Section: .. / 0911-exploits /

Page 7 of 18
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 >> Files 150 - 175 of 449

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	emc_appextender_keyworks.rb.txt
Description:	This Metasploit module exploits a stack overflow in the KeyWorks KeyHelp Activex Control (KeyHelp.ocx 1.2.3120.0). This Activex Control comes bundled with EMC's Documentation ApplicationXtender 5.4.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	3253
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	b5daa45fbbac1cf562cee6b0c7ed309a

/// File Name:	msworks_wkspictureinterface.rb.txt
Description:	The Microsoft Works ActiveX control (WkImgSrv.dll) could allow a remote attacker to execute arbitrary code on a system. By passing a negative integer to the WksPictureInterface method, an attacker could execute arbitrary code on the system with privileges of the victim. Change 168430090 /0X0A0A0A0A to 202116108 / 0x0C0C0C0C FOR IE6. This control is not marked safe for scripting, please choose your attack vector carefully.
Author:	dean
Homepage:	http://www.metasploit.com
File Size:	3244
Related OSVDB(s):	44458
Related CVE(s):	CVE-2008-1898
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	bcdb58bef1a3657bd1dfbb797f9b50ed

/// File Name:	mcafee_mcsubmgr_vsprintf.rb.txt
Description:	This Metasploit module exploits a flaw in the McAfee Subscription Manager ActiveX control. Due to an unsafe use of vsprintf, it is possible to trigger a stack overflow by passing a large string to one of the COM-exposed routines, such as IsAppExpired. This vulnerability was discovered by Karl Lynn of eEye.
Author:	skape
Homepage:	http://www.metasploit.com
File Size:	3216
Related OSVDB(s):	27698
Related CVE(s):	CVE-2006-3961
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	a12decca05d657650a2cc4c18d2aa4e2

/// File Name:	ms06_025_rras.rb.txt
Description:	This Metasploit module exploits a stack overflow in the Windows Routing and Remote Access Service. Since the service is hosted inside svchost.exe, a failed exploit attempt can cause other system services to fail as well. A valid username and password is required to exploit this flaw on Windows 2000.
Author:	H D Moore,Nicolas Pouvesle
Homepage:	http://www.metasploit.com
File Size:	3181
Related OSVDB(s):	26437
Related CVE(s):	CVE-2006-2370
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	3f6a2755ca9f5a1b98bfc7d24b10a14f

/// File Name:	php_mpfd_dos.py.txt
Description:	PHP MultiPart Form-Data denial of service proof of concept exploit.
Author:	Bogdan Calin
Homepage:	http://www.acunetix.com/
File Size:	3179
Last Modified:	Nov 23 17:59:34 2009
MD5 Checksum:	b4555aa2efb7d05c82139e182d1f8e15

/// File Name:	realplayer_import.rb.txt
Description:	This Metasploit module exploits a stack overflow in RealOne Player V2 Gold Build 6.0.11.853 and RealPlayer 10.5 Build 6.0.12.1483. By sending an overly long string to the "Import()" method, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	3168
Related OSVDB(s):	41430
Related CVE(s):	CVE-2007-5601
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	28ec5b2e4fb9fb6f4822464854ebdae1

/// File Name:	symantec_iao.rb.txt
Description:	This Metasploit module exploits a stack overflow in Intel Alert Originator Service msgsys.exe. When an attacker sends a specially crafted alert, arbitrary code may be executed.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	3152
Related CVE(s):	CVE-2009-1430
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	afdb296bf78973aaaf8bcab8d5c96233

/// File Name:	ms03_020_ie_objecttype.rb.txt
Description:	This Metasploit module exploits a vulnerability in Internet Explorer's handling of the OBJECT type attribute.
Author:	skape
Homepage:	http://www.metasploit.com
File Size:	3142
Related OSVDB(s):	2967
Related CVE(s):	CVE-2003-0344
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	d53d57fe5e180d621413bb31c7b3f342

/// File Name:	eshopbuilde-sql.txt
Description:	Eshopbuilde CMS suffers from a remote SQL injection vulnerability.
Author:	Isfahan University of Technology
File Size:	3127
Last Modified:	Nov 30 21:08:30 2009
MD5 Checksum:	d4f878caa4b12b9c3b7208512700c881

/// File Name:	mcafee_epolicy_source.rb.txt
Description:	This is an exploit for the McAfee HTTP Server (NAISERV.exe). McAfee ePolicy Orchestrator 2.5.1 <= 3.5.0 and ProtectionPilot 1.1.0 are known to be vulnerable. By sending a large 'Source' header, the stack can be overwritten. This Metasploit module is based on the exploit by xbxice and muts. Due to size constraints, this module uses the Egghunter technique. You may wish to adjust WfsDelay appropriately.
Author:	H D Moore,muts,patrick,xbxice
Homepage:	http://www.metasploit.com
File Size:	3123
Related OSVDB(s):	29421
Related CVE(s):	CVE-2006-5156
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	20f6347fee8fd448c8404aaf76680f61

/// File Name:	klinza-lfi.txt
Description:	Klinza versions 0.0.1 and below local file inclusion exploit.
Author:	cr4wl3r
File Size:	3117
Last Modified:	Nov 24 21:22:07 2009
MD5 Checksum:	de3f8987d24017bafe332d697abde3a1

/// File Name:	facebook_extractiptc.rb.txt
Description:	This Metasploit module exploits a stack overflow in Facebook Photo Uploader 4. By sending an overly long string to the "ExtractIptc()" property located in the ImageUploader4.ocx (4.5.57.0) Control, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	3099
Related OSVDB(s):	41073
Related CVE(s):	CVE-2008-5711
Last Modified:	Oct 30 17:01:18 2009
MD5 Checksum:	afb6e832377ff9482a38b2705422a3b6

