Section: .. / 0912-exploits /

Page 1 of 25
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 >> Files 1 - 25 of 600

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	IIS-asp.py.txt
Description:	This exploit is a simple malicious file creator that will help the users to create jpg images with metasploit shellcode. The file created must be browsed and then a shell will be bound to tcp/31337.
Author:	crossbower,emgent
File Size:	945702
Last Modified:	Dec 30 14:07:02 2009
MD5 Checksum:	dd6543831121442bfbd91e5ab261697f

/// File Name:	0912-exploits.tgz
Description:	This archive contains all of the 599 exploits added to Packet Storm in December, 2009.
Homepage:	http://packetstormsecurity.org/
File Size:	870084
Last Modified:	Jan 3 23:30:48 2010
MD5 Checksum:	2966e08cba11b172273fb0411b2d05e1

/// File Name:	jasc-overflow.txt
Description:	Jasc Paint Shop pro version 8 universal local buffer overflow exploit that creates a malicious .png file.
Author:	fl0 fl0w
File Size:	128261
Last Modified:	Dec 4 01:39:03 2009
MD5 Checksum:	52b6b166c29ecc4b4c37be3072c46e42

/// File Name:	ipb-lfisql.txt
Description:	Invision Power Board versions 3.0.4 and below suffer from local file inclusion and remote SQL injection vulnerabilities. Versions 2.3.6 and below suffer from a remote SQL injection vulnerability.
Author:	Dawid Golunski
File Size:	22467
Last Modified:	Dec 4 22:56:06 2009
MD5 Checksum:	e4b771cd889fc1926a7be0967e202a97

/// File Name:	freewebshop-sqltraversal.txt
Description:	FreeWebShop version 2.2.9 R2 suffers from SQL injection, directory traversal, and insufficient protection vulnerabilities.
Author:	Akita Software Security
File Size:	21012
Last Modified:	Dec 30 15:58:33 2009
MD5 Checksum:	5a84d11150aec3d749ec5bc8044a6073

/// File Name:	NETRAGARD-20091219.txt
Description:	Netragard, L.L.C Advisory - Mac OS X Java Runtime suffers from buffer overflows that allow for remote code execution.
Author:	Adriel T. Desautels
Homepage:	http://www.netragard.com/
File Size:	18336
Related CVE(s):	CVE-2009-3869, CVE-2009-3871, CVE-2009-3875, CVE-2009-3874, CVE-2009-3728, CVE-2009-3872, CVE-2009-3868, CVE-2009-3867, CVE-2009-3884, CVE-2009-3873, CVE-2009-3877, CVE-2009-3865, CVE-2009-3866
Last Modified:	Dec 30 18:25:34 2009
MD5 Checksum:	bf29ef8a7cb944628b6bfd65dacce73a

/// File Name:	adobe_u3d_meshcont.rb.txt
Description:	This Metasploit module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.4, < 8.1.7, and < 9.2. By creating a specially crafted pdf that a contains malformed U3D data, an attacker may be able to execute arbitrary code.
Author:	Felipe Andres Manzano,jduck
Homepage:	http://www.metasploit.com
File Size:	16542
Related OSVDB(s):	58920
Related CVE(s):	CVE-2009-2990
Last Modified:	Dec 30 21:02:37 2009
MD5 Checksum:	9844696e7275b38abd75c6c7d49721f1

/// File Name:	oblog-xssxsrf.txt
Description:	oBlog suffers from cross site scripting, cross site request forgery, and a lack of brute forcing protection.
Author:	Milos Zivanovic
File Size:	16386
Last Modified:	Dec 10 17:08:35 2009
MD5 Checksum:	12721db91d5e76d97c790b266f94a48f

/// File Name:	adobe_u3d_meshdecl.rb.txt
Description:	This Metasploit module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.4, < 8.1.7, and < 9.2. By creating a specially crafted pdf that a contains malformed U3D data, an attacker may be able to execute arbitrary code.
Author:	Felipe Andres Manzano,jduck
Homepage:	http://www.metasploit.com
File Size:	14477
Related OSVDB(s):	58912
Related CVE(s):	CVE-2009-2994
Last Modified:	Dec 30 21:49:33 2009
MD5 Checksum:	ba8b7c25d1f145cbbf6557d8d97daa6c

/// File Name:	camino-overrun.txt
Description:	Camino version 1.6.10 suffers from a remote array overrun that allows for arbitrary code execution.
Author:	Maksymilian Arciemowicz
Homepage:	http://securityreason.com/
File Size:	14268
Related CVE(s):	CVE-2009-0689
Last Modified:	Dec 11 22:59:21 2009
MD5 Checksum:	639d9cd3f82171d6da257f3007620899

/// File Name:	tls-reneg.py.txt
Description:	This is a proof of concept exploit demonstration the TLS renegotiation vulnerability.
Homepage:	http://www.redteam-pentesting.de/
File Size:	14073
Related CVE(s):	CVE-2009-3555
Last Modified:	Dec 21 16:59:02 2009
MD5 Checksum:	afec96ab2281df1dc475c84c8228b18a

/// File Name:	CORE-2009-1013.txt
Description:	Core Security Technologies Advisory - The TestLink Test Management and Execution System suffers from cross site scripting and remote SQL injection vulnerabilities. Versions below 1.8.5 are affected.
Homepage:	http://www.coresecurity.com/corelabs/
File Size:	13638
Related CVE(s):	CVE-2009-4237, CVE-2009-4238
Last Modified:	Dec 10 17:02:55 2009
MD5 Checksum:	5bd0873514f5d1acc5c48a40aa46f3f5

