Section: .. / 0912-exploits /

Page 4 of 25
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 >> Files 75 - 100 of 600

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	millenium_mp3_pls.rb.txt
Description:	This Metasploit module exploits a stack-based buffer overflow in Millenium MP3 Studio 2.0. An attacker must send the file to victim and the victim must open the file. Alternatively it may be possible to execute code remotely via an embedded PLS file within a browser, when the PLS extension is registered to Millenium MP3 Studio. This functionality has not been tested in this module.
Author:	Molotov,dookie,jduck
Homepage:	http://www.metasploit.com
File Size:	2425
Related OSVDB(s):	56574
Last Modified:	Dec 30 21:51:38 2009
MD5 Checksum:	6906110c70d892047b7a514680e7e319

/// File Name:	mediajukebox.rb.txt
Description:	This Metasploit module exploits a stack overflow in Media Jukebox 8.0.400. By creating a specially crafted m3u or pls file, an attacker may be able to execute arbitrary code.
Author:	Ron Henry,dijital1
Homepage:	http://www.metasploit.com
File Size:	1978
Related OSVDB(s):	55924
Related CVE(s):	CVE-2009-2650
Last Modified:	Dec 30 21:50:44 2009
MD5 Checksum:	83dfac98d5afc2aa8608e1cd36fa1f55

/// File Name:	xenorate_xpl_bof.rb.txt
Description:	This Metasploit module exploits a stack overflow in Xenorate 2.50 By creating a specially crafted xpl file, an an attacker may be able to execute arbitrary code.
Author:	germaya_x,hack4love,jduck,loneferret
Homepage:	http://www.metasploit.com
File Size:	1917
Related OSVDB(s):	57162
Last Modified:	Dec 30 21:50:08 2009
MD5 Checksum:	b4561208ad152d24c3ec1b0cdea1c04c

/// File Name:	adobe_u3d_meshdecl.rb.txt
Description:	This Metasploit module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.4, < 8.1.7, and < 9.2. By creating a specially crafted pdf that a contains malformed U3D data, an attacker may be able to execute arbitrary code.
Author:	Felipe Andres Manzano,jduck
Homepage:	http://www.metasploit.com
File Size:	14477
Related OSVDB(s):	58912
Related CVE(s):	CVE-2009-2994
Last Modified:	Dec 30 21:49:33 2009
MD5 Checksum:	ba8b7c25d1f145cbbf6557d8d97daa6c

/// File Name:	windows-browser-adobe_media_newplay..>
Description:	This Metasploit module exploits a use after free vulnerability in Adobe Reader and Adobe Acrobat Professional versions up to and including 9.2.
Author:	H D Moore,Joshua D Abraham,Pusscat,jduck
Homepage:	http://www.metasploit.com
File Size:	5646
Related OSVDB(s):	60980
Related CVE(s):	CVE-2009-4324
Last Modified:	Dec 30 21:48:52 2009
MD5 Checksum:	44af4761af5272cb4f818225e4db4716

/// File Name:	windows-fileformat-adobe_media_newp..>
Description:	This Metasploit module exploits a use after free vulnerability in Adobe Reader and Adobe Acrobat Professional versions up to and including 9.2.
Author:	H D Moore,Pusscat,jduck
Homepage:	http://www.metasploit.com
File Size:	5572
Related OSVDB(s):	60980
Related CVE(s):	CVE-2009-4324
Last Modified:	Dec 30 21:48:23 2009
MD5 Checksum:	bc70df3d8e5b6c647e190e6911d48d20

/// File Name:	windows-browser-adobe_flatedecode_p..>
Description:	This Metasploit module exploits an integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions before 9.2.
Author:	Joshua D Abraham,jduck
Homepage:	http://www.metasploit.com
File Size:	6410
Related OSVDB(s):	58729
Related CVE(s):	CVE-2009-3459
Last Modified:	Dec 30 21:47:36 2009
MD5 Checksum:	0c17e02e00e4ecd3235b2f89100423bd

/// File Name:	windows-fileformat-adobe_flatedecod..>
Description:	This Metasploit module exploits an integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions before 9.2.
Author:	jduck
Homepage:	http://www.metasploit.com
File Size:	6299
Related OSVDB(s):	58729
Related CVE(s):	CVE-2009-3459
Last Modified:	Dec 30 21:45:44 2009
MD5 Checksum:	803ecd76d10f8d20f5aa9805f998eef9

/// File Name:	solaris-samba-trans2open.rb.txt
Description:	This exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8. This particular module is capable of exploiting the flaw on Solaris SPARC systems that do not have the noexec stack option set. Big thanks to MC and valsmith for resolving a problem with the beta version of this module.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	4348
Related OSVDB(s):	4469
Related CVE(s):	CVE-2003-0201
Last Modified:	Dec 30 21:45:15 2009
MD5 Checksum:	5977afd803b48cf86e1c92220d95e3fb

