what you don't know can hurt you
Showing 1 - 25 of 54 RSS Feed

Files Date: 2009-10-28

ClamAV Milter Blackhole-Mode Remote Code Execution
Posted Oct 28, 2009
Authored by patrick | Site metasploit.com

This Metasploit module exploits a flaw in the Clam AntiVirus suite 'clamav-milter' (Sendmail mail filter). Versions prior to 0.92.2 are vulnerable. When implemented with black hole mode enabled, it is possible to execute commands remotely due to an insecure popen call.

tags | exploit
advisories | CVE-2007-4560
MD5 | 82c785f79a6f63dee51ba000a284f213
SpamAssassin spamd Remote Command Execution
Posted Oct 28, 2009
Authored by patrick | Site metasploit.com

This Metasploit module exploits a flaw in the SpamAssassin spamd service by specifying a malicious vpopmail User header, when running with vpopmail and paranoid modes enabled (non-default). Versions prior to 3.1.3 are vulnerable.

tags | exploit
advisories | CVE-2006-2447
MD5 | bf09f798b36904890a7967b9288a6b07
DistCC Daemon Command Execution
Posted Oct 28, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module uses a documented security weakness to execute arbitrary commands on any system running distccd.

tags | exploit, arbitrary
advisories | CVE-2004-2687
MD5 | 07af102ab61b4945263c0c9f76b12255
ContentKeeper Web Remote Command Execution
Posted Oct 28, 2009
Authored by patrick | Site metasploit.com

This Metasploit module exploits the ContentKeeper Web Appliance. Versions prior to 125.10 are affected. This module exploits a combination of weaknesses to enable remote command execution as the Apache user. Following exploitation it is possible to abuse an insecure PATH call to 'ps' etc in setuid 'benetool' to escalate to root.

tags | exploit, remote, web, root
MD5 | d9d583b51da3ea97779cd2b73646e602
Solaris in.telnetd TTYPROMPT Buffer Overflow
Posted Oct 28, 2009
Authored by MC, cazz

This Metasploit module uses a buffer overflow in the Solaris 'login' application to bypass authentication in the telnet daemon.

tags | exploit, overflow
systems | solaris
advisories | CVE-2001-0797
MD5 | f5056b503daf505f4150aa873c19a321
Sun Solaris Telnet Remote Authentication Bypass
Posted Oct 28, 2009
Authored by MC

This Metasploit module exploits the argument injection vulnerability in the telnet daemon (in.telnetd) of Solaris 10 and 11.

tags | exploit
systems | solaris
advisories | CVE-2007-0882
MD5 | 5c9d0310bed692855ab74a2227508cc0
Solaris ypupdated Command Execution
Posted Oct 28, 2009
Authored by I)ruid

This exploit targets a weakness in the way the ypupdated RPC application uses the command shell when handling a MAP UPDATE request.

tags | exploit, shell
advisories | CVE-1999-0209
MD5 | cc2a467ac393cc38f358d8b11bed9cc8
Solaris sadmind Command Execution
Posted Oct 28, 2009
Authored by H D Moore, cazz, vlad902 | Site metasploit.com

This exploit targets a weakness in the default security settings of the sadmind RPC application. This server is installed and enabled by default on most versions of the Solaris operating system. Vulnerable systems include solaris 2.7, 8, and 9.

tags | exploit
systems | solaris
advisories | CVE-2003-0722
MD5 | b35c5bfeebb1e521bdad45053c664ca2
Sun Solaris sadmind adm_build_path() Buffer Overflow
Posted Oct 28, 2009
Authored by Adriano Lima | Site risesecurity.org

This Metasploit module exploits a buffer overflow vulnerability in adm_build_path() function of sadmind daemon.

tags | exploit, overflow
advisories | CVE-2008-4556
MD5 | 445586327b6a99350a42708bd196facb
Debian Linux Security Advisory 1922-1
Posted Oct 28, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1922-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2009-3274, CVE-2009-3370, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3380, CVE-2009-3382
MD5 | 460655adb2782c43984b233624e94e5a
Cherokee 0.5.4 Directory Traversal
Posted Oct 28, 2009
Authored by Dr_IDE

Cherokee versions 0.5.4 and below suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 403962f079e8d92ce379c49951d70cda
Solaris LPD Command Execution
Posted Oct 28, 2009
Authored by H D Moore, Dino A. Dai Zovi | Site metasploit.com

This Metasploit module exploits an arbitrary command execution flaw in the in.lpd service shipped with all versions of Sun Solaris up to and including 8.0. This module uses a technique discovered by Dino Dai Zovi to exploit the flaw without needing to know the resolved name of the attacking system.

tags | exploit, arbitrary
systems | solaris
advisories | CVE-2001-1583
MD5 | e38a9f11115d68bc3f3a83145bf7542a
Wireshark Analyzer 1.2.3
Posted Oct 28, 2009
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Multiple vulnerabilities have been addressed. Various other fixes.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | c2dfc197e485a0b0072ca64b8ac4d24c
iDEFENSE Security Advisory 2009-10-28.1
Posted Oct 28, 2009
Authored by iDefense Labs, regenrecht | Site idefense.com

Remote exploitation of a buffer overflow in the Mozilla Foundation's libpr0n image processing library allows attackers to execute arbitrary code. The libpr0n GIF parser was designed using a state machine which is represented as a series of switch/case statements. One particularly interesting state, 'gif_image_header', is responsible for interpreting a single image/frame description record. A single GIF file may contain many images, each with a different color map associated. The problem lies in the handling of changes to the color map of subsequent images in a multiple-image GIF file. Memory reallocation is not managed correctly and can result in an exploitable heap overflow condition. iDefense confirmed the existence of this vulnerability using Mozilla Firefox versions 3.0.13 and 3.5.2 on 32-bit Windows XP SP3. Other versions, and potentially other applications using libpr0n, are suspected to be vulnerable.

tags | advisory, remote, overflow, arbitrary
systems | windows, xp
advisories | CVE-2009-3373
MD5 | 44a92ee1872b49c79818d60937028c4a
Oscailt 3.3 Local File Inclusion
Posted Oct 28, 2009
Authored by s4r4d0

Oscailt CMS version 3.3 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 06121f5b7a550f3fa731f8dbec8a1d13
Mozilla Firefox 3.5.3 Local Download Manager Exploit
Posted Oct 28, 2009
Authored by Jeremy Brown | Site jbrownsec.blogspot.com

Mozilla Firefox version 3.5.3 local download manager exploit that demonstrates a temporary file creation vulnerability.

tags | exploit, local
MD5 | ff0a70ec71952b02c7ea238923d542dc
Opera RSS Hijacking
Posted Oct 28, 2009
Authored by Inferno from Secure Thoughts

Small write up called Hijacking Opera's Native Page Using Malicious RSS Payloads.

tags | advisory
MD5 | 3dcca7d61b2e38f2b980c1b733cf2b03
Mariposa Botnet C+C Decryption Plugin
Posted Oct 28, 2009
Site code.google.com

This is the Mariposa Botnet C+C decryption plugin for wireshark.

tags | tool, sniffer
MD5 | 44da36738b4ad0e608bd3c7beb43b440
Solaris dtspcd Heap Overflow
Posted Oct 28, 2009
Authored by noir | Site metasploit.com

This is a port of noir's dtspcd exploit. This Metasploit module should work against any vulnerable version of Solaris 8 (sparc). The original exploit code was published in the book Shellcoder's Handbook.

tags | exploit, shellcode
systems | solaris
advisories | CVE-2001-0803
MD5 | b651e2e336445eaafedfc821c5728f93
Samba trans2open Overflow
Posted Oct 28, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8. This particular module is capable of exploiting the bug on Mac OS X PowerPC systems.

tags | exploit, overflow
systems | apple, osx
advisories | CVE-2003-0201
MD5 | 106a9258f6f5ff6fa77fc7c7c272ea31
MacOS X QuickTime RTSP Content-Type Overflow
Posted Oct 28, 2009
Site metasploit.com

This Metasploit module exploits the Mac OS X Quicktime RTSP Content-Type overflow.

tags | exploit, overflow
systems | apple, osx
MD5 | 380966feca11229459ef798d1bee894d
Mac OS X mDNSResponder UPnP Location Overflow
Posted Oct 28, 2009
Site metasploit.com

This Metasploit module exploits the Mac OS X mDNSResponder UPnP location overflow.

tags | exploit, overflow
systems | apple, osx
MD5 | 00933391fec89081e5a6100903e69651
WebSTAR FTP Server USER Overflow
Posted Oct 28, 2009
Authored by H D Moore, Dino A. Dai Zovi | Site metasploit.com

This Metasploit module exploits a stack overflow in the logging routine of the WebSTAR FTP server. Reliable code execution is obtained by a series of hops through the System library.

tags | exploit, overflow, code execution
advisories | CVE-2004-0695
MD5 | 01773c137607442fb4bdcd6af39f4e16
Mail.app Image Attachment Command Execution
Posted Oct 28, 2009
Authored by H D Moore, Kevin Finisterre | Site metasploit.com

This Metasploit module exploits a command execution vulnerability in the Mail.app application shipped with Mac OS X 10.5.0. This flaw was patched in 10.4 in March of 2007, but reintroduced into the final release of 10.5.

tags | exploit
systems | apple, osx
advisories | CVE-2006-0395, CVE-2007-6165
MD5 | 65efe27dbff4de35ebd1ec592beb222c
Safari Archive Metadata Command Execution
Posted Oct 28, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a vulnerability in Safari's "Safe file" feature, which will automatically open any file with one of the allowed extensions. This can be abused by supplying a zip file, containing a shell script, with a metafile indicating that the file should be opened by Terminal.app. This module depends on the 'zip' command-line utility.

tags | exploit, shell
advisories | CVE-2006-0848
MD5 | c9eff8239967b82607204dfb73547679
Page 1 of 3
Back123Next

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    26 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    2 Files
  • 9
    May 9th
    2 Files
  • 10
    May 10th
    13 Files
  • 11
    May 11th
    17 Files
  • 12
    May 12th
    22 Files
  • 13
    May 13th
    11 Files
  • 14
    May 14th
    9 Files
  • 15
    May 15th
    2 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    21 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close