary code by supplying a overly sized buffer as the 'message' parameter. This issue is known to affect AOL Instant Messenger 5.5.
Author:	skape,thief
Homepage:	http://www.metasploit.com
File Size:	2485
Related OSVDB(s):	8398
Related CVE(s):	CVE-2004-0636
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	4fae910f9a5bd3cc5c5719545a2c7926

/// File Name:	imail_delete.rb.txt
Description:	This Metasploit module exploits a buffer overflow in the 'DELETE' command of the the IMail IMAP4D service. This vulnerability can only be exploited with a valid username and password. This flaw was patched in version 8.14.
Author:	spoonm
Homepage:	http://www.metasploit.com
File Size:	2480
Related OSVDB(s):	11838
Related CVE(s):	CVE-2004-1520
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	14e2d5eaa3ea8758abf2c2e30b7e9f99

/// File Name:	bearshare_setformatlikesample.rb.tx..>
Description:	This Metasploit module exploits a stack overflow in the NCTAudioFile2.Audio ActiveX Control provided by BearShare 6.0.2.26789. By sending a overly long string to the "SetFormatLikeSample()" method, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2477
Related OSVDB(s):	32032
Related CVE(s):	CVE-2007-0018
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	e52fa5a62ccba780e1cf47122114cb77

/// File Name:	symantec_appstream_unsafe.rb.txt
Description:	This Metasploit module exploits a vulnerability in Symantec AppStream Client 5.x. The vulnerability is in the LaunchObj ActiveX control (launcher.dll 5.1.0.82) containing the "installAppMgr()" method. The insecure method can be exploited to download and execute arbitrary files in the context of the currently logged-on user.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2475
Related OSVDB(s):	51410
Related CVE(s):	CVE-2008-4388
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	80f9309f70ba7008d48ae30ac880f364

/// File Name:	maxdb_webdbm_database.rb.txt
Description:	This Metasploit module exploits a stack overflow in the MaxDB WebDBM service. By sending a specially-crafted HTTP request that contains an overly long database name. A remote attacker could overflow a buffer and execute arbitrary code on the system with privileges of the wahttp process. This Metasploit module has been tested against MaxDB 7.6.00.16 and MaxDB 7.6.00.27.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2472
Related OSVDB(s):	28300
Related CVE(s):	CVE-2006-4305
Last Modified:	Oct 30 17:01:57 2009
MD5 Checksum:	8e06deb4c7b5790bea7c107e694e65bb

/// File Name:	gom_openurl.rb.txt
Description:	This Metasploit module exploits a stack overflow in GOM Player 2.1.6.3499. By sending an overly long string to the "OpenUrl()" method located in the GomWeb3.dll Control, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2465
Related OSVDB(s):	38282
Related CVE(s):	CVE-2007-5779
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	d865394a9848c820b009608e5c321ef8

/// File Name:	juniper_sslvpn_ive_setupdll.rb.txt
Description:	This Metasploit module exploits a stack overflow in the JuniperSetupDLL.dll library which is called by the JuniperSetup.ocx ActiveX control, as part of the Juniper SSL-VPN (IVE) appliance. By specifying an overly long string to the ProductName object parameter, the stack is overwritten.
Author:	patrick
Homepage:	http://www.metasploit.com
File Size:	2462
Related OSVDB(s):	25001
Related CVE(s):	CVE-2006-2086
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	d2a55a7759653c192c9deda8b760dabd

/// File Name:	tns_arguments.rb.txt
Description:	This Metasploit module exploits a stack overflow in Oracle 8i. When sending a specially crafted packet containing a overly long ARGUMENTS string to the TNS service, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2461
Related OSVDB(s):	9427
Related CVE(s):	CVE-2001-0499
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	77cb2913d578548a5a24f876db393695

/// File Name:	w3infotech-sql.txt
Description:	W3infotech suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Author:	ViRuS_HiMa
File Size:	2460
Last Modified:	Nov 23 23:35:03 2009
MD5 Checksum:	51a87d84a2be974b52ca440455cf9b4b

/// File Name:	ie_iscomponentinstalled.rb.txt
Description:	This Metasploit module exploits a stack overflow in Internet Explorer. This bug was patched in Windows 2000 SP4 and Windows XP SP1 according to MSRC.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	2453
Related OSVDB(s):	31647
Related CVE(s):	CVE-2006-1016
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	43ed623935dd912a7903f9e3cdd0eac5

/// File Name:	mcafeevisualtrace_tracetarget.rb.tx..>
Description:	This Metasploit module exploits a stack overflow in the McAfee Visual Trace 3.25 ActiveX Control (NeoTraceExplorer.dll 1.0.0.1). By sending a overly long string to the "TraceTarget()" method, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2453
Related OSVDB(s):	32399
Related CVE(s):	CVE-2006-6707
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	1bdfc384df9928349c696cfe90903e2c

/// File Name:	adobe_robohelper_authbypass.rb.txt
Description:	This Metasploit module exploits a authentication bypass vulnerability which allows remote attackers to upload and execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2452
Related CVE(s):	CVE-2009-3068
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	0e773fbe21185160e80f9dad6116e67e

/// File Name:	ms02_018_htr.rb.txt
Description:	This exploits a buffer overflow in the ISAPI ISM.DLL used to process HTR scripting in IIS 4.0. This Metasploit module works against Windows NT 4 Service Packs 3, 4, and 5. The server will continue to process requests until the payload being executed has exited. If you've set EXITFUNC to 'seh', the server will continue processing requests, but you will have trouble terminating a bind shell. If you set EXITFUNC to thread, the server will crash upon exit of the bind shell. The payload is alpha-numerically encoded without a NOP sled because otherwise the data gets mangled by the filters.
Author:	stinko
Homepage:	http://www.metasploit.com
File Size:	2436
Related OSVDB(s):	3325
Related CVE(s):	CVE-1999-0874
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	3b9914f3c7ce3d94567daaf53f52f817

/// File Name:	mdaemon_fetch.rb.txt
Description:	This Metasploit module exploits a stack overflow in the Alt-N MDaemon IMAP Server version 9.6.4 by sending an overly long FETCH BODY command. Valid IMAP account credentials are required. Credit to Matteo Memelli
Author:	Jacopo Cervini,patrick
Homepage:	http://www.metasploit.com
File Size:	2422
Related OSVDB(s):	43111
Related CVE(s):	CVE-2008-1358
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	08aa7f36b27117177c3b5fd60358dd1b

/// File Name:	logitechvideocall_start.rb.txt
Description:	This Metasploit module exploits a stack overflow in the Logitech VideoCall ActiveX Control (wcamxmp.dll 2.0.3470.448). By sending a overly long string to the "Start()" method, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2419
Related OSVDB(s):	36820
Related CVE(s):	CVE-2007-2918
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	1b2d8872da65415d679a3fcc4c9732d8

/// File Name:	ca_igateway_debug.rb.txt
Description:	This Metasploit module exploits a vulnerability in the Computer Associates iTechnology iGateway component. When True is enabled in igateway.conf (non-default), it is possible to overwrite the stack and execute code remotely.
Author:	patrick
Homepage:	http://www.metasploit.com
File Size:	2417
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	8978f67ab92426d063102e129c0c84af