/// File Name:	osx-samba-trans2open.rb.txt
Description:	This exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8. This particular module is capable of exploiting the bug on Mac OS X PowerPC systems.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	2735
Related OSVDB(s):	4469
Related CVE(s):	CVE-2003-0201
Last Modified:	Dec 30 21:44:49 2009
MD5 Checksum:	e4ea02c3338a460353153d443eaff685

/// File Name:	mini_stream.rb.txt
Description:	This Metasploit module exploits a stack overflow in Mini-Stream 3.0.1.1 By creating a specially crafted pls file, an an attacker may be able to execute arbitrary code.
Author:	Corlan Security Team,Ron Henry,dijital1
Homepage:	http://www.metasploit.com
File Size:	2056
Related OSVDB(s):	61341
Last Modified:	Dec 30 21:32:40 2009
MD5 Checksum:	98893ab6842fdf1f1b5d57b65421204e

/// File Name:	safenet_softremote_groupname.rb.txt
Description:	This Metasploit module exploits a stack overflow in SafeNet SoftRemote Security Policy Editor <= 10.8.5. When an attacker creates a specially formatted security policy with an overly long GROUPNAME argument, it is possible to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	9777
Related OSVDB(s):	59660
Related CVE(s):	CVE-2009-3861
Last Modified:	Dec 30 21:32:09 2009
MD5 Checksum:	533bd5bff1dfbd68ae456fb7c93f18f4

/// File Name:	hhw_hhp_compiledfile_bof.rb.txt
Description:	This Metasploit module exploits a stack overflow in HTML Help Workshop 4.74. By creating a specially crafted hhp file, an an attacker may be able to execute arbitrary code.
Author:	bratax,jduck
Homepage:	http://www.metasploit.com
File Size:	2195
Last Modified:	Dec 30 21:31:05 2009
MD5 Checksum:	f63c34298c18248670c5f0a5ecb0c855

/// File Name:	hhw_hhp_indexfile_bof.rb.txt
Description:	This Metasploit module exploits a stack overflow in HTML Help Workshop 4.74 By creating a specially crafted hhp file, an an attacker may be able to execute arbitrary code.
Author:	Encrypt3d.M!nd,jduck,loneferret
Homepage:	http://www.metasploit.com
File Size:	2297
Related OSVDB(s):	22941
Related CVE(s):	CVE-2009-0133
Last Modified:	Dec 30 21:28:51 2009
MD5 Checksum:	1bf1efc823d05c7b6a43b4662e38a24b

/// File Name:	ms03_046_exchange2000_xexch50.rb.tx..>
Description:	This is an exploit for the Exchange 2000 heap overflow. Due to the nature of the vulnerability, this exploit is not very reliable. This Metasploit module has been tested against Exchange 2000 SP0 and SP3 running a Windows 2000 system patched to SP4. It normally takes between one and 100 connection attempts to successfully obtain a shell. This exploit is very unreliable.
Author:	H D Moore,patrick
Homepage:	http://www.metasploit.com
File Size:	5600
Related OSVDB(s):	2674
Related CVE(s):	CVE-2003-0714
Last Modified:	Dec 30 21:27:04 2009
MD5 Checksum:	04b5da0fb13c72f42f0f285a8edfb33d

/// File Name:	dialup.rb.txt
Description:	This exploit connects to a system's modem over dialup and provides the user with a readout of the login banner.
Author:	I)ruid
Homepage:	http://www.metasploit.com
File Size:	1119
Last Modified:	Dec 30 21:10:22 2009
MD5 Checksum:	26229e964cb844cb5438555308f29b10

/// File Name:	wuftpd_site_exec_format.rb.txt
Description:	This Metasploit module exploits a format string vulnerability in versions of the Washington University FTP server older than 2.6.1. By executing specially crafted SITE EXEC or SITE INDEX commands containing format specifiers, an attacker can corrupt memory and execute arbitrary code.
Author:	jduck
Homepage:	http://www.metasploit.com
File Size:	7986
Related OSVDB(s):	11805
Related CVE(s):	CVE-2000-0573
Last Modified:	Dec 30 21:09:02 2009
MD5 Checksum:	871d36694308fe805ed39b9d0996a50a

/// File Name:	java_setdifficm_bof.rb.txt
Description:	This Metasploit module exploits a flaw in the setDiffICM function in the Sun JVM. The payload is serialized and passed to the applet via PARAM tags. It must be a native payload. The effected Java versions are JDK and JRE 6 Update 16 and earlier, JDK and JRE 5.0 Update 21 and earlier, SDK and JRE 1.4.2_23 and earlier, and SDK and JRE 1.3.1_26 and earlier. NOTE: Although all of the above versions are reportedly vulnerable, only 1.6.0_u11 and 1.6.0_u16 on Windows XP SP3 were tested.
Author:	jduck
Homepage:	http://www.metasploit.com
File Size:	5556
Related OSVDB(s):	59710
Related CVE(s):	CVE-2009-3869
Last Modified:	Dec 30 21:06:30 2009
MD5 Checksum:	50b1436fb0943fc3b430eb89224fdb18

