This Metasploit module exploits a stack overflow in Borland InterBase by sending a specially crafted attach request.
b80f3f01d5b09ec0df01689c15ecee32ca53ffad4905d8a3f3f94aeef0db9afbThis Metasploit module exploits a stack overflow in Borland InterBase by sending a specially crafted create request.
f3b72345c222e40c6aaf748b6c4f32d67304fddd295a20f57eef48e39ed8ec37This Metasploit module exploits a stack overflow in Borland InterBase by sending a specially crafted service attach request.
6064154184357638969d135075df6a18b1fdd12c7031a8c3a01b541a382b4d19This Metasploit module exploits a stack overflow in the Salim Gasmi GLD versions 1.4 and below greylisting daemon for Postfix. By sending an overly long string the stack can be overwritten.
ea6d90f755fe4ab12b60f16218193025e81969e9398ec2a4ad48e9c30e700753This Metasploit module exploits a stack-based buffer overflow in the Madwifi driver.
0754c28ffae1c6acf4d1bb93d5f0ef0b22f7d54c1e399116520b529c45ac5417This Metasploit module exploits a buffer overflow in the 'LSUB' command of the University of Washington IMAP service. This vulnerability can only be exploited with a valid username and password.
ed074262b944617dd05f31cfbad7fdb4bc44dbc72e181c6afa6bc59ed9e6d14aThis Metasploit module exploits a stack overflow in the Back Orifice pre-processor module included with Snort versions 2.4.0, 2.4.1, 2.4.2, and 2.4.3. This vulnerability could be used to completely compromise a Snort sensor, and would typically gain an attacker full root or administrative privileges.
585cf3c1e094b61417107aeaed623a55b27056aae30c96f310965fd2fc23c460This Metasploit module exploits a stack overflow in PeerCast versions 0.1216 and below. The vulnerability is caused due to a boundary error within the handling of URL parameters.
a97d8094e69f356b824cec0293b2687edc10f2b3b75350b8dde86a8f0530ef97This Metasploit module exploits a stack overflow in apply.cgi on the Linksys WRT54G and WRT54GS routers. According to iDefense who discovered this vulnerability, all WRT54G versions prior to 4.20.7 and all WRT54GS version prior to 1.05.2 may be be affected.
05f730badb59943ab48414e62810156de18000b427d38198a0facb7c98a34364This Metasploit module exploits a format string vulnerability in the Berlios GPSD server. This vulnerability was discovered by Kevin Finisterre.
d2e1483aa159570fa1971db2ccf1f50ba9cfec3932e23d478dc9ec3b53de36a1This Metasploit module abuses a metacharacter injection vulnerability in the HTTP management server of wireless gateways running DD-WRT. This flaw allows an unauthenticated attacker to execute arbitrary commands as the root user account.
f7af9223b5eec8e1b261fdcf742cf64095bfc863450d469577f5a680d3312887This Metasploit module abuses a metacharacter injection vulnerability in the HTTP management interface of the Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 and earlier. The Unified Maintenance Tool contains a 'masterCGI' binary which allows an unauthenticated attacker to execute arbitrary commands by specifying shell metacharacters as the 'user' within the 'ping' action to obtain 'httpd' user access. This module only supports command line payloads, as the httpd process kills the reverse/bind shell spawn after the HTTP 200 OK response.
5f729c464589be1bd553b1af7b924cba42e213fffa0fc22238f2714175028981This is an exploit for the GameSpy secure query in the Unreal Engine. This exploit only requires one UDP packet, which can be both spoofed and sent to a broadcast address. Usually, the GameSpy query server listens on port 7787, but you can manually specify the port as well. The RunServer.sh script will automatically restart the server upon a crash, giving us the ability to bruteforce the service and exploit it multiple times.
f450b169feb194e0e65157d07815ac70dd9253a75e0d229c069ff6dce045c81dThis Metasploit module exploits an arbitrary command execution flaw in the in.lpd service shipped with all versions of Irix.
e9b94c7b39094f786cf93481c5471c76f60e78b4c1f1ebf64aff58eaed537f5dThis exploit abuses an unpublished vulnerability in the HP-UX LPD service. This flaw allows an unauthenticated attacker to execute arbitrary commands with the privileges of the root user. The LPD service is only exploitable when the address of the attacking system can be resolved by the target. This vulnerability was silently patched with the buffer overflow flaws addressed in HP Security Bulletin HPSBUX0208-213.
f9d5ef66fb19775cafad693801df558f4d03366c4666e3742e525d43fecae14bThis Metasploit module exploits a stack overflow in XTACACSD versions 4.1.2 and below. By sending a specially crafted XTACACS packet with an overly long username, an attacker may be able to execute arbitrary code.
068edc782b5026fe47e5d9c5618ccb7a64b50639d9ee2451f72c1757139fddc5This exploit connects to a system's modem over dialup and exploits a buffer overflow vulnerability in it's System V derived /bin/login. The vulnerability is triggered by providing a large number of arguments.
879fb76e40bddd82af476396294fcefd3b2cf5ce2ed0dcf7a06b1239ed4be912This is an exploit for an undisclosed buffer overflow in the SoftCart.exe CGI as shipped with Mercantec's shopping cart software. It is possible to execute arbitrary code by passing a malformed CGI parameter in an HTTP GET request. This issue is known to affect SoftCart version 4.00b.
c9dccfe5b7419f70e2a30a4c2e34c682780607f4dc1a5b5945ab9f5f4cef63b9This is a detailed analysis regarding the U3D CLODProgressiveMeshDeclaration initialization array overrun that affects Adobe Acrobat Reader versions 7.x, 8.x, and 9.x. Exploit included.
c090417dc1342b3cda436100dd5256853c41e6b89eb64b311be1a05620d98e00SharePoint Team Services suffers from a remote source code disclosure vulnerability in its download facility.
4e7055eb3038cde6c4ec6d7dddd8f7a0b00a1c88f6274975ea98f42e56ba948exp-AntiSpy versions 3.9.7-4 and below local buffer overflow exploit that creates a malicious .xpas file.
fb7c0d38c62756cc07427f4f9cc68a113bb21c52a93dcd03c74d4ea5f5190bc2Cherokee web server version 0.5.4 remote denial of service exploit.
bc5ae7c21bcb8c03242d5ca9efe893b038532ab37ece8f6120f1d93318696b2bJetty versions 6.x and 7.x suffer from cross site scripting, injection, and information disclosure vulnerabilities.
5f6bdd64a6596d46cbd0a5ae2448106b4656a8543eb8f07317ef5d4b92ae82d9RunCMS version 2M1 store() remote SQL injection exploit.
5ec198e21d6cd21d61f5fdc3c6a5ee8d87713cb7314e10d3097198cadcd066a8TFTgallery version 0.13 is susceptible to a cross site scripting vulnerability.
63c864ab65c6626cd22619a37272b2397a4e4a8dfda92c12502c770de28ed5ca
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed