Section: .. / 0911-exploits /

Page 12 of 18
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 >> Files 275 - 300 of 449

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	trendmicro_serverprotect_createbind..>
Description:	This Metasploit module exploits a buffer overflow in Trend Micro ServerProtect 5.58 Build 1060. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2251
Related OSVDB(s):	35790
Related CVE(s):	CVE-2007-2508
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	8c85aa5c144daa0c511d24520eb327c4

/// File Name:	freeftpd_user.rb.txt
Description:	This Metasploit module exploits a stack overflow in the freeFTPd multi-protocol file transfer service. This flaw can only be exploited when logging has been enabled (non-default).
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2245
Related OSVDB(s):	20909
Related CVE(s):	CVE-2005-3683
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	4030cb4d708ab6b90e821c65021502ee

/// File Name:	servu-overflow.txt
Description:	Rhinosoft.com Serv-U web client version 9.0.0.5 suffers from a remote buffer overflow vulnerability. Proof of concept code included.
Author:	Nikolaos Rangos
File Size:	2224
Last Modified:	Nov 2 23:47:04 2009
MD5 Checksum:	3be5afefa6fef4916df79eb5c41a0972

/// File Name:	mercur_imap_select_overflow.rb.txt
Description:	Mercur v5.0 IMAP server is prone to a remotely exploitable stack-based buffer overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to a fixed size memory buffer. Credit to Tim Taylor for discover the vulnerability.
Author:	Jacopo Cervini
Homepage:	http://www.metasploit.com
File Size:	2217
Related OSVDB(s):	23950
Related CVE(s):	CVE-2006-1255
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	6dd73139a26090ff81c7d73873e5ada8

/// File Name:	eudora_list.rb.txt
Description:	This Metasploit module exploits a stack overflow in the Qualcomm WorldMail IMAP Server version 3.0 (build version 6.1.22.0). Using the PAYLOAD of windows/shell_bind_tcp allows or the most reliable results.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2209
Related OSVDB(s):	22097
Related CVE(s):	CVE-2005-4267
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	cd94d4a87e69d2b71112e7f54c3b7f6e

/// File Name:	freesshd_key_exchange.rb.txt
Description:	This Metasploit module exploits a simple stack overflow in FreeSSHd 1.0.9. This flaw is due to a buffer overflow error when handling a specially crafted key exchange algorithm string received from an SSH client.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2209
Related OSVDB(s):	25463
Related CVE(s):	CVE-2006-2407
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	7b87db3c9cc73626c299769c54740e7d

/// File Name:	trendmicro_serverprotect_earthagent..>
Description:	This Metasploit module exploits a buffer overflow in Trend Micro ServerProtect 5.58 Build 1060 EarthAgent.EXE. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2209
Related OSVDB(s):	35789
Related CVE(s):	CVE-2007-2508
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	e79115bffdc54c18a0ff2f273a52b24e

/// File Name:	alphastor_agent.rb.txt
Description:	This Metasploit module exploits a stack overflow in EMC AlphaStor 3.1. By sending a specially crafted message, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2191
Related OSVDB(s):	45714
Related CVE(s):	CVE-2008-2158
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	162e1a23d366db63d95be99eb8532767

/// File Name:	mailcarrier_smtp_ehlo.rb.txt
Description:	This Metasploit module exploits the MailCarrier v2.51 suite SMTP service. The stack is overwritten when sending an overly long EHLO command.
Author:	Patrick Webster
Homepage:	http://www.metasploit.com
File Size:	2186
Related OSVDB(s):	11174
Related CVE(s):	CVE-2004-1638
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	c8bb30a738c45bb59743f2aa28d035a8

/// File Name:	novell_messenger_acceptlang.rb.txt
Description:	This Metasploit module exploits a stack overflow in Novell GroupWise Messenger Server v2.0. This flaw is triggered by any HTTP request with an Accept-Language header greater than 16 bytes. To overwrite the return address on the stack, we must first pass a memcpy() operation that uses pointers we supply. Due to the large list of restricted characters and the limitations of the current encoder modules, very few payloads are usable.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	2184
Related OSVDB(s):	24617
Related CVE(s):	CVE-2006-0992
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	dcdb2decfd0bb7a24c41d523bb8fd16c

/// File Name:	apple_itunes_playlist.rb.txt
Description:	This Metasploit module exploits a stack overflow in Apple ITunes 4.7 build 4.7.0.42. By creating a URL link to a malicious PLS file, a remote attacker could overflow a buffer and execute arbitrary code. When using this module, be sure to set the URIPATH with an extension of '.pls'.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2181
Related OSVDB(s):	12833
Related CVE(s):	CVE-2005-0043
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	2f0010313c0494bc25e2563cadffc6da

/// File Name:	bomberclone_overflow.rb.txt
Description:	This Metasploit module exploits a stack buffer overflow in Bomberclone 0.11.6 for Windows. The return address is overwritten with lstrcpyA memory address, the second and third value are the destination buffer, the fourth value is the source address of our buffer in the stack. This exploit is like a return in libc. ATTENTION The shellcode is exec ONLY when someone try to close bomberclone.
Author:	acaro
Homepage:	http://www.metasploit.com
File Size:	2174
Related OSVDB(s):	23263
Related CVE(s):	CVE-2006-0460
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	43871d6e220ead4e9efcb1c617cb3286