/// File Name:	java_getsoundbank_bof.rb.txt
Description:	This Metasploit module exploits a flaw in the getSoundbank function in the Sun JVM. The payload is serialized and passed to the applet via PARAM tags. It must be a native payload. The effected Java versions are JDK and JRE 6 Update 16 and earlier, JDK and JRE 5.0 Update 21 and earlier, SDK and JRE 1.4.2_23 and earlier, and SDK and JRE 1.3.1_26 and earlier. NOTE: Although all of the above versions are reportedly vulnerable, only 1.6.0_u11 and 1.6.0_u16 on Windows XP SP3 were tested.
Author:	Kevin Finisterre
Homepage:	http://www.metasploit.com
File Size:	5544
Related OSVDB(s):	59711
Related CVE(s):	CVE-2009-3867
Last Modified:	Dec 30 21:05:43 2009
MD5 Checksum:	a4f20e563a81acc21752e47601b937da

/// File Name:	itms_overflow.rb.txt
Description:	This Metasploit modules exploits a stack-based buffer overflow in iTunes itms:// URL parsing. It is accessible from the browser and in Safari, itms urls will be opened in iTunes automatically. Because iTunes is multithreaded, only vfork-based payloads should be used.
Author:	Will Drewry
Homepage:	http://www.metasploit.com
File Size:	4404
Related OSVDB(s):	54833
Related CVE(s):	CVE-2009-0950
Last Modified:	Dec 30 21:03:13 2009
MD5 Checksum:	d663452fc085b9aad37f4ca6a390a754

/// File Name:	adobe_u3d_meshcont.rb.txt
Description:	This Metasploit module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.4, < 8.1.7, and < 9.2. By creating a specially crafted pdf that a contains malformed U3D data, an attacker may be able to execute arbitrary code.
Author:	Felipe Andres Manzano,jduck
Homepage:	http://www.metasploit.com
File Size:	16542
Related OSVDB(s):	58920
Related CVE(s):	CVE-2009-2990
Last Modified:	Dec 30 21:02:37 2009
MD5 Checksum:	9844696e7275b38abd75c6c7d49721f1

/// File Name:	software_update.rb.txt
Description:	This Metasploit module exploits a feature in the Distribution Packages, which are used in the Apple Software Update mechanism. This feature allows for arbitrary command execution through JavaScript. This exploit provides the malicious update server. Requests must be redirected to this server by other means for this exploit to work.
Author:	Moritz Jodeit
Homepage:	http://www.metasploit.com
File Size:	4521
Related OSVDB(s):	40722
Related CVE(s):	CVE-2007-5863
Last Modified:	Dec 30 20:18:16 2009
MD5 Checksum:	7b879a04778ae379b817963bf3b384d3

/// File Name:	phpbb_highlight.rb.txt
Description:	This Metasploit module exploits two arbitrary PHP code execution flaws in the phpBB forum system. The problem is that the 'highlight' parameter in the 'viewtopic.php' script is not verified properly and will allow an attacker to inject arbitrary code via preg_replace().
Author:	H D Moore,Patrick Webster,Val Smith
Homepage:	http://www.metasploit.com
File Size:	3453
Related OSVDB(s):	11719,17613
Related CVE(s):	CVE-2005-2086, CVE-2004-1315
Last Modified:	Dec 30 20:16:11 2009
MD5 Checksum:	218c8dd71901742151b5c25c52885e4e

/// File Name:	oscommerce_filemanager.rb.txt
Description:	osCommerce is a popular open source E-Commerce application. The admin console contains a file management utility that allows administrators to upload, download, and edit files. This could be abused to allow unauthenticated attackers to execute arbitrary code with the permissions of the webserver.
Author:	egypt
Homepage:	http://www.metasploit.com
File Size:	3577
Related OSVDB(s):	60018
Last Modified:	Dec 30 20:15:02 2009
MD5 Checksum:	3182e31e7b732ee6b1a9fd7995c97684

/// File Name:	phpmyadmin_config.rb.txt
Description:	This Metasploit module exploits a vulnerability in PhpMyAdmin's setup feature which allows an attacker to inject arbitrary PHP code into a configuration file. The original advisory says the vulnerability is present in phpMyAdmin versions 2.11.x < 2.11.9.5 and 3.x < 3.1.3.1; this module was tested on 3.0.1.1. The file where our payload is written (phpMyAdmin/config/config.inc.php) is not directly used by the system, so it may be a good idea to either delete it or copy the running config (phpMyAdmin/config.inc.php) over it after successful exploitation.
Author:	Greg Ose,PAgVac
Homepage:	http://www.metasploit.com
File Size:	4233
Related OSVDB(s):	53076
Related CVE(s):	CVE-2009-1151
Last Modified:	Dec 30 20:13:51 2009
MD5 Checksum:	daa773a35dac8ed474de87c4c695b7ea