seeing is believing
Showing 1 - 25 of 48 RSS Feed

Files Date: 2009-10-30

SIPfoundry sipXphone 2.6.0.27 CSeq Buffer Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a buffer overflow in SