MySQL versions 5.6.35 and below and 5.7.17 and below suffer from an integer overflow vulnerability.
0ee06e9ca07a91bdf300e8247f0088f5b1ec71f49b7ac4b052a8d6f34794a932The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character. This is a proof of concept exploit that demonstrates this vulnerability.
75f36dfa842b3b7a95c175cb265cef819693d09f8c78a6ec91fe76cb8705da9eThis Metasploit module will execute an arbitrary payload on a Microsoft SQL Server, using a SQL injection vulnerability. Once a vulnerability is identified this module will use xp_cmdshell to upload and execute Metasploit payloads. It is necessary to specify the exact point where the SQL injection vulnerability happens.
5c71a8e0d959c8b1f43ce27c1cfb87641e1abf71b42047e2636fd0256601f31aThis Metasploit module exploit smashes several pointers. A heap-based buffer overflow can occur when calling the undocumented "sp_replwritetovarbin" extended stored procedure. This vulnerability affects all versions of Microsoft SQL Server 2000 and 2005, Windows Internal Database, and Microsoft Desktop Engine (MSDE) without the updates supplied in MS09-004. Microsoft patched this vulnerability in SP3 for 2005 without any public mention.
22edb58a5f3eb94beb9d96ca4c1c67aaf6a45c0df8336fcfd1b91c3de3a418baRedDot CMS versions 7.5 Build 7.5.0.48 and below full database enumeration exploit that takes advantage of a remote SQL injection vulnerability in ioRD.asp.
3425a7a46022a1d5c00c940d64eb2be9302b2e7ef356f8e16b7bbc1869f47731RedDot CMS versions 7.5 Build 7.5.0.48 and below suffer from a remote SQL injection vulnerability in ioRD.asp.
b97bd24c53768c65b163383bb33684f6375c1f7cb5294f4c72c3f30ea93c2ed8ProxyFuzz is a man-in-the-middle non-deterministic network fuzzer written in Python. ProxyFuzz randomly changes (fuzzes) contents on the network traffic. It supports TCP and UDP protocols and can also be configured to fuzz only one side of the communication. ProxyFuzz is protocol agnostic so it can randomly fuzz any network communication.
83cb422e91d20d05afbe49119a394fe82ea883046f73d3a4484f08440e667307Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols.
602cb39c8ea3a3fed659db86b8e125037d32883c0f0f836cb2930f82c109dd9aTaof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols.
b76f3be147a9483559333d14a283d267d85352df074912fc8ec5b79fefdde902Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols.
d30483f8e9b254765ea834846f66dda81784964a044db89c17ab0b4f71cfde86
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed