Exploit the possiblities
Showing 1 - 25 of 68 RSS Feed

Files Date: 2009-10-27

RealServer Describe Buffer Overflow
Posted Oct 27, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a buffer overflow in RealServer 7/8/9 and was based on Johnny Cyberpunk's THCrealbad exploit. This code should reliably exploit Linux, BSD, and Windows-based servers.

tags | exploit, overflow
systems | linux, windows, bsd
MD5 | 6094aa9a91491f3755f7e3cd2e7c367a
Mandriva Linux Security Advisory 2009-289
Posted Oct 27, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-289 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. These range from buffer overflows to denial of service vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2009-1895, CVE-2009-2406, CVE-2009-2407, CVE-2009-2908, CVE-2009-3290
MD5 | 753e062f7da14ef5264d0068d02c7cea
VMware Security Advisory 2009-0015
Posted Oct 27, 2009
Authored by VMware | Site vmware.com

VMware Security Advisory - VMware hosted products and ESX patches resolve two security issues.

tags | advisory
advisories | CVE-2009-2267, CVE-2009-3733
MD5 | c99584dc14e5b0d1c4c8c111dd16f692
VMWare Workstation Virtual 8086 Linux Local ring0
Posted Oct 27, 2009
Authored by Tavis Ormandy, Julien Tinnes

VMWare Workstation Virtual 8086 Linux Local ring0 exploit.

tags | exploit, local
systems | linux
advisories | CVE-2009-2267
MD5 | f0fbf0b88d488847d728b1c5ed6154de
Wowd Search Client XSS
Posted Oct 27, 2009
Authored by Lostmon | Site lostmon.blogspot.com

The Wowd Search Client version 1.3.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 734bdab1e8387525dde49d224b95a0e1
Mandos Encrypted File System Unattended Reboot Utility 1.0.14
Posted Oct 27, 2009
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: This release enables building without -pie and -fPIE if BROKEN_PIE is set.
tags | remote, root
systems | linux
MD5 | 8b16753b105c1f61ea7e665d09fe2304
Aruba Networks Security Advisory - 102609
Posted Oct 27, 2009
Site arubanetworks.com

Aruba Networks Security Advisory - A Denial of Service (DoS) vulnerability was discovered during standard bug reporting procedures. A malformed 802.11 association request frame causes a crash on the Access Point (AP) causing a temporary DoS condition for wireless clients. Prior successful security association with the wireless network is not required to cause this condition. The AP recovers automatically by restarting itself.

tags | advisory, denial of service
MD5 | c6bb34600ebef63ef827d8357431f892
Boloto Media Player 1.0.0.9 Crash
Posted Oct 27, 2009
Authored by Dr_IDE

Boloto Media Player version 1.0.0.9 local crash proof of concept exploit that creates a malicious .pls file.

tags | exploit, denial of service, local, proof of concept
MD5 | b36a4c84498c7da3d7bc23d3b60ad57d
PHP 4 unserialize() ZVAL Reference Counter Overflow
Posted Oct 27, 2009
Authored by H D Moore, Stefan Esser, GML | Site metasploit.com

This Metasploit module exploits an integer overflow vulnerability in the unserialize() function of the PHP web server extension.

tags | exploit, web, overflow, php
advisories | CVE-2007-1286
MD5 | 5328f9ccf0fabc5d2f0900b7b86d6114
NTPd Buffer Overflow
Posted Oct 27, 2009
Authored by patrick | Site metasploit.com

This Metasploit module exploits a stack based buffer overflow in the ntpd and xntpd service. By sending an overly long 'readvar' request it is possible to execute code remotely. As the stack is corrupted, this module uses the Egghunter technique.

tags | exploit, overflow
advisories | CVE-2001-0414
MD5 | 5e227b8fec1a9ac01b1964aa5e77f258
VERITAS NetBackup Remote Command Execution
Posted Oct 27, 2009
Authored by patrick | Site metasploit.com

This Metasploit module allows arbitrary command execution on an ephemeral port opened by Veritas NetBackup, whilst an administrator is authenticated. The port is opened and allows direct console access as root or SYSTEM from any source address.

tags | exploit, arbitrary, root
advisories | CVE-2004-1389
MD5 | 8427f7207c40d2c8437b522340d70c3a
HP OpenView OmniBack II Command Execution
Posted Oct 27, 2009
Authored by H D Moore, patrick | Site metasploit.com

This Metasploit module uses a vulnerability in the OpenView Omniback II service to execute arbitrary commands. This vulnerability was discovered by DiGiT and his code was used as the basis for this module.

tags | exploit, arbitrary
advisories | CVE-2001-0311
MD5 | b269dc6f7984d396b3e5e9acaf44dd3c
Apple QTJava toQTPointer() Arbitrary Memory Access
Posted Oct 27, 2009
Authored by H D Moore, Kevin Finisterre, Dino A. Dai Zovi | Site metasploit.com

This Metasploit module exploits an arbitrary memory access vulnerability in the Quicktime for Java API provided with Quicktime 7.

tags | exploit, java, arbitrary
advisories | CVE-2007-2175
MD5 | 323f73061bb5aac7440629d2dd7e2adf
Opera historysearch XSS
Posted Oct 27, 2009
Authored by Aviv Raff, Roberto Suggi Liverani

