Section:  .. / 0911-exploits  /

Page 11 of 18
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 >> Files 250 - 275 of 449
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: futuresoft_transfermode.rb.txt
Description:
 This Metasploit module exploits a stack overflow in the FutureSoft TFTP Server 2000 product. By sending an overly long transfer-mode string, we were able to overwrite both the SEH and the saved EIP. A subsequent write-exception that will occur allows the transferring of execution to our shellcode via the overwritten SEH. This Metasploit module has been tested against Windows 2000 Professional and for some reason does not seem to work against Windows 2000 Server (could not trigger the overflow at all).
Author:MC
Homepage:http://www.metasploit.com
File Size:2417
Related OSVDB(s):16954
Related CVE(s):CVE-2005-1812
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:f9f7d6925a7ab16a58f9f0f0a9a894f5

 ///  File Name: ms02_056_hello.rb.txt
Description:
 By sending malformed data to TCP port 1433, an unauthenticated remote attacker could overflow a buffer and possibly execute code on the server with SYSTEM level privileges. This Metasploit module should work against any vulnerable SQL Server 2000 or MSDE install (< SP3).
Author:MC
Homepage:http://www.metasploit.com
File Size:2415
Related OSVDB(s):10132
Related CVE(s):CVE-2002-1123
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:b978975bb39bf702fd179843c0ed10c2

 ///  File Name: attftp_long_filename.rb.txt
Description:
 This Metasploit module exploits a stack overflow in AT-TFTP v1.9, by sending a request (get/write) for an overly long file name.
Author:Patrick Webster
Homepage:http://www.metasploit.com
File Size:2414
Related OSVDB(s):11350
Related CVE(s):CVE-2006-6184
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:55996fc83e282053a9d1f271282bcf7e

 ///  File Name: poppeeper_date.rb.txt
Description:
 This Metasploit module exploits a stack overflow in POP Peeper v3.4. When a specially crafted DATE string is sent to a client, an attacker may be able to execute arbitrary code. This Metasploit module is based off of krakowlabs code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2391
Related CVE(s):CVE-2009-1029
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:fffa9e9e873c745509d75effaf51ea31

 ///  File Name: freeftpd_key_exchange.rb.txt
Description:
 This Metasploit module exploits a simple stack overflow in FreeFTPd 1.0.10. This flaw is due to a buffer overflow error when handling a specially crafted key exchange algorithm string received from an SSH client. This Metasploit module is based on MC's freesshd_key_exchange exploit.
Author:Fairuzan Roslan
Homepage:http://www.metasploit.com
File Size:2389
Related OSVDB(s):25569
Related CVE(s):CVE-2006-2407
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:b21befe419d2b7f922115f425bfdc2eb

 ///  File Name: macrovision_unsafe.rb.txt
Description:
 This Metasploit module allows attackers to execute code via an unsafe methods in Macrovision InstallShield 2008.
Author:MC
Homepage:http://www.metasploit.com
File Size:2386
Related OSVDB(s):38347
Related CVE(s):CVE-2007-5660
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:8445f61fc25f5e18432b2a7a7a3d3c91

 ///  File Name: sipxphone_cseq.rb.txt
Description:
 This Metasploit module exploits a buffer overflow in SIPfoundry's sipXphone 2.6.0.27. By sending an overly long CSeq value, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the affected application.
Author:MC
Homepage:http://www.metasploit.com
File Size:2366
Related OSVDB(s):27122
Related CVE(s):CVE-2006-3524
Last Modified:Oct 30 17:02:30 2009
MD5 Checksum:e12837715461982da0378b11fb7ab725

 ///  File Name: oracle9i_xdb_ftp_pass.rb.txt
Description:
 By passing an overly long string to the PASS command, a stack based buffer overflow occurs. David Litchfield, has illustrated multiple vulnerabilities in the Oracle 9i XML Database (XDB), during a seminar on "Variations in exploit methods between Linux and Windows" presented at the Blackhat conference.
Author:MC
Homepage:http://www.metasploit.com
File Size:2362
Related OSVDB(s):2449
Related CVE(s):CVE-2003-0727
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:4012e434c06da55ebf571269af1b896b

