exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 48 RSS Feed

Files Date: 2009-10-30

SIPfoundry sipXphone 2.6.0.27 CSeq Buffer Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a buffer overflow in SIPfoundry's sipXphone 2.6.0.27. By sending an overly long CSeq value, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the affected application.

tags | exploit, remote, overflow, arbitrary
advisories | CVE-2006-3524
SHA-256 | 16cae06b43b97106a08996b8d5b7db2eef5683927679185e97864948580de0dc
Proxy-Pro Professional GateKeeper 4.7 GET Request Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Proxy-Pro Professional GateKeeper 4.7. By sending a long HTTP GET to the default port of 3128, a remote attacker could overflow a buffer and execute arbitrary code.

tags | exploit, remote, web, overflow, arbitrary
advisories | CVE-2004-0326
SHA-256 | f263e459a51ce3b19e265dbc0a01b7a3c3ab6600a69d08d3754887972c12e298
Microsoft SQL Server Resolution Overflow
Posted Oct 30, 2009
Authored by H D Moore | Site metasploit.com

This is an exploit for the SQL Server 2000 resolution service buffer overflow. This overflow is triggered by sending a udp packet to port 1434 which starts with 0x04 and is followed by long string terminating with a colon and a number. This Metasploit module should work against any vulnerable SQL Server 2000 or MSDE install (pre-SP3).

tags | exploit, overflow, udp
advisories | CVE-2002-0649
SHA-256 | 7711b3551f65de8b3c1a470acec58e0e4ae8a9851dc880cfc289ef0ef106db00
Novell NetMail <= 3.52d IMAP SUBSCRIBE Buffer Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Novell's NetMail 3.52 IMAP SUBSCRIBE verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution.

tags | exploit, overflow, imap
advisories | CVE-2006-6761
SHA-256 | 4f3a51860649cb4cf74cf0fc0cb120be7c093bb1528c86e2aeecca4de2ca9ae8
Microsoft IIS 5.0 Printer Host Header Overflow
Posted Oct 30, 2009
Authored by H D Moore | Site metasploit.com

This exploits a buffer overflow in the request processor of the Internet Printing Protocol ISAPI module in IIS. This Metasploit module works against Windows 2000 service pack 0 and 1. If the service stops responding after a successful compromise, run the exploit a couple more times to completely kill the hung process.

tags | exploit, overflow, protocol
systems | windows
advisories | CVE-2001-0241
SHA-256 | b89bdeebebc852766ecaacbc91a18e2b0ea9f977b2ecef4ca5770e85c2e682c9
Oracle 9i XDB HTTP PASS Overflow (win32)
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in the authorization code of the Oracle 9i HTTP XDB service. David Litchfield, has illustrated multiple vulnerabilities in the Oracle 9i XML Database (XDB), during a seminar on "Variations in exploit methods between Linux and Windows" presented at the Blackhat conference.

tags | exploit, web, overflow, vulnerability
systems | linux, windows
advisories | CVE-2003-0727
SHA-256 | 6281085b9791e23b392a0a79188a09db7df06943411dd28109795e5dafe88576
MaxDB WebDBM Database Parameter Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in the MaxDB WebDBM service. By sending a specially-crafted HTTP request that contains an overly long database name. A remote attacker could overflow a buffer and execute arbitrary code on the system with privileges of the wahttp process. This Metasploit module has been tested against MaxDB 7.6.00.16 and MaxDB 7.6.00.27.

tags | exploit, remote, web, overflow, arbitrary
advisories | CVE-2006-4305
SHA-256 | 41762083ad11674f55c5750f5696d780c5f62b78712e22492dc00ab7d1673f69
War-FTPD 1.65 Username Overflow
Posted Oct 30, 2009
Authored by riaf | Site metasploit.com

This Metasploit module exploits a buffer overflow found in the USER command of War-FTPD 1.65.

tags | exploit, overflow
advisories | CVE-1999-0256
SHA-256 | 6b9d1bed980a1f2e6457ad141aab577141467851a1a03a4918a6b4390b1dba54
BlazeDVD 5.1 PLF Buffer Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack over flow in BlazeDVD 5.1. When the application is used to open a specially crafted plf file, a buffer is overwritten allowing for the execution of arbitrary code.

tags | exploit, arbitrary
SHA-256 | 50ef6ecfa3e159236f31b2eaee5a45f01dba04b1d8ac2f8965dcc62089b1a2f0
SoftArtisans XFile FileManager ActiveX Control Buffer Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in SoftArtisans XFile FileManager ActiveX control (SAFmgPwd.dll 2.0.5.3). When sending an overly long string to the GetDriveName() method an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary, activex
advisories | CVE-2007-1682
SHA-256 | 474201b4387d7de75578a0f85b782b1ddad51996e42b696ef4b4dd5421cc7726
Symantec Norton Internet Security 2004 ActiveX Control Buffer Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in the ISAlertDataCOM ActiveX Control (ISLAert.dll) provided by Symantec Norton Internet Security 2004. By sending a overly long string to the "Get()" method, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary, activex
advisories | CVE-2007-1689
SHA-256 | 57eee3404ecbf360b0ad38314d21191b6bf5e3cc2fb2804d4afed6241f22df64
Internet Explorer COM CreateObject Code Execution
Posted Oct 30, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a generic code execution vulnerability in Internet Explorer by abusing vulnerable ActiveX objects.

tags | exploit, code execution, activex
SHA-256 | cba235a2b01d01d109d7db9a4cf764f010d842bdcec957fac50efd8f2b5c47d6
Facebook Photo Uploader 4 ActiveX Control Buffer Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Facebook Photo Uploader 4. By sending an overly long string to the "ExtractIptc()" property located in the ImageUploader4.ocx (4.5.57.0) Control, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2008-5711
SHA-256 | b3504b05e054fd4f0ce942b24ac9a517ad22489614eb259059044a52e0f865cc
CA BrightStor ARCserve Message Engine Heap Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a heap overflow in Computer Associates BrightStor ARCserve Backup 11.5. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2006-5143
SHA-256 | 427b574af9a8cb593fb19149183850cba00151cb2f8c3273f5dc45d957eb8a7a
Veritas Backup Exec Windows Remote Agent Overflow
Posted Oct 30, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a stack overflow in the Veritas BackupExec Windows Agent software. This vulnerability occurs when a client authentication request is received with type '3' and a long password argument. Reliable execution is obtained by abusing the stack overflow to smash a SEH pointer.

tags | exploit, overflow
systems | windows
advisories | CVE-2005-0773
SHA-256 | ba61f8839cb62683a0ecb79152b2af142df471dba3d77bf8cfeb996178ca8a7d
My Remote File Server Privilege Escalation
Posted Oct 30, 2009
Authored by Francis Provencher

My Remote File Server suffers from a local privilege escalation vulnerability.

tags | advisory, remote, local
SHA-256 | b0d5863983aebf57733c7be0f0976c34e42a4ed7233c11d0fb111626926f6f12
PSArt 1.2 SQL Injection
Posted Oct 30, 2009
Authored by Securitylab Security Research | Site securitylab.ir

PSArt version 1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f5e470d911a53606b9c19dd111f0c2e33b3fda1208a9cfbceb1b8083201b8c09
Windows Media Player Local File Detection
Posted Oct 30, 2009
Authored by Renard Volant | Site lrv.ch.vu

Windows Media Player version 11 suffers from a local file detection vulnerability.

tags | advisory, local
systems | windows
SHA-256 | c38b03608124285e169d1f036ee295d2a369fd363cbb26807ff7712665cd870d
Clam AntiVirus Toolkit 0.95.3
Posted Oct 30, 2009
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: This is a bugfix release recommended for all users.
tags | virus
systems | unix
SHA-256 | 003e7a570932fdffbd19fa7a7996274fbfc93f890d26c3066a36eb824c906250
WTMP Log Cleaner 0.6.6
Posted Oct 30, 2009
Authored by Davide Madrisan | Site davide.madrisan.googlepages.com

wtmpClean is a tool for Unix which clears a given user from the wtmp database.

Changes: The cleaning of the wtmp records no longer leaves any trace, even in the raw output. The listing of user logins was improved.
tags | tool, rootkit
systems | unix
SHA-256 | f20339e9bc791d29b822e66deba35d09450a7e97036f9f88f0d36c654e216657
Oracle Database AUTH_SESSKEY Exploit
Posted Oct 30, 2009
Authored by Dennis Yurichev

Proof of concept exploit for Oracle Database versions 10.1.0.5 and 10.2.0.4 that relates to an improper AUTH_SESSKEY parameter length validation.

tags | exploit, proof of concept
advisories | CVE-2009-1979
SHA-256 | 52a2d39306c0ea3dca0906e13dceccca08d82caae4db3bc685d747c0e4e324f1
CubeCart 4 Session Management Bypass
Posted Oct 30, 2009
Authored by Bogdan Calin | Site acunetix.com

CubeCart 4 suffers from a really nasty session management bypass vulnerability.

tags | exploit, bypass
SHA-256 | a03e6ea6ae9efabda907cc7a8663fdd7d66739509606981def368df47035b187
Joomla Jumi Is Backdoored
Posted Oct 30, 2009
Authored by Jan van Niekerk

The Joomla Jumi component is backdoored and apparently sends user passwords to another site.

tags | advisory
SHA-256 | 32834abecdbef0f2d657947c79146fe6fc4c36075aa18b0276288f6581e0ad94
SafeNet SoftRemote Local Buffer Overflow
Posted Oct 30, 2009
Site senseofsecurity.com.au

SafeNet SoftRemote is vulnerable to a local stack based buffer overflow which can lead to the compromise of a vulnerable system. Versions 10.8.5 Build 2 and 10.3.5 Build 6 are verified vulnerable.

tags | advisory, overflow, local
SHA-256 | 56225e9982cc70db07769c44299eba3647755fa089c5db795da3b7b2d5d1a7c8
Debian Linux Security Advisory 1923-1
Posted Oct 30, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1923-1 - A denial of service vulnerability has been found in libhtml-parser-perl, a collection of modules to parse HTML in text documents which is used by several other projects like e.g. SpamAssassin.

tags | advisory, denial of service, perl
systems | linux, debian
advisories | CVE-2009-3627
SHA-256 | 9f1818d3726640fc83c9bc282de4c5ec25b1509a4b848c6a2dd32c8de7c5aaf4
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close