/// File Name:	mswhale_checkforupdates.rb.txt
Description:	This Metasploit module exploits a stack overflow in Microsoft Whale Intelligent Application Gateway Whale Client. When sending an overly long string to CheckForUpdates() method of WhlMgr.dll (3.1.502.64) an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	3095
Related OSVDB(s):	53933
Related CVE(s):	CVE-2007-2238
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	a79d844fcce28ce4ca2f2e01d144f8bb

/// File Name:	corelanc0d3r_xion_xpsp3.pl.txt
Description:	Xion Audio Player version 1.0 build 121 local buffer overflow exploit.
Author:	corelanc0d3r
Related Exploit:	xionap-overflow.txt
File Size:	3076
Last Modified:	Nov 3 17:35:21 2009
MD5 Checksum:	23e8837a0bd388f45a51407c82508d0f

/// File Name:	rsa_webagent_redirect.rb.txt
Description:	This Metasploit module exploits a stack overflow in the SecurID Web Agent for IIS. This ISAPI filter runs in-process with inetinfo.exe, any attempt to exploit this flaw will result in the termination and potential restart of the IIS service.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	3030
Related OSVDB(s):	20151
Related CVE(s):	CVE-2005-4734
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	11717250820087d585d235ad373f2a29

/// File Name:	w3who_query.rb.txt
Description:	This Metasploit module exploits a stack overflow in the w3who.dll ISAPI application. This vulnerability was discovered Nicolas Gregoire and this code has been successfully tested against Windows 2000 and Windows XP (SP2). When exploiting Windows XP, the payload must call RevertToSelf before it will be able to spawn a command shell.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	3026
Related OSVDB(s):	12258
Related CVE(s):	CVE-2004-1134
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	89125aafc4fb654536650e438ab573ca

/// File Name:	ibmegath_getxmlvalue.rb.txt
Description:	This Metasploit module exploits a stack overflow in IBM Access Support. When sending an overly long string to the GetXMLValue() method of IbmEgath.dll (3.20.284.0) an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	3025
Related OSVDB(s):	52958
Related CVE(s):	CVE-2009-0215
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	2f2301a336dbfdee91f422c3664c854c

/// File Name:	ms_visual_basic_vbp.rb.txt
Description:	This Metasploit module exploits a stack oveflow in Microsoft Visual Basic 6.0. When a specially crafted vbp file containing a long reference line, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	3025
Related CVE(s):	CVE-2007-4776
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	c67c58f9ed43ab5964d86aca51104669

/// File Name:	altn_webadmin.rb.txt
Description:	Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM level privileges.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	3011
Related OSVDB(s):	2207
Related CVE(s):	CVE-2003-0471
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	074b91fb379203291975a7da1395ab4a

/// File Name:	fdm_torrent.rb.txt
Description:	This Metasploit module exploits a stack buffer overflow in Free Download Manager 3.0 Build 844. Arbitrary code execution could occur when parsing a specially crafted torrent file.
Author:	jduck
Homepage:	http://www.metasploit.com
File Size:	2994
Related OSVDB(s):	54033
Related CVE(s):	CVE-2009-0184
Last Modified:	Nov 18 09:05:38 2009
MD5 Checksum:	d509053d68044083f957a08904e9f036

/// File Name:	apple_quicktime_rtsp_response.rb.tx..>
Description:	This Metasploit module exploits a stack overflow in Apple QuickTime 7.3. By sending an overly long RTSP response to a client, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2991
Related OSVDB(s):	40876
Related CVE(s):	CVE-2007-6166
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	53ef97f1a29b0a357f71238f64bf8af4

/// File Name:	ypops_overflow1.rb.txt
Description:	This Metasploit module exploits a stack overflow in the YPOPS POP3 service. This is a classic stack overflow for YPOPS version 0.6. Possibly Affected version 0.5, 0.4.5.1, 0.4.5. Eip point to jmp ebx opcode in ws_32.dll
Author:	acaro
Homepage:	http://www.metasploit.com
File Size:	2911
Related OSVDB(s):	10367
Related CVE(s):	CVE-2004-1558
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	2b0d06582142c0801410f3c0cb9b8458

/// File Name:	nis2004_antispam.rb.txt
Description:	This Metasploit module exploits a stack overflow in Norton AntiSpam 2004. When sending an overly long string to the LaunchCustomRuleWizard() method of symspam.dll (2004.1.0.147) an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2908
Related OSVDB(s):	6249
Related CVE(s):	CVE-2004-0363
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	123387e04f4080e8c6add6b875c08b28

/// File Name:	macrovision_downloadandexecute.rb.t..>
Description:	This Metasploit module exploits a stack overflow in Macrovision InstallShield Update Service(Isusweb.dll 6.0.100.54472). By passing an overly long ProductCode string to the DownloadAndExecute method, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2906
Related OSVDB(s):	38347
Related CVE(s):	CVE-2007-5660
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	034b4cbcee2c4e79533c437059536541

/// File Name:	discovery_udp.rb.txt
Description:	This Metasploit module exploits a vulnerability in the CA BrightStor Discovery Service. This vulnerability occurs when a large request is sent to UDP port 41524, triggering a stack overflow.
Author:	H D Moore,patrick
Homepage:	http://www.metasploit.com
File Size:	2885
Related OSVDB(s):	13613
Related CVE(s):	CVE-2005-0260
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	73a5a5752dc68b5bbac67ec85dcbb0c6