/// File Name:	dlink_long_filename.rb.txt
Description:	This Metasploit module exploits a stack overflow in D-Link TFTP 1.0. By sending a request for an overly long file name, an attacker could overflow a buffer and execute arbitrary code.
Author:	LSO,patrick
Homepage:	http://www.metasploit.com
File Size:	2169
Related OSVDB(s):	33977
Related CVE(s):	CVE-2007-1435
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	c5a2e6d1d64f08aeb8a87741001d8a01

/// File Name:	xlink_nfsd.rb.txt
Description:	This Metasploit module exploits a stack overflow in Xlink Omni-NFS Server 5.2 When sending a specially crafted nfs packet, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2166
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	a6ba4f8a3c96c5acb15f84169eccc517

/// File Name:	ms05_030_nntp.rb.txt
Description:	This Metasploit module exploits a stack overflow in the news reader of Microsoft Outlook Express.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2165
Related OSVDB(s):	17306
Related CVE(s):	CVE-2005-1213
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	d78648a4b2fd5ee831fe64a092f3c34f

/// File Name:	poppeeper_uidl.rb.txt
Description:	This Metasploit module exploits a stack overflow in POP Peeper v3.4. When a specially crafted UIDL string is sent to a client, an attacker may be able to execute arbitrary code. This Metasploit module is based off of krakowlabs code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2164
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	40651534ccde6577a368af7decb4b014

/// File Name:	trendmicro_serverprotect.rb.txt
Description:	This Metasploit module exploits a buffer overflow in Trend Micro ServerProtect 5.58 Build 1060. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2162
Related OSVDB(s):	33042
Related CVE(s):	CVE-2007-1070
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	dcab71de9a9ee9a0799ac905f72acba8

/// File Name:	lyris_listmanager_weak_pass.rb.txt
Description:	This Metasploit module exploits a weak password vulnerability in the Lyris ListManager MSDE install. During installation, the 'sa' account password is set to 'lminstall'. Once the install completes, it is set to 'lyris' followed by the process ID of the installer. This Metasploit module brute forces all possible process IDs that would be used by the installer.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	2155
Related OSVDB(s):	21559
Related CVE(s):	CVE-2005-4145
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	864f7fbdc2116d42407934a82f15897c

/// File Name:	talkative_response.rb.txt
Description:	This Metasploit module exploits a stack overflow in Talkative IRC v0.4.4.16. When a specially crafted response string is sent to a client, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2144
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	d93e30391ddb0025da084ef139084cb2

/// File Name:	acdsee_xpm.rb.txt
Description:	This Metasploit module exploits a buffer overflow in ACDSee 9.0. When viewing a malicious XPM file with the ACDSee product, a remote attacker could overflow a buffer and execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2140
Related OSVDB(s):	35236
Related CVE(s):	CVE-2007-2193
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	6eeadc6c451782b8faeb52b6fe8d2a03

/// File Name:	sapdb_webtools.rb.txt
Description:	This Metasploit module exploits a stack overflow in SAP DB 7.4 WebTools. By sending an overly long GET request, it may be possible for an attacker to execute arbitrary code. Using the PAYLOAD of windows/shell_bind_tcp or windows/shell_reverse_tcp allows for the most reliable results.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2126
Related OSVDB(s):	37838
Related CVE(s):	CVE-2007-3614
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	f7aad34dc11523f1e10b33fad8d02fe1

/// File Name:	realvnc_client.rb.txt
Description:	This Metasploit module exploits a buffer overflow in RealVNC 3.3.7 (vncviewer.exe).
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2119
Related OSVDB(s):	6281
Related CVE(s):	CVE-2001-0167
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	a2ab91c2999848db0a2107619477ce53

/// File Name:	zinfaudioplayer221_pls.rb.txt
Description:	This Metasploit module exploits a stack-based buffer overflow in the Zinf Audio Player 2.2.1. An attacker must send the file to victim and the victim must open the file. Alternatively it may be possible to execute code remotely via an embedded PLS file within a browser, when the PLS extension is registered to Zinf. This functionality has not been tested in this module.
Author:	Trancek,patrick
Homepage:	http://www.metasploit.com
File Size:	2118
Related OSVDB(s):	10416
Related CVE(s):	CVE-2004-0964
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	1d1c57bbc1ec6b8431af215bb1409c7a

/// File Name:	mirc_irc_url.rb.txt
Description:	This Metasploit module exploits a stack overflow in mIRC 6.1. By submitting an overly long and specially crafted URL to the 'irc' protocol, an attacker can overwrite the buffer and control program execution.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2114
Related OSVDB(s):	2665
Related CVE(s):	CVE-2003-1336
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	c76f69b90bd7a20ae67be7001a6dca48

/// File Name:	message_engine_heap.rb.txt
Description:	This Metasploit module exploits a heap overflow in Computer Associates BrightStor ARCserve Backup 11.5. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2098
Related OSVDB(s):	29533
Related CVE(s):	CVE-2006-5143
Last Modified:	Oct 30 17:01:12 2009
MD5 Checksum:	30bae2aad319eca435b874c4335b8515