/// File Name:	AKLINK-SA-2009-001.txt
Description:	SQL-Ledger suffers from cross site scripting, cross site request forgery, local file inclusion, SQL injection, and various other security vulnerabilities.
Author:	Alexander Klink
File Size:	13065
Related CVE(s):	CVE-2009-3580, CVE-2009-3581, CVE-2009-3582, CVE-2009-3583, CVE-2009-3584
Last Modified:	Dec 21 19:29:43 2009
MD5 Checksum:	22a6db9ea6f0b4f6a0b15e9990c33c70

/// File Name:	automnews-rfi.txt
Description:	Automne.ws CMS version 4.0.0rc2 suffers from multiple remote file inclusion vulnerabilities.
Author:	1nd0n3s14n l4m3r
File Size:	11295
Last Modified:	Dec 14 20:23:06 2009
MD5 Checksum:	228f8c7bf0ee646dff0424d4ce7d4890

/// File Name:	safenet_softremote_groupname.rb.txt
Description:	This Metasploit module exploits a stack overflow in SafeNet SoftRemote Security Policy Editor <= 10.8.5. When an attacker creates a specially formatted security policy with an overly long GROUPNAME argument, it is possible to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	9777
Related OSVDB(s):	59660
Related CVE(s):	CVE-2009-3861
Last Modified:	Dec 30 21:32:09 2009
MD5 Checksum:	533bd5bff1dfbd68ae456fb7c93f18f4

/// File Name:	9sg_adobe_illuso.txt
Description:	Adobe Illustrator CS4 version 14.0.0 encapsulated postscript (.eps) overlong DSC comment buffer overflow exploit.
Author:	Nine:Situations:Group::Pyrokinesis
Homepage:	http://retrogod.altervista.org/
File Size:	9309
Last Modified:	Dec 3 13:38:14 2009
MD5 Checksum:	9a92638231e1baa663fb97c506f212a5

/// File Name:	thunderbird-overrun.txt
Description:	Thunderbird version 2.0.0.23 suffers from a remote array overrun that allows for arbitrary code execution.
Author:	Maksymilian Arciemowicz
Homepage:	http://securityreason.com/
File Size:	9154
Related CVE(s):	CVE-2009-0689
Last Modified:	Dec 11 23:02:30 2009
MD5 Checksum:	0d081708125aeb59489c91e443f77a83

/// File Name:	sunbird-overrun.txt
Description:	Sunbird version 0.9 suffers from a remote array overrun that allows for code execution.
Author:	Maksymilian Arciemowicz
Homepage:	http://securityreason.com/
File Size:	8870
Related CVE(s):	CVE-2009-0689
Last Modified:	Dec 11 23:01:21 2009
MD5 Checksum:	bdf923a970c69583433b414b157a6fb8

/// File Name:	oracle-xssbypass.txt
Description:	Oracle eBusiness Suite suffers from cross site scripting, unauthenticated guest access, and authentication bypass vulnerabilities.
Author:	Shay Chen
Homepage:	http://www.hacktics.com/
File Size:	8442
Last Modified:	Dec 14 20:59:53 2009
MD5 Checksum:	94584ab7b2bc52653066378a86e0280a

/// File Name:	barracuda-inject.txt
Description:	The Bararcuda web firewall 660 with firmware 7.3.1.007 suffers from input validation vulnerabilities that allow for session hijacking and more.
Author:	Global-Evolution
File Size:	8357
Last Modified:	Dec 21 17:59:52 2009
MD5 Checksum:	47a1c3a224da306d9c4a939d7d20b20a

/// File Name:	wuftpd_site_exec_format.rb.txt
Description:	This Metasploit module exploits a format string vulnerability in versions of the Washington University FTP server older than 2.6.1. By executing specially crafted SITE EXEC or SITE INDEX commands containing format specifiers, an attacker can corrupt memory and execute arbitrary code.
Author:	jduck
Homepage:	http://www.metasploit.com
File Size:	7986
Related OSVDB(s):	11805
Related CVE(s):	CVE-2000-0573
Last Modified:	Dec 30 21:09:02 2009
MD5 Checksum:	871d36694308fe805ed39b9d0996a50a

/// File Name:	wpforum23-sql.txt
Description:	WP-Forum versions 2.3 and below suffer from remote SQL and blind SQL injection vulnerabilities.
Author:	Juan Galiana Lara
File Size:	7841
Related CVE(s):	CVE-2009-3703
Last Modified:	Dec 16 16:49:54 2009
MD5 Checksum:	6634ae632b8a259b3b23d9f46e5429fc

/// File Name:	libmodplug-overflow.txt
Description:	The libmodplug library is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. Versions prior to 0.8.6 are affected.
Author:	dummy
File Size:	7784
Last Modified:	Dec 4 22:58:36 2009
MD5 Checksum:	c985c0ce8788dcfad9e52ae4c1d439c7

/// File Name:	hmsintellicom-exec.txt
Description:	This advisory documents vulnerabilities in the HMS HICP protocol as well as an Intellicom NetBiterConfing.exe remote stack overflow vulnerability. Proof of concept code included.
Author:	Ruben Santamarta
Homepage:	http://www.reversemode.com/
File Size:	7729
Last Modified:	Dec 14 21:46:49 2009
MD5 Checksum:	84f74d2ec52cd79c8d5e11a07868b61e

/// File Name:	recipescript-uploadxsrfxss.txt
Description:	Recipe Script version 5.0 suffers from shell upload, cross site request forgery, and cross site scripting vulnerabilities.
Author:	Milos Zivanovic
File Size:	7673
Last Modified:	Dec 16 18:32:12 2009
MD5 Checksum:	0083947546d5c999f25eb6c1e9efa9fb