 ///  File Name: lgserver_rxrlogin.rb.txt
Description:
 This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup for Laptops & Desktops 11.1. By sending a specially crafted request, an attacker could overflow the buffer and execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2351
Related OSVDB(s):41353
Related CVE(s):CVE-2007-5003
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:47e858e7068b1e322bed8fa831f9ba6c

 ///  File Name: aim_triton_cseq.rb.txt
Description:
 This Metasploit module exploits a buffer overflow in AOL's AIM Triton 1.0.4. By sending an overly long CSeq value, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the affected application.
Author:MC
Homepage:http://www.metasploit.com
File Size:2344
Related OSVDB(s):27122
Related CVE(s):CVE-2006-3524
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:a5d945c220a5e95dc0306e44c6ef4a60

 ///  File Name: ccproxy_telnet_ping.rb.txt
Description:
 This Metasploit module exploits the YoungZSoft CCProxy <= v6.2 suite Telnet service. The stack is overwritten when sending an overly long address to the 'ping' command.
Author:Patrick Webster
Homepage:http://www.metasploit.com
File Size:2344
Related OSVDB(s):11593
Related CVE(s):CVE-2004-2416
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:3e097f89c82a14bf523c336c5d45d5ac

 ///  File Name: systemrequirementslab_unsafe.rb.txt
Description:
 This Metasploit module allows attackers to execute code via an unsafe method in Husdawg, LLC. System Requirements Lab ActiveX Control (sysreqlab2.dll 2.30.0.0)
Author:MC
Homepage:http://www.metasploit.com
File Size:2333
Related OSVDB(s):50122
Related CVE(s):CVE-2008-4385
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:da50dd484ce7081acf26fe3f0883b61a

 ///  File Name: sipxezphone_cseq.rb.txt
Description:
 This Metasploit module exploits a buffer overflow in SIPfoundry's sipXezPhone version 0.35a. By sending an long CSeq header, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the affected application.
Author:MC
Homepage:http://www.metasploit.com
File Size:2318
Related OSVDB(s):27122
Related CVE(s):CVE-2006-3524
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:e6ef398d8cc4914b72f93725e4bd8069

 ///  File Name: xmplay_asx.rb.txt
Description:
 This Metasploit module exploits a stack overflow in XMPlay 3.3.0.4. The vulnerability is caused due to a boundary error within the parsing of playlists containing an overly long file name. This Metasploit module uses the ASX file format.
Author:MC
Homepage:http://www.metasploit.com
File Size:2313
Related OSVDB(s):30537
Related CVE(s):CVE-2006-6063
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:70b8bf64fe2c9efce535ef3054e39e03

 ///  File Name: mercury_login.rb.txt
Description:
 This Metasploit module exploits a stack overflow in Mercury/32 <= 4.01b IMAPD LOGIN verb. By sending a specially crafted login command, a buffer is corrupted, and code execution is possible. This vulnerability was discovered by (mu-b at digit-labs.org).
Author:MC
Homepage:http://www.metasploit.com
File Size:2308
Related OSVDB(s):33883
Related CVE(s):CVE-2007-1373
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:eca08e42e9a6d8d3c8e2dc20a08d5942

 ///  File Name: zenworks_desktop_agent.rb.txt
Description:
 This Metasploit module exploits a heap overflow in the Novell ZENworks Desktop Management agent. This vulnerability was discovered by Alex Wheeler.
Author:anonymous
Homepage:http://www.metasploit.com
File Size:2296
Related OSVDB(s):16698
Related CVE(s):CVE-2005-1543
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:dad0db6e05b5a4b18644f0d8493a3b47

