Section: .. / 0911-exploits /

Page 9 of 18
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 >> Files 200 - 225 of 449

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	videolan_tivo.rb.txt
Description:	This Metasploit module exploits a buffer overflow in VideoLAN VLC 0.9.4. By creating a malicious TY file, a remote attacker could overflow a buffer and execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2653
Related OSVDB(s):	49181
Related CVE(s):	CVE-2008-4654
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	a0a342f35b74298fffac9e02e6777cdb

/// File Name:	osb_ndmp_auth.rb.txt
Description:	The module exploits a stack overflow in Oracle Secure Backup. When sending a specially crafted NDMP_CONNECT_CLIENT_AUTH packet, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2646
Related OSVDB(s):	51340
Related CVE(s):	CVE-2008-5444
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	fddd4904ec29cd341e1b063cecfe53e9

/// File Name:	ms08_041_snapshotviewer.rb.txt
Description:	This Metasploit module allows remote attackers to place arbitrary files on a users file system via the Microsoft Office Snapshot Viewer ActiveX Control.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2638
Related OSVDB(s):	46749
Related CVE(s):	CVE-2008-2463
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	54e6e6213f3dbbdca7fa19ccd4216581

/// File Name:	realplayer_smil.rb.txt
Description:	This Metasploit module exploits a stack overflow in RealNetworks RealPlayer 10 and 8. By creating a URL link to a malicious SMIL file, a remote attacker could overflow a buffer and execute arbitrary code. When using this module, be sure to set the URIPATH with an extension of '.smil'. This Metasploit module has been tested with RealPlayer 10 build 6.0.12.883 and RealPlayer 8 build 6.0.9.584.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2638
Related OSVDB(s):	14305
Related CVE(s):	CVE-2005-0455
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	2b5b268dbf2f48b35eb3c346ec3282d1

/// File Name:	symantec_rtvscan.rb.txt
Description:	This Metasploit module exploits a stack overflow in Symantec Client Security 3.0.x. This Metasploit module has only been tested against Symantec Client Security 3.0.2 build 10.0.2.2000.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2631
Related OSVDB(s):	25846
Related CVE(s):	CVE-2006-2630
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	728688ce2820f18640eab13e02d1cc72

/// File Name:	phd-xss.txt
Description:	PHD Help Desk version 1.43 suffers from cross site scripting vulnerabilities.
Author:	Amol Naik
File Size:	2628
Last Modified:	Nov 18 10:07:17 2009
MD5 Checksum:	fe58ab446a9f7bcfa607aabf344d1459

/// File Name:	minishare_get_overflow.rb.txt
Description:	This is a simple buffer overflow for the minishare web server. This flaw affects all versions prior to 1.4.2. This is a plain stack overflow that requires a "jmp esp" to reach the payload, making this difficult to target many platforms at once. This Metasploit module has been successfully tested against 1.4.1. Version 1.3.4 and below do not seem to be vulnerable.
Author:	acaro
Homepage:	http://www.metasploit.com
File Size:	2622
Related OSVDB(s):	11530
Related CVE(s):	CVE-2004-2271
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	0a585e008afc05253dafa670d80fa4b2

/// File Name:	sentinel_lm7_udp.rb.txt
Description:	This Metasploit module exploits a simple stack overflow in the Sentinel License Manager. The SentinelLM service is installed with a wide selection of products and seems particular popular with academic products. If the wrong target value is selected, the service will crash and not restart.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	2621
Related OSVDB(s):	14605
Related CVE(s):	CVE-2005-0353
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	0bfef000329c917fbe457948c9038027

/// File Name:	trendmicro_officescan.rb.txt
Description:	This Metasploit module exploits a stack overflow in Trend Micro OfficeScan cgiChkMasterPwd.exe (running with SYSTEM privileges).
Author:	toto
Homepage:	http://www.metasploit.com
File Size:	2616
Related OSVDB(s):	42499
Related CVE(s):	CVE-2008-1365
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	0fa2dd3a389864092f1420e5603eb2b9

/// File Name:	orbit_connecting.rb.txt
Description:	This Metasploit module exploits a stack overflow in Orbit Downloader 2.8.4. When an attacker serves up a malicious web site, arbitrary code may be executed. The PAYLOAD windows/shell_bind_tcp works best.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2612
Related OSVDB(s):	52294
Related CVE(s):	CVE-2009-0187
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	1a99975be54b85c979da853c728b0314

/// File Name:	lyften-sql.txt
Description:	The Joomla Lyftenbloggie component version 1.0.4 suffers from a remote SQL injection vulnerability.
Author:	kaMtiEz
Homepage:	http://www.indonesiancoder.com/
File Size:	2610
Last Modified:	Nov 27 16:19:37 2009
MD5 Checksum:	cb9da27b63591515c16b9f892ee1dd0a

/// File Name:	punbbea-sql.txt
Description:	PunBB Extension Attachment versions 1.0.2 and below remote SQL injection exploit.
Author:	puret_t
File Size:	2610
Last Modified:	Nov 3 17:50:06 2009
MD5 Checksum:	3136893c3e21b9386a98aee65020cddb

/// File Name:	nis2004_get.rb.txt
Description:	This Metasploit module exploits a stack overflow in the ISAlertDataCOM ActiveX Control (ISLAert.dll) provided by Symantec Norton Internet Security 2004. By sending a overly long string to the "Get()" method, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2609
Related OSVDB(s):	36164
Related CVE(s):	CVE-2007-1689
Last Modified:	Oct 30 17:01:26 2009
MD5 Checksum:	27fa43c7a6bc6ad0adaf06f90417e613

/// File Name:	oracle9i_xdb_ftp_unlock.rb.txt
Description:	By passing an overly long token to the UNLOCK command, a stack based buffer overflow occurs.
Author:	David Litchfield,MC
Homepage:	http://www.metasploit.com
File Size:	2591
Related OSVDB(s):	2449
Related CVE(s):	CVE-2003-0727
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	7d14265dbae5952c543d354d372ba779

/// File Name:	ask_shortformat.rb.txt
Description:	This Metasploit module exploits a stack overflow in Ask.com Toolbar 4.0.2.53. An attacker may be able to execute arbitrary code by sending an overly long string to the "ShortFormat()" method in askbar.dll.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2590
Related OSVDB(s):	37735
Related CVE(s):	CVE-2007-5107
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	6468ef0292a337f26024734a3db1ef31

/// File Name:	whois20-xss.txt
Description:	Whois Server version 2.0 suffers from a cross site scripting vulnerability.
Author:	ViRuS_HiMa
File Size:	2584
Last Modified:	Nov 2 23:49:41 2009
MD5 Checksum:	9f65ac534da1e6ae1755d1f9813b3467

/// File Name:	enjoysapgui_preparetoposthtml.rb.tx..>
Description:	This Metasploit module exploits a stack overflow in SAP KWEdit ActiveX Control (kwedit.dll 6400.1.1.41) provided by EnjoySAP GUI. By sending an overly long string to the "PrepareToPostHTML()" method, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2576
Related OSVDB(s):	37690
Related CVE(s):	CVE-2007-3605
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	7978a58a00e2234e8a0e6c0a253167fd

/// File Name:	privatewire_gateway.rb.txt
Description:	This exploits a buffer overflow in the ADMCREG.EXE used in the PrivateWire Online Registration Facility.
Author:	Michael Thumann
Homepage:	http://www.metasploit.com
File Size:	2570
Related OSVDB(s):	26861
Related CVE(s):	CVE-2006-3252
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	881423333005da6b9fe1fac5cec489b8

/// File Name:	ipswitch_wug_maincfgret.rb.txt
Description:	This Metasploit module exploits a buffer overflow in IPswitch WhatsUp Gold 8.03. By posting a long string for the value of 'instancename' in the _maincfgret.cgi script an attacker can overflow a buffer and execute arbitrary code on the system.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2569
Related OSVDB(s):	9177
Related CVE(s):	CVE-2004-0798
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	851870ad39f09f0a7e32667d593fb934

/// File Name:	blazedvd_plf.rb.txt
Description:	This Metasploit module exploits a stack over flow in BlazeDVD 5.1. When the application is used to open a specially crafted plf file, a buffer is overwritten allowing for the execution of arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2568
Last Modified:	Oct 30 17:01:38 2009
MD5 Checksum:	4b192fd114bdfab3ca86f73ff8eea814

/// File Name:	ms04_031_netdde.rb.txt
Description:	This Metasploit module exploits a stack overflow in the NetDDE service, which is the precursor to the DCOM interface. This exploit effects only operating systems released prior to Windows XP SP1 (2000 SP4, XP SP0). Despite Microsoft's claim that this vulnerability can be exploited without authentication, the NDDEAPI pipe is only accessible after successful authentication.
Author:	Pusscat
Homepage:	http://www.metasploit.com
File Size:	2561
Related OSVDB(s):	10689
Related CVE(s):	CVE-2004-0206
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	9b025b23453841c969d4b4cbc72b769c

/// File Name:	3cdaemon_ftp_user.rb.txt
Description:	This Metasploit module exploits a vulnerability in the 3Com 3CDaemon FTP service. This package is being distributed from the 3Com web site and is recommended in numerous support documents. This Metasploit module uses the USER command to trigger the overflow.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	2555
Related OSVDB(s):	12810,12811
Related CVE(s):	CVE-2005-0277
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	e239adfc397826851ade8a440f39721d

/// File Name:	hploadrunner.rb.txt
Description:	This Metasploit module exploits a stack overflow in Persists Software Inc's XUpload ActiveX control(version 2.1.0.1) thats included in HP LoadRunner 9.0. By passing an overly long string to the AddFolder method, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2552
Related OSVDB(s):	39901
Related CVE(s):	CVE-2007-6530
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	457ae3781adc6fd4411aab52dc3aa8d2

/// File Name:	zenturiprogramchecker_unsafe.rb.txt
Description:	This Metasploit module allows remote attackers to place arbitrary files on a users file system via the Zenturi ProgramChecker sasatl.dll (1.5.0.531) ActiveX Control.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2551
Related OSVDB(s):	36715
Related CVE(s):	CVE-2007-2987
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	fa90bced50b70ab0479128a61fecbd4f

/// File Name:	yahoomessenger_fvcom.rb.txt
Description:	This Metasploit module exploits a stack overflow in the Yahoo! Messenger ActiveX Control (YVerInfo.dll <= 2006.8.24.1). By sending a overly long string to the "fvCom()" method from a yahoo.com domain, an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2543
Related OSVDB(s):	37739
Related CVE(s):	CVE-2007-4515
Last Modified:	Nov 25 19:34:53 2009
MD5 Checksum:	dea034f9c7b95f76b013b4b281eae1cf