This Metasploit module attempts to exploit multiple issues in order to gain remote code execution under Pandora FMS versions equal to and prior to 5.0 SP2. First, an attempt to authenticate using default credentials is performed. If this method fails, a SQL injection vulnerability is leveraged in order to extract the "Auto Login" password hash. If this value is not set, the module will then extract the administrator account's MD5 password hash.
fc913d99854d2c8194e4f3b46434494278885d559958fa670ed923151a77b005This Metasploit module exploits an unauthenticated SQL injection vulnerability affecting Zabbix versions 2.0.8 and lower. The SQL injection issue can be abused in order to retrieve an active session ID. If an administrator level user is identified, remote code execution can be gained by uploading and executing remote scripts via the 'scripts_exec.php' file.
43e33eef7564de8ef7460b90f5eacf0b5e096e9067163c4790e0950c800b1b87This Metasploit module exploits a buffer overflow vulnerability found in the PORT command in Turbo FTP Server versions 1.30.823 and 1.30.826, which results in remote code execution under the context of SYSTEM.
abb8df5bd9e6fe13f397d60912333dbe638be84ba39c6009e9215a03bc909d53This Metasploit module exploits a stack-based buffer overflow vulnerability in the latest version 3.5 of TugZip archiving utility. In order to trigger the vulnerability, an attacker must convince someone to load a specially crafted zip file with TugZip by double click or file open. By doing so, an attacker can execute arbitrary code as the victim user.
dfd1d434ab7742db844f4361a73baede359a856715df5794ad3d96c86362e269Iconics GENESIS32 version 9.21.201.01 suffers from an integer overflow vulnerability. The GenBroker service on port 38080 is affected by three integer overflow vulnerabilities while handling opcode 0x4b0, which is caused by abusing the the memory allocations needed for the number of elements passed by the client. This results unexpected behaviors such as direct registry calls, memory location calls, or arbitrary remote code execution. Please note that in order to ensure reliability, this exploit will try to open calc (hidden), inject itself into the process, and then open up a shell session. Also, DEP bypass is supported.
7bae29e02d02057cc61741efd202ae99da696fffbf3d953322faa7fcd5294a22This Metasploit module exploits a vulnerability in the igssdataserver.exe component of 7-Technologies IGSS up to version 9.00.00 b11063. While processing a ListAll command, the application fails to do proper bounds checking before copying data into a small buffer on the stack. This causes a buffer overflow and allows to overwrite a structured exception handling record on the stack, allowing for unauthenticated remote code execution.
d6e50055a18ef8053fcab8d3dbb3013cea1bef5f64706db8cc621234903f31fbThis Metasploit module exploits a stack-based buffer overflow vulnerability in version 3.0 of ediSys Corp.'s eZip Wizard. In order for the command to be executed, an attacker must convince someone to open a specially crafted zip file with eZip Wizard, and access the specially file via double-clicking it. By doing so, an attacker can execute arbitrary code as the victim user.
f7cf6b8da01815b33b60d03bf75a15fdc34e7db6f1efa9610628e431ece1a389This Metasploit module exploits a stack buffer overflow in Race river's Integard Home/Pro internet content filter HTTP Server. Versions prior to 2.0.0.9037 and 2.2.0.9037 are vulnerable. The administration web page on port 18881 is vulnerable to a remote buffer overflow attack. By sending an long character string in the password field, both the structured exception handler and the saved extended instruction pointer are over written, allowing an attacker to gain control of the application and the underlying operating system remotely. The administration website service runs with SYSTEM privileges, and automatically restarts when it crashes.
d01b8d0eccb2aec11afecf3d49371c3c926e2d006a81facbb808d6626fec7fa3This Metasploit module exploits a stack buffer overflow in Race river's Integard Home/Pro internet content filter HTTP Server. Versions prior to 2.0.0.9037 and 2.2.0.9037 are vulnerable. The administration web page on port 18881 is vulnerable to a remote buffer overflow attack. By sending an long character string in the password field, both the structured exception handler and the saved extended instruction pointer are over written, allowing an attacker to gain control of the application and the underlying operating system remotely. The administration website service runs with SYSTEM privileges, and automatically restarts when it crashes.
39c01041cd7a953eb8e64486e1f5865273ee4d2db2d0b6b1cfb86aad1711e782This is a Metasploit module that exploits a remote buffer overflow in Integard Home and Pro version 2.
d4089119cb05d1fbda649606b655fb13dc6b8bd56736cee01e8bbc3e9d7072ab123 Flashchat version 7.8 Remote suffers from clear text password disclosure, open crossdomain policy, cross site scripting and directory traversal vulnerabilities.
e6f4b2e751ddbd9ca30cd70a91dc1fd7db559f9a793e435b808a1749e33196baSygate Personal Firewall 5.6 build 2808 active-x exploit with DEP bypass.
86b61ff700b2d7710754181efb3d7c2c1e9da867d3bb34a2d51e0d839de25516This Metasploit module exploits a stack buffer overflow in the ANSMTP.dll/AOSMTP.dll ActiveX Control provided by CommuniCrypt Mail 1.16. By sending a overly long string to the "AddAttachments()" method, an attacker may be able to execute arbitrary code.
65f4583b340496aacd44bcd7b4987ace8fe604c038312ce81965057381f89f0fCommuniCrypt Mail version 1.16 (ANSMTP.dll/AOSMTP.dll) Active-X buffer overflow exploit.
52df9cbdb8622bd771beb386d5a6fbca357bda60f58016ef745a1f5afdae5714SyncBack Freeware version 3.2.20.0 local buffer overflow exploit that creates a malicious .sps file.
87370c4f68dc789390ad72b4b9ca2c5ee5992dd1ea78373e0fdb715c43946353Incredimail suffers from an Active-X memory corruption vulnerability in ImShExtU.dll.
5e8b9eb5daf14a3ad72d42f509c6e4c67a8bd929ae3f2276d5f3d64b68647e2bUrgent Backup version 3.20, ABC Backup Pro version 5.20 and ABC Backup version 5.50 SEH exploit that creates a malicious .zip file.
61ab4ec986a1a00a6be031557d1010971379c71bebe7ee0a8f677278cbd5cf73Archive Searcher version 2.1 suffers from a stack overflow vulnerability.
582f4a3973fddd70c105d4382330b620193bad1eb347489344824e98e103a47cTembria Server Monitor version 5.6.0 suffers from a stack overflow vulnerability.
2c2e79decf3313f4a5d1345601bba1b7e6285b2f6c4cee6fc50f184b1c74bf15eZip Wizard version 3.0 buffer overflow exploit that creates a malicious .zip file.
f010a2dae64b554d9b39247ff8f0eb04a16bae1238dea7fc4dc4d26fbce69b92ZipScan version 2.2c buffer overflow exploit that creates a malicious .zip file.
1ceca7cff059a32bb8f47a5ede4b7d904ae8a6fab410175e36f81eadad238be9TugZip version 3.5 SEH buffer overflow exploit that creates a malicious .zip file.
809b6b79c73e10e49768fefdc092e5219a325451ab5619e3f989d67abb501dedOpen and Compact FTPd pre-authentication remote exploit that binds a shell to port 4444.
e9b123d40e159e6c6bc9b86b574b0dfedd1571e2c5995f6097bba18fa544d814This exploits a stack overflow in the BigAnt Messaging Service, part of the BigAnt Server product suite. This Metasploit module was tested successfully against version 2.52. NOTE: The AntServer service does not restart, you only get one shot.
dd69ef386f696d716346934cec43c21dfd0dbc94932dacb7f54813b7d02a26caThis exploits a stack overflow in NetTransport Download Manager, part of the NetXfer suite. This Metasploit module was tested successfully against version 2.90.510.
bf6500a66ae079ee9bf77addffc2d579c17c8d0c7c04d2cb70fdae113cbc6cd9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed