| Email address | private |
|---|---|
| First Active | 2011-01-14 |
| Last Active | 2021-03-09 |
Golden FTP Server version 4.70 PASS buffer overflow exploit.
16159dc816f140941e09c862768fbfab9dfff7504f561762b8f4cadfc2699872BigAnt Server version 2.97 DDNF username buffer overflow exploit with DEP and ASLR bypass. Binds a shell to port 4444.
b114dd8d646dddbf65d73b849faaedfb56e723603110598c6f7794f930cfb69fThis Metasploit module exploits a vulnerability in ActFax Server 5.01 RAW server. The RAW Server can be used to transfer fax messages without any underlying protocols. To note significant fields in the fax being transferred, like the fax number or the recipient, ActFax data fields can be used. This Metasploit module exploits a buffer overflow in the handling of the @F506 fields due to the insecure usage of strcpy. This Metasploit module has been tested successfully on ActFax 5.01 over Windows XP SP3 (English).
d87e539151a571a848fa3efe35cc969a0ff60645c93035d902d039cfcf31fbc7This Metasploit module exploits a vulnerability in ActFax Server 5.01 RAW server. The RAW Server can be used to transfer fax messages to the fax server without any underlying protocols. To note significant fields in the fax being transfered, like fax number and recipient, you can use ActFax data fields. @F506,@F605, and @F000 are all data fields that are vulnerable. This has been fixed in a beta version which will not be pushed to release until May 2013.
4a69b08e3f25832796905f1a619e884a1be0ddff4a7741e5aa998ad429b5daaeThis Metasploit module updates an existing MSF module originally written for BlazeDVD 5.1. The new module will bypass DEP and ASLR on version 6. The original vulnerability is due to the handling of specially crafted PLF files. Exploiting this allows us to execute arbitrary code running under the context of the user.
ff5bd458d53d97905de67393897725bc2fc0ec2f6c59ecc21e7e6504016b8953Sysax FTP Automation Server version 5.33 suffers from a local privilege escalation vulnerability.
9da75d5d121541879919ac465b91055fed3c2f21871f370c68a97149904b4bfaThis Metasploit module exploits a vulnerability in ActiveFax Server. The vulnerability is a stack based buffer overflow in the "Import Users from File" function, due to the insecure usage of strcpy while parsing the csv formatted file. The module creates a .exp file that must be imported with ActiveFax Server. The module has been tested successfully on ActFax Server 4.32 over Windows XP SP3 and Windows 7 SP1. In the Windows XP case, when ActFax runs as a service, it will execute as SYSTEM.
c647f83637014a447ae0a445b73bc78e1347958b1328e0f0cc2af4bc0585b90aActFax version 4.31 local privilege escalation exploit that spawns cmd.exe.
697ffa7fdf16ff3683bbf980a8167a2982f5b6f043569821203b066d92d2311cThis Metasploit module exploits a stack buffer overflow in the create folder function in Sysax Multi Server 5.64. This issue was fixed in 5.66. You must have valid credentials to trigger the vulnerability. Your credentials must also have the create folder permission and the HTTP option has to be enabled. This Metasploit module will log into the server, get your a SID token and then proceed to exploit the server. Successful exploits result in LOCALSYSTEM access. This exploit works on XP SP3, and Server 2003 SP1-SP2.
121e5304fc0c68efcbe91a4bd17f067fad4fef74c609ee089fb5929981de2e57Sysax versions 5.62 ad below administrative interface local buffer overflow exploit that binds a shell to port 4444.
7efb7cd16bdaabc3ae5c671cbe33491c4a4f524a9fb6e3dd1b168c19d3339372Sysax versions 5.60 and below suffer from a buffer overflow vulnerability when creating an SSL certificate.
25b09a6e92ff4d9c00a80eaae87713ec5fe32db0a7d9c1c488dd9ed1a7a31810Sysax Multi Server versions 5.57 and below remote directory traversal tool that requires authentication.
a7afbf931d01a29f94a41708a24d2f4c3bf1d3ead791e9f5fb51183c4d5fa32bThis Metasploit module exploits a vulnerability found in Sysax's SSH service. By supplying a long username, the SSH server will copy that data on the stack without any proper bounds checking, therefore allowing remote code execution under the context of the user. Please note that previous versions (before 5.53) are also affected by this bug.
4c79bc67dd01aa9c6f086a33e5e924a0b8feec60ac0ce68bacb83a81e643b256Sysax Multi Server versions 5.53 and below SSH username buffer overflow pre-authentication remote code execution exploit with egghunter shellcode that binds a shell to port 4444.
1a9e244ba23211e8a0745f4370e9f10d0e94ad75ca261b64e8e40b6e0606839fSysax Multi Server version 5.53 SFTP post authentication SEH exploit with egghunter shellcode that binds a shell to port 4444.
e3ee80f9e583422dca0ef40fef6b1c192c1da12311e53628b885e95e7f419bbeSysax Multi Server version 5.52 and below file rename buffer overflow exploit with egghunter shellcode that spawns a shell on port 4444.
fd8d36251f2ddc9fcea601c55652a9a591bf0d2d18d9d9b24252773e06529a61Campaign Enterprise version 11.0.421 suffers from a remote SQL injection vulnerability.
a6e7c8d4760e5b9abb987effc8b747e80986605d0bf70dbc3709453031e5931fThis Metasploit module exploits a stack buffer overflow in the create folder function in Sysax Multi Server 5.50. This issue was fixed in 5.52. You must have valid credentials to trigger the vulnerability. Your credentials must also have the create folder permission and the HTTP option has to be enabled. This Metasploit module will log into the server, get your a SID token and then proceed to exploit the server. Successful exploits result in LOCALSYSTEM access. This exploit works on XP and 2003.
9c89a9721eaaf34e5b28601af5c5497ccf1f5855860d05b1399eb663bcde037cSysax Multi Server version 5.50 create folder buffer overflow exploit with bindshell code for port 4444.
adb60108b3c26535f2e749d1b39e34638903b0dd0688adf1d5ebfc97c819ccc6LiteServe version 2.81 PASV command denial of service proof of concept exploit.
89b6d6faac955e184cd85ccfc79310989e93b57a0df944fdc49e8e88b5853864Proof of concept denial of service exploit for the Omnicom Alpha 4.0e LPD server.
dfd3fb9fa47baf1676b3b04b31dd595cde00348d26967d6b63543109cf5e6f78Ciscokits version 1.0 TFTP long filename denial of service exploit.
383be13aeec64ac2315d8b82ed84ca0e439ee47189bc18beae7f9010d78dd05eFreeFloat FTP version 1.0 any non implemented command buffer overflow exploit.
ac83615e8ea562e1c12cf0b82fac72d7376e0499e575ecd08be1d32ca60d543bFreefloat FTP version 1.0 ABOR buffer overflow exploit.
ed6030ce0ac47529c658ba9a8d96fc59ceb9c74bd6e8956329ac0b799483e7a1Solar FTP version 2.1.1 PASV command proof of concept buffer overflow exploit.
405bdb9768449daa84eab553c38b35bcdcd0fd1d975c84e819ed936fbfaa7748
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed