This Metasploit module exploits a buffer overflow found in the /search/results.stm application that comes with Sambar 6. This code is a direct port of Andrew Griffiths's SMUDGE exploit, the only changes made were to the nops and payload. This exploit causes the service to die, whether you provided the correct target or not.
43d90184c1c0d9d0e9d3c5ac475582ad68fe7328316423ce9e487d6c5499f98b
This Metasploit module exploits a vulnerability in the data binding feature of Internet Explorer. In order to execute code reliably, this module uses the .NET DLL memory technique pioneered by Alexander Sotirov and Mark Dowd. This method is used to create a fake vtable at a known location with all methods pointing to our payload. Since the .text segment of the .NET DLL is non-writable, a prefixed code stub is used to copy the payload into a new memory segment and continue execution from there.
c7921d15e333daf28b7fef1fddc614a29a08d3a01e4604616b9e695146f13c61
This Metasploit module exploits a use after free vulnerability in Adobe Reader and Adobe Acrobat Professional versions up to and including 9.2.
db8a3aadb83130b870e5a70ed5ba3a3aafb3ba7ade242ba5744bcd8251b74f40
This Metasploit module exploits a use after free vulnerability in Adobe Reader and Adobe Acrobat Professional versions up to and including 9.2.
b1f8cfeb14bd0899045d104a6e8573a0f4d05407352329432a77e25d99ebb260
This exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8. This particular module is capable of exploiting the flaw on Solaris SPARC systems that do not have the noexec stack option set. Big thanks to MC and valsmith for resolving a problem with the beta version of this module.
48fe6c9e19f75786c1b1abb6aa3114673fe6ce806ec1a7f209d21ef0aa51d85a
This exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8. This particular module is capable of exploiting the bug on Mac OS X PowerPC systems.
0a81c70c55c5b626382aa3846753c3ac0bbcbc83db3ba6ea2a26b8367e01106c
This is an exploit for the Exchange 2000 heap overflow. Due to the nature of the vulnerability, this exploit is not very reliable. This Metasploit module has been tested against Exchange 2000 SP0 and SP3 running a Windows 2000 system patched to SP4. It normally takes between one and 100 connection attempts to successfully obtain a shell. This exploit is *very* unreliable.
26a51fce399b6448d8c4a7690d9c8391601cf7dd1c9478bdf2b4167db5d655ee
This Metasploit module exploits two arbitrary PHP code execution flaws in the phpBB forum system. The problem is that the 'highlight' parameter in the 'viewtopic.php' script is not verified properly and will allow an attacker to inject arbitrary code via preg_replace().
3a2382adc10594ee42ff1bd0b49855a630ee0af65a53e90bd2f33b29bcbe9542
The QuickTime Streaming Server contains a CGI script that is vulnerable to metacharacter injection, allow arbitrary commands to be executed as root.
87169439514fb0afb74e3cd42e5f97a61ab10eb7cfb959af7b8efa2b61313896
This Metasploit module exploits various php include vulnerabilities.
e357d04e020edf1f4d458c10f229063fd076425a03411ffdd5eba7edcc75455a
This Metasploit module exploits a metacharacter injection vulnerability in the FreeBSD and Solaris versions of the Zabbix agent. This flaw can only be exploited if the attacker can hijack the IP address of an authorized server (as defined in the configuration file).
e5f0f890d82d1ebacd0b8289ec44368a0492b00a6c37a1e9b2d6510aaa02d3da
The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
a650778f7946a7f113acd716023978fd94f01325e9a4cf6342fb00ba3f6a2c0b
The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
d9c8449f489efcce2ae006e4ed806ce911cb7fc671593232151ba25f8b098095
The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
1c1f09545a58773c8a81cfab7351894a473484fa9530ddbc87125bf703ff941d
This Metasploit module exploits a vulnerability in the 3Com 3CDaemon FTP service. This package is being distributed from the 3Com web site and is recommended in numerous support documents. This Metasploit module uses the USER command to trigger the overflow.
815045260e465802c35cbda9285c0622bfe5f32298f8df68633b64d3f5a3b2a0
This Metasploit module exploits a buffer overflow vulnerability in the LoadAniIcon() function of USER32.dll. The flaw is triggered through Outlook Express by using the CURSOR style sheet directive to load a malicious .ANI file. This vulnerability was discovered by Alexander Sotirov of Determina and was rediscovered, in the wild, by McAfee.
ff5578fdfc8c36ccaad517474220f3b7300ff9d3ecf2bb352b81b0e1dffd7516
This Metasploit module exploits the chunked transfer integer wrap vulnerability in Apache version 1.2.x to 1.3.24. This particular module has been tested with all versions of the official Win32 build between 1.3.9 and 1.3.24. Additionally, it should work against most co-branded and bundled versions of Apache (Oracle 8i, 9i, IBM HTTPD, etc). You will need to use the Check() functionality to determine the exact target version prior to launching the exploit. The version of Apache bundled with Oracle 8.1.7 will not automatically restart, so if you use the wrong target value, the server will crash.
02caca0c3ef84c379c6053e31707b4b6389939755466b8435f5f2edee463d9f2
This Metasploit module exploits a heap overflow in the BakBone NetVault Process Manager service. This code is a direct port of the netvault.c code written by nolimit and BuzzDee.
abb3356d348f4bf759c98838cbffce838b11685877ba40eb30c6f1e41e563425
This Metasploit module exploits a vulnerability in the CA CAM service by passing a long parameter to the log_security() function. The CAM service is part of TNG Unicenter. This Metasploit module has been tested on Unicenter v3.1.
2e71c608702d8dee76a55a8cab4aa0945443a1bd14f03c3136a80c533883e398
This Metasploit module exploits a vulnerability in the CA BrightStor Discovery Service. This vulnerability occurs when a specific type of request is sent to the TCP listener on port 41523. This vulnerability was discovered by cybertronic@gmx.net and affects all known versions of the BrightStor product. This Metasploit module is based on the 'cabrightstor_disco' exploit by Thor Doomen.
532219f28d50db309980d4c39dfa18dcf976499ccb5c9736a81297f410a80362
This Metasploit module exploits a vulnerability in the CA BrightStor Discovery Service. This vulnerability occurs when a large request is sent to UDP port 41524, triggering a stack overflow.
cc02dcad9531e32e7473a4a7fa98929736e506792b9a193707c55a2b424bc463
This is an exploit for the chunked encoding buffer overflow described in MS03-051 and originally reported by Brett Moore. This particular modules works against versions of Windows 2000 between SP0 and SP3. Service Pack 4 fixes the issue.
87fab5b32fdb6232a2161630eb76486145af6d237e5b23d3b403788baa5d0747
This exploits a stack overflow in the IA WebMail server. This exploit has not been tested against a live system at this time.
1de7b76da90e3919943547d5532332cd36c98258b6de77f1e7d308ad54951310
This Metasploit module exploits a stack overflow in Internet Explorer. This bug was patched in Windows 2000 SP4 and Windows XP SP1 according to MSRC.
5033e002a24ff1bb12912fdbd65bf54856f11e553edfa19caf2a0a3e7345e52d
This Metasploit module exploits a vulnerability in the data binding feature of Internet Explorer. In order to execute code reliably, this module uses the .NET DLL memory technique pioneered by Alexander Sotirov and Mark Dowd. This method is used to create a fake vtable at a known location with all methods pointing to our payload. Since the .text segment of the .NET DLL is non-writable, a prefixed code stub is used to copy the payload into a new memory segment and continue execution from there.
53c60ed102e30232619000346bbfebeb96526a4e990b06ce6a59725cc16ec53f