Certain constructs are not escaped correctly by Opera's History Search results. These can be used to inject scripts into the page, which can then be used to modify configuration settings and execute arbitrary commands. Affects Opera versions between 9.50 and 9.61.

tags | exploit, arbitrary
advisories | CVE-2008-4696
MD5 | b217cb641cbc6f7e36e3f249a2a4cc1e
Opera 9 Configuration Overwrite
Posted Oct 27, 2009

Opera web browser in versions 9.10 and below allows unrestricted script access to its configuration page, opera:config, allowing an attacker to change settings and potentially execute arbitrary code.

tags | exploit, web, arbitrary
MD5 | a1c3a6e51e21635db81c032dda7ed33c
Mozilla Suite/Firefox Navigator Object Code Execution
Posted Oct 27, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a code execution vulnerability in the Mozilla Suite, Mozilla Firefox, and Mozilla Thunderbird applications. This exploit requires the Java plugin to be installed.

tags | exploit, java, code execution
advisories | CVE-2006-3677
MD5 | 2804a3015f290bb20035327cbda16adf
Mozilla Firefox Code Execution
Posted Oct 27, 2009
Authored by H D Moore, Aviv Raff | Site metasploit.com

This Metasploit module exploits a code execution vulnerability in the Mozilla Suite, Mozilla Firefox, and Mozilla Thunderbird applications. This exploit module is a direct port of Aviv Raff's HTML PoC.

tags | exploit, code execution
advisories | CVE-2005-2265
MD5 | 4d11bb8de765d259995301791ec60b38
Sun Java Calendar Deserialization
Posted Oct 27, 2009
Authored by H D Moore, sf | Site metasploit.com

This Metasploit module exploits a flaw in the deserialization of Calendar objects in the Sun JVM. The payload can be either a native payload which is generated as an executable and dropped/executed on the target or a shell from within the Java applet in the target browser. The effected Java versions are JDK and JRE 6 Update 10 and earlier, JDK and JRE 5.0 Update 16 and earlier, SDK and JRE 1.4.2_18 and earlier (SDK and JRE 1.3.1 are not affected).

tags | exploit, java, shell
advisories | CVE-2008-5353
MD5 | adddfd511b0cb82ba52be9f260b8602f
Firefox location.QueryInterface() Code Execution
Posted Oct 27, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a code execution vulnerability in the Mozilla Firefox browser. To reliably exploit this vulnerability, we need to fill almost a gigabyte of memory with our nop sled and payload. This module has been tested on OS X 10.3 with the stock Firefox 1.5.0 package.

tags | exploit, code execution
systems | apple, osx
advisories | CVE-2006-0295
MD5 | b158bc86d5bf60d7467ced07314943c5
Firefox 3.5 escape() Return Value Memory Corruption
Posted Oct 27, 2009
Authored by H D Moore, Simon Berry-Byrne

This Metasploit module exploits a memory corruption vulnerability in the Mozilla Firefox browser. This flaw occurs when a bug in the javascript interpreter fails to preserve the return value of the escape() function and results in uninitialized memory being used instead. This module has only been tested on Windows, but should work on other platforms as well with the current targets.

tags | exploit, javascript
systems | windows
MD5 | 6116e92fca1903ed3250f521944da945
Samba lsa_io_trans_names Heap Overflow
Posted Oct 27, 2009
Authored by Adriano Lima | Site risesecurity.org

This Metasploit module triggers a heap overflow in the LSA RPC service of the Samba daemon. This module uses the TALLOC chunk overwrite method (credit Ramon and Adriano), which only works with Samba versions 3.0.21-3.0.24. Additionally, this module will not work when the Samba "log level" parameter is higher than "2".

tags | exploit, overflow
advisories | CVE-2007-2446
MD5 | 8f84f393fa7096a43ae30b92fc8df61d
Squid NTLM Authenticate Overflow
Posted Oct 27, 2009
Authored by skape

This is an exploit for Squid's NTLM authenticate overflow (libntlmssp.c). Due to improper bounds checking in ntlm_check_auth, it is possible to overflow the 'pass' variable on the stack with user controlled data of a user defined length.

tags | exploit, overflow
advisories | CVE-2004-0541
MD5 | 1e35db4061c87b08d4b474ab69753bdd
Poptop Negative Read Overflow
Posted Oct 27, 2009
Authored by spoonm

This is an exploit for the Poptop negative read overflow. This will work against versions prior to 1.1.3-b3 and 1.1.3-20030409.

tags | exploit, overflow
advisories | CVE-2003-0213
MD5 | 830bfdbd26298b840c903bfc1b4d5d94
MySQL yaSSL SSL Hello Message Buffer Overflow
Posted Oct 27, 2009
Authored by MC

This Metasploit module exploits a stack overflow in the yaSSL (1.7.5 and earlier) implementation bundled with MySQL versions 6.0 and below. By sending a specially crafted Hello packet, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2008-0226
MD5 | 690b5fdd36e38c0b026a4e0fc9ad7a54
Borland InterBase PWD_db_aliased() Buffer Overflow
Posted Oct 27, 2009
Authored by Adriano Lima | Site risesecurity.org

This Metasploit module exploits a stack overflow in Borland InterBase by sending a specially crafted attach request.

tags | exploit, overflow
advisories | CVE-2007-5243
MD5 | 20990f30e3c1bca0c41eb265d3de6ca7
Page 1 of 3
Back123Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close