Section:  .. / 0911-exploits  /

Page 8 of 18
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 >> Files 175 - 200 of 449
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: mirc_privmsg_server.rb.txt
Description:
 This Metasploit module exploits a buffer overflow in the mIRC IRC Client v6.34 and earlier. By enticing a mIRC user to connect to this server module, an excessively long PRIVMSG command can be sent, overwriting the stack. Due to size restrictions, ordinal payloads may be necessary. This Metasploit module is based on the code by SkD.
Author:patrick
Homepage:http://www.metasploit.com
File Size:2883
Related OSVDB(s):48752
Related CVE(s):CVE-2008-4449
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:1fa2d5200e77bdabfce3997f80846de0

 ///  File Name: nsiislog_post.rb.txt
Description:
 This exploits a buffer overflow found in the nsiislog.dll ISAPI filter that comes with Windows Media Server. This Metasploit module will also work against the 'patched' MS03-019 version. This vulnerability was addressed by MS03-022.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:2879
Related OSVDB(s):4535
Related CVE(s):CVE-2003-0349
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:dba62c8353b819b884473034652946c3

 ///  File Name: sami_ftpd_user.rb.txt
Description:
 This Metasploit module exploits the KarjaSoft Sami FTP Server version 2.02 by sending an excessively long USER string. The stack is overwritten when the administrator attempts to view the FTP logs. Therefore, this exploit is passive and requires end-user interaction. Keep this in mind when selecting payloads. When the server is restarted, it will re-execute the exploit until the logfile is manually deleted via the file system.
Author:patrick
Homepage:http://www.metasploit.com
File Size:2878
Related OSVDB(s):25670
Related CVE(s):CVE-2006-0441, CVE-2006-2212
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:cdd873f272de57650477e7e4afc1c838

 ///  File Name: tumbleweed_filetransfer.rb.txt
Description:
 This Metasploit module exploits a stack overflow in the vcst_eu.dll FileTransfer Module (1.0.0.5) ActiveX control in the Tumbleweed SecureTransport suite. By sending an overly long string to the TransferFile() 'remotefile' function, an attacker may be able to execute arbitrary code.
Author:patrick
Homepage:http://www.metasploit.com
File Size:2868
Related OSVDB(s):44252
Related CVE(s):CVE-2008-1724
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:c8cfde564e8077dc5285fa8ec5263ab1

 ///  File Name: shoutcast_format.rb.txt
Description:
 This Metasploit module exploits a format string vulnerability in the Nullsoft SHOUTcast server for Windows. The vulnerability is triggered by requesting a file path that contains format string specifiers. This vulnerability was discovered by Tomasz Trojanowski and Damian Put.
Author:MC
Homepage:http://www.metasploit.com
File Size:2864
Related OSVDB(s):12585
Related CVE(s):CVE-2004-1373
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:701edb6431e0df222813fa3a50ede484

 ///  File Name: ea_checkrequirements.rb.txt
Description:
 This Metasploit module exploits a stack overflow in Electronic Arts SnoopyCtrl ActiveX Control (NPSnpy.dll 1.1.0.36). When sending a overly long string to the CheckRequirements() method, an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2862
Related CVE(s):CVE-2007-4466
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:8623cbf18a6812ebea296ffd3ec2611f

 ///  File Name: icecast_header.rb.txt
Description:
 This Metasploit module exploits a buffer overflow in the header parsing of icecast, discovered by Luigi Auriemma. Sending 32 HTTP headers will cause a write one past the end of a pointer array.
Author:Luigi Auriemma,spoonm
Homepage:http://www.metasploit.com
File Size:2858
Related OSVDB(s):10406
Related CVE(s):CVE-2004-1561
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:960f5912bae318348be86d784228f9e1

 ///  File Name: xmeasypersonal58-dos.txt
Description:
 XM Easy Personal FTP Server version 5.8.0 remote denial of service exploit that makes use of APPE and DELE.
Author:zhangmc
File Size:2849
Last Modified:Nov 18 08:06:31 2009
MD5 Checksum:e187a0c5da0e7540e483e15b1c65455a

 ///  File Name: fb_svc_attach.rb.txt
Description:
 This Metasploit module exploits a stack overflow in Borland InterBase by sending a specially crafted service attach request.
Author:Adriano Lima,Ramon de Carvalho Valle
Homepage:http://www.metasploit.com
File Size:2845
Related OSVDB(s):38605
Related CVE(s):CVE-2007-5243
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:1ea324be8ea8e7ff7f474978dc9d54e0

 ///  File Name: apache_mod_rewrite_ldap.rb.txt
Description:
 This Metasploit module exploits the mod_rewrite LDAP protocol scheme handling flaw discovered by Mark Dowd, which produces an off-by-one overflow. Apache versions 1.3.29-36, 2.0.47-58, and 2.2.1-2 are vulnerable. This Metasploit module requires REWRITEPATH to be set accurately. In addition, the target must have 'RewriteEngine on' configured, with a specific 'RewriteRule' condition enabled to allow for exploitation. The flaw affects multiple platforms, however this module currently only supports Windows based installations.
Author:patrick
Homepage:http://www.metasploit.com
File Size:2837
Related OSVDB(s):27588
Related CVE(s):CVE-2006-3747
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:24ecf483512ef6982eb1b227d15ee15a

 ///  File Name: ca_cab.rb.txt
Description:
 This Metasploit module exploits a stack overflow in CA eTrust Antivirus 8.1.637. By creating a specially crafted CAB file, an an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2810
Related CVE(s):CVE-2007-2864
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:487bf159b57f26a38ad1fffaedebfde7

 ///  File Name: ms03_049_netapi.rb.txt
Description:
 This Metasploit module exploits a stack overflow in the NetApi32 NetAddAlternateComputerName function using the Workstation service in Windows XP.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:2803
Related OSVDB(s):11461
Related CVE(s):CVE-2003-0812
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:ea4f686fb538ac66a66f102c872d636a

 ///  File Name: yahoomessenger_server.rb.txt
Description:
 This Metasploit module exploits a stack overflow in the Yahoo! Webcam Upload ActiveX Control (ywcupl.dll) provided by Yahoo! Messenger version 8.1.0.249. By sending a overly long string to the "Server()" method, and then calling the "Send()" method, an attacker may be able to execute arbitrary code. Using the payloads "windows/shell_bind_tcp" and "windows/shell_reverse_tcp" yield for the best results.
Author:MC
Homepage:http://www.metasploit.com
File Size:2788
Related OSVDB(s):37082
Related CVE(s):CVE-2007-3147
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:c1b692e2fd9cdc7f4b299374fbdab230

 ///  File Name: ms07_064_sami.rb.txt
Description:
 This Metasploit module exploits a stack overflow in the DirectShow Synchronized Accessible Media Interchanged (SAMI) parser in quartz.dll. This Metasploit module has only been tested with Windows Media Player (6.4.09.1129) and DirectX 8.0.
Author:MC
Homepage:http://www.metasploit.com
File Size:2787
Related OSVDB(s):39126
Related CVE(s):CVE-2007-3901
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:988b11f0121a564e366bd17fda30c525

 ///  File Name: simplog-xssxsrf.txt
Description:
 Simplog version 0.9.3.2 suffers from cross site scripting and cross site request forgery vulnerabilities.
Author:Amol Naik
File Size:2782
Last Modified:Nov 18 10:04:43 2009
MD5 Checksum:57f65fc265203800577b00cd794815f8

 ///  File Name: ms01_023_printer.rb.txt
Description:
 This exploits a buffer overflow in the request processor of the Internet Printing Protocol ISAPI module in IIS. This Metasploit module works against Windows 2000 service pack 0 and 1. If the service stops responding after a successful compromise, run the exploit a couple more times to completely kill the hung process.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:2770
Related OSVDB(s):3323
Related CVE(s):CVE-2001-0241
Last Modified:Oct 30 17:02:03 2009
MD5 Checksum:011eb5cfc9ca3a9b443ef09d69cb9770

 ///  File Name: typsoftappe-dos.txt
Description:
 TYPSoft FTP server remote denial of service exploit that makes use of APPE and DELE.
Author:leinakesi
File Size:2716
Last Modified:Nov 24 16:13:35 2009
MD5 Checksum:8b1d7287f245cbe66efa28c5298747cc

 ///  File Name: sybase_easerver.rb.txt
Description:
 This Metasploit module exploits a stack overflow in the Sybase EAServer Web Console. The offset to the SEH frame appears to change depending on what version of Java is in use by the remote server, making this exploit somewhat unreliable.
Author:anonymous
Homepage:http://www.metasploit.com
File Size:2709
Related OSVDB(s):17996
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:022610843921f687d371180e3385f1eb

 ///  File Name: putty_msg_debug.rb.txt
Description:
 This Metasploit module exploits a buffer overflow in the PuTTY SSH client that is triggered through a validation error in SSH.c.
Author:MC
Homepage:http://www.metasploit.com
File Size:2707
Related OSVDB(s):8044
Related CVE(s):CVE-2002-1359
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:65ee1cd53af36dfa1d31dcd33abf4058

 ///  File Name: netterm_netftpd_user.rb.txt
Description:
 This Metasploit module exploits a vulnerability in the NetTerm NetFTPD application. This package is part of the NetTerm package. This Metasploit module uses the USER command to trigger the overflow.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:2690
Related OSVDB(s):15865
Related CVE(s):CVE-2005-1323
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:39884793a1e92b69ca6683832a08c846

 ///  File Name: tns_service_name.rb.txt
Description:
 This Metasploit module exploits a stack overflow in Oracle. When sending a specially crafted packet containing a long SERVICE_NAME to the TNS service, an attacker may be able to execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2677
Related OSVDB(s):5041
Related CVE(s):CVE-2002-0965
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:4e9f9b8ec86d6e666d074a278dd0d55e

 ///  File Name: mohaa_getinfo.rb.txt
Description:
 This Metasploit module exploits a stack based buffer overflow in the getinfo command of Medal Of Honor Allied Assault.
Author:Jacopo Cervini
Homepage:http://www.metasploit.com
File Size:2669
Related OSVDB(s):8061
Related CVE(s):CVE-2004-0735
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:f7cabe5295747588e5f6653262b511da

 ///  File Name: maxdb_webdbm_get_overflow.rb.txt
Description:
 This Metasploit module exploits a stack overflow in the MaxDB WebDBM service. This service is included with many recent versions of the MaxDB and SAPDB products. This particular module is capable of exploiting Windows systems through the use of an SEH frame overwrite. The offset to the SEH frame may change depending on where MaxDB has been installed, this module assumes a web root path with the same length as: C:\\Program Files\\sdb\\programs\\web\\Documents
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:2668
Related OSVDB(s):15816
Related CVE(s):CVE-2005-0684
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:e3ef8665099910df82532e192c7e0725

 ///  File Name: ms02_039_slammer.rb.txt
Description:
 This is an exploit for the SQL Server 2000 resolution service buffer overflow. This overflow is triggered by sending a udp packet to port 1434 which starts with 0x04 and is followed by long string terminating with a colon and a number. This Metasploit module should work against any vulnerable SQL Server 2000 or MSDE install (pre-SP3).
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:2659
Related OSVDB(s):4578
Related CVE(s):CVE-2002-0649
Last Modified:Oct 30 17:02:23 2009
MD5 Checksum:aefc402bff82ed6effa9174fe4f05a77

 ///  File Name: vuplayer_m3u.rb.txt
Description:
 This Metasploit module exploits a stack over flow in VUPlayer <= 2.49. When the application is used to open a specially crafted m3u file, an buffer is overwritten allowing for the execution of arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2657
Related CVE(s):CVE-2006-6251
Last Modified:Nov 25 19:34:53 2009
MD5 Checksum:361a558ba73d21a13817ff2170f079ea