Section: .. / 1001-exploits /

Page 2 of 21
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 >> Files 25 - 50 of 518

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	vlcOrig.c
Description:	VLC version 0.8.6 .ASS file universal buffer overflow exploit for Win32.
Author:	fl0 fl0w
File Size:	9456
Last Modified:	Jan 18 11:45:44 2010
MD5 Checksum:	947968f6ece4d1a7d4888e04a5c309ec

/// File Name:	kosmosblog-sqlxssxsrf.txt
Description:	KosmosBlog version 0.9.3 suffers from cross site request forgery, cross site scripting and remote SQL injection vulnerabilities.
Author:	Milos Zivanovic
File Size:	9076
Last Modified:	Jan 22 18:36:28 2010
MD5 Checksum:	43971af82563b2c7cd7b09673a0fd8ab

/// File Name:	tns_auth_sesskey.rb.txt
Description:	This Metasploit module exploits a stack buffer overflow in Oracle. When sending a specially crafted packet containing a long AUTH_SESSKEY value to the TNS service, an attacker may be able to execute arbitrary code.
Author:	jduck
Homepage:	http://www.metasploit.com
File Size:	9010
Related OSVDB(s):	59110
Related CVE(s):	CVE-2009-1979
Last Modified:	Jan 22 01:23:52 2010
MD5 Checksum:	8caaa71443ba81f2bc81d43ee838581e

/// File Name:	CORELAN-10-006.txt
Description:	S.O.M.PL. aka Simple Open Music Player suffers from a buffer overflow vulnerability. Proof of concept included.
Author:	Rick
File Size:	8769
Last Modified:	Jan 19 22:35:23 2010
MD5 Checksum:	bb288a29cc98d4a5a1a56130e7f028bc

/// File Name:	macosx-overflow.txt
Description:	Mac OS X versions 10.5 and 10.6 suffers from a buffer overflow vulnerability in libc/strtod(3).
Author:	Maksymilian Arciemowicz
Homepage:	http://securityreason.com/
File Size:	8716
Related CVE(s):	CVE-2009-0689
Last Modified:	Jan 8 20:34:41 2010
MD5 Checksum:	db475800cbb3f6d5b885a610f460604b

/// File Name:	virtualdj606-overflow.txt
Description:	VirtualDJ Trial version 6.0.6 New Year Edition .m3u file buffer overflow exploit.
Author:	fl0 fl0w
File Size:	8431
Last Modified:	Jan 3 19:47:30 2010
MD5 Checksum:	1f8014e242ca2fed7ea741bce7246c85

/// File Name:	ba252-overflow.txt
Description:	BigAnt server version 2.52 remote buffer overflow exploit that binds a shell to port 4444.
Author:	Jacky
File Size:	8309
Last Modified:	Jan 15 15:51:14 2010
MD5 Checksum:	f2ffb4745005b6afc2952a950e198bef

/// File Name:	centrifuge-dos.txt
Description:	CentrifugeSystems suffers from a denial of service vulnerability due to a looping condition.
Author:	Asheesh Kumar Mani Tripathi
File Size:	8308
Last Modified:	Jan 14 16:59:20 2010
MD5 Checksum:	49fee23f8d355d41a7a2c5e9ee4846c5

/// File Name:	quickplayer-overflow.txt
Description:	Quick Player version 1.2 unicode buffer overflow exploit that binds a shell to port 4444 and creates a malicious .m3u file.
Author:	sinn3r
File Size:	8269
Last Modified:	Jan 7 13:57:36 2010
MD5 Checksum:	49a1f08defb5c62cae022f9bc97b7f0f

/// File Name:	iTunes-CVE09-s36.c
Description:	Apple iTunes 8.1.x (daap) remote buffer overflow exploit that binds a shell to port 4444.
Author:	His0k4,Simo36
File Size:	7954
Related CVE(s):	CVE-2009-0950
Last Modified:	Jan 14 16:53:28 2010
MD5 Checksum:	3b29c90c6d68f2f00c40cfe91db4a8e6

/// File Name:	SS-2010-001.txt
Description:	A vulnerability exists within the Forms Data Format (FDF) built into Adobe Acrobat Reader which allows an attacker to inject JavaScript into a Portable Document Format (PDF) file from any domain on the internet. Successful exploitation of this issue results in the potential disclosure of sensitive information or other cross-domain attacks including cross-site scripting. Adobe Reader and Acrobat versions 9.2 and 8.1.7 and earlier versions are affected.
Author:	Paul Theriault
Homepage:	http://www.stratsec.net/
File Size:	7527
Related CVE(s):	CVE-2009-3956
Last Modified:	Jan 14 11:13:16 2010
MD5 Checksum:	e600b051fe42c83e632aceead5fe8e38

/// File Name:	Rising0day.cpp.txt
Description:	Rising AntiVirus 2008 through 2010 local privilege escalation proof of concept exploit.
Author:	Dlrow
File Size:	7502
Last Modified:	Jan 29 17:36:14 2010
MD5 Checksum:	bf5bc5705505b6ba0c2581aa7bcf9bb1

/// File Name:	publique-sql.txt
Description:	Publique! Framework version 2.3 suffers from a remote SQL injection vulnerability.
Author:	Christophe de la Fuente,Gustavo Pimentel Bittencourt
File Size:	7299
Last Modified:	Jan 26 02:44:31 2010
MD5 Checksum:	049f0acbfc1cd3a6c121dedc597ace79

/// File Name:	11167.py.txt
Description:	This program acts as a web server that generates an exploit to target a vulnerability in Internet Explorer. The exploit was tested using Internet Explorer 6 on Windows XP SP3. The exploit's payload spawns the reverse shell on port 4321.
Author:	Ahmed Obied,syniack
File Size:	7250
Related CVE(s):	CVE-2010-0249
Last Modified:	Jan 19 22:28:46 2010
MD5 Checksum:	73fb7c4349b08dc12cc17c966d440a48

/// File Name:	testlink-traversal.txt
Description:	Testlink TestManagement and Execution System suffers from directory traversal vulnerabilities.
Author:	Prashant Khandelwal
File Size:	7049
Last Modified:	Jan 15 19:51:26 2010
MD5 Checksum:	0893285b3d3d862520059116f6a9b55f

/// File Name:	j-overrun.txt
Description:	J version 6.02.023 suffers from an array overrun vulnerability.
Author:	Maksymilian Arciemowicz
Homepage:	http://securityreason.com/
File Size:	6988
Related CVE(s):	CVE-2009-0689
Last Modified:	Jan 8 20:14:05 2010
MD5 Checksum:	28fe61246bdca636bfdb4992ac9659ca

/// File Name:	ie_aurora.py.txt
Description:	This program acts as a web server that generates an exploit to target a vulnerability in Internet Explorer. The exploit was tested using Internet Explorer 6 on Windows XP SP2. The exploit's payload spawns the calculator.
Author:	Ahmed Obied
File Size:	6517
Related CVE(s):	CVE-2010-0249
Last Modified:	Jan 17 18:27:46 2010
MD5 Checksum:	51e9323f1f97bef10ea85d37a5d609e6

/// File Name:	ipbfd.py.txt
Description:	Invision Power Board remote file disclosure exploit.
Author:	TinKode,cmiN
File Size:	6423
Last Modified:	Jan 24 15:19:08 2010
MD5 Checksum:	02df1417d2970c6caa68478782ef3f79

/// File Name:	magentoce-xss.txt
Description:	Magento Community Edition version 1.3.2.43 suffers from cross site scripting vulnerabilities.
Author:	Justin C. Klein Keane
Related Exploit:	magento-xss.txt
File Size:	6259
Last Modified:	Jan 4 19:51:30 2010
MD5 Checksum:	43c15944316bfa9b410af556e4942955

/// File Name:	vbulletin-disclose.txt
Description:	vBulletin remote file disclosure exploit. Written in Python.
Author:	TinKode,cmiN
File Size:	6130
Last Modified:	Jan 24 14:53:13 2010
MD5 Checksum:	2c90b1a662da3d5462bb912aeb255177

/// File Name:	cpanel-hrs.txt
Description:	cPanel and WHM versions 11.25 (up to build 42174) allows CR injection that can be leveraged for HTTP response splitting attacks.
Author:	Trancer
File Size:	6003
Last Modified:	Jan 22 02:19:10 2010
MD5 Checksum:	79d336770936e7a83a8fd0673d0137e4

/// File Name:	winamp-overflow.c
Description:	Winamp versions 5.05 through 5.13 .ini local stack buffer overflow proof of concept exploit.
Author:	fl0 fl0w
File Size:	5848
Last Modified:	Jan 13 22:15:28 2010
MD5 Checksum:	893fe1edfe8660a5312065a5d930258a

/// File Name:	safari4-dos.txt
Description:	Safari version 4 remote crash exploit.
Author:	Securitylab Security Research
Homepage:	http://securitylab.ir/
File Size:	5464
Last Modified:	Jan 11 17:37:17 2010
MD5 Checksum:	9270b948e223e9d49f3411d8d12a58ed

/// File Name:	hp_omniinet_1.rb.txt
Description:	This Metasploit module exploits a stack-based buffer overflow in the Hewlett-Packard OmniInet NT Service. By sending a specially crafted MSG_PROTOCOL (0x010b) packet, a remote attacker may be able to execute arbitrary code with elevated privileges. This service is installed with HP OpenView Data Protector, HP Application Recovery Manager and potentially other products. This exploit has been tested against versions 6.1, 6.0, and 5.50 of Data Protector. and versions 6.0 and 6.1 of Application Recovery Manager. NOTE: There are actually two consecutive wcscpy() calls in the program (which may be why ZDI considered them two separate issues). However, this module only exploits the first one.
Author:	EgiX,jduck,riaf
Homepage:	http://www.metasploit.com
File Size:	5327
Related OSVDB(s):	61206
Related CVE(s):	CVE-2007-2280
Last Modified:	Jan 7 01:00:29 2010
MD5 Checksum:	0bcd4a003662b75595c11d89eb98ddba

/// File Name:	CVE-2010-0071.py.txt
Description:	Oracle RDBMS TNS Listener proof of concept exploit that causes the listener to crash.
Author:	Dennis Yurichev
File Size:	5277
Related CVE(s):	CVE-2010-0071
Last Modified:	Jan 22 02:56:30 2010
MD5 Checksum:	9db9475c08b68a1521a9a1ff413e1c0f