 ///  File Name: cam_log_security.rb.txt
Description:
 This Metasploit module exploits a vulnerability in the CA CAM service by passing a long parameter to the log_security() function. The CAM service is part of TNG Unicenter. This Metasploit module has been tested on Unicenter v3.1.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:2288
Related OSVDB(s):18916
Related CVE(s):CVE-2005-2668
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:d4527ecf49de18832a8a7e75c620b9d4

 ///  File Name: lgserver_rxsuselicenseini.rb.txt
Description:
 This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup for Laptops & Desktops 11.1. By sending a specially crafted request (rxsUseLicenseIni), an attacker could overflow the buffer and execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2287
Related OSVDB(s):35329
Related CVE(s):CVE-2007-3216
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:1e2622b896ed2dbf40613822c81ab714

 ///  File Name: ms00_094_pbserver.rb.txt
Description:
 This is an exploit for the Phone Book Service /pbserver/pbserver.dll described in MS00-094. By sending an overly long URL argument for phone book updates, it is possible to overwrite the stack. This Metasploit module has only been tested against Windows 2000 SP1.
Author:patrick
Homepage:http://www.metasploit.com
File Size:2287
Related OSVDB(s):463
Related CVE(s):CVE-2000-1089
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:8f98e0a8f552e8c9d40ce6979594e098

 ///  File Name: bea_weblogic_transfer_encoding.rb.t..>
Description:
 This Metasploit module exploits a stack based buffer overflow in the BEA Weblogic Apache plugin. This vulnerability exists in the error reporting for unknown Transfer-Encoding headers. You may have to run this twice due to timing issues with handlers.
Author:Pusscat
Homepage:http://www.metasploit.com
File Size:2282
Related OSVDB(s):49283
Related CVE(s):CVE-2008-4008
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:74af4e2126b11ad29de9538e2e13079b

 ///  File Name: amaya_bdo.rb.txt
Description:
 This Metasploit module exploits a stack overflow in the Amaya v11 Browser. By sending an overly long string to the "bdo" tag, an attacker may be able to execute arbitrary code.
Author:Rob Carter,dookie
Homepage:http://www.metasploit.com
File Size:2281
Related OSVDB(s):55721
Related CVE(s):CVE-2009-0323
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:6e4b64402e5782329a0fbdb9390c9f91

 ///  File Name: message_engine.rb.txt
Description:
 This Metasploit module exploits a buffer overflow in Computer Associates BrightStor ARCserve Backup 11.1 - 11.5 SP2. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code.
Author:MC,patrick
Homepage:http://www.metasploit.com
File Size:2278
Related OSVDB(s):31318
Related CVE(s):CVE-2007-0169
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:c851d7e2a0b986a607dca467c5dc0652

 ///  File Name: novell_netmail_auth.rb.txt
Description:
 This Metasploit module exploits a stack overflow in Novell's NetMail 3.52 IMAP AUTHENTICATE GSSAPI command. By sending an overly long string, an attacker can overwrite the buffer and control program execution. Using the PAYLOAD of windows/shell_bind_tcp or windows/shell_reverse_tcp allows for the most reliable results.
Author:MC
Homepage:http://www.metasploit.com
File Size:2278
Related OSVDB(s):55175
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:15660a0a1a706f47a39e33a44c7c85f2

 ///  File Name: doubletake.rb.txt
Description:
 This Metasploit module exploits a stack overflow in the authentication mechanism of NSI Doubletake which is also rebranded as HP Storage Works. This vulnerability was found by Titon of Bastard Labs.
Author:ri0t
Homepage:http://www.metasploit.com
File Size:2266
Related OSVDB(s):45924
Related CVE(s):CVE-2008-1661
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:7d1994c9feedfab5a0761d62e9a79ef9

 ///  File Name: efs_easychatserver_username.rb.txt
Description:
 This Metasploit module exploits a stack overflow in EFS Software Easy Chat Server. By sending a overly long authentication request, an attacker may be able to execute arbitrary code.
Author:LSO
Homepage:http://www.metasploit.com
File Size:2263
Related OSVDB(s):7416
Related CVE(s):CVE-2004-2466
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:46c75eaef161d264b34211e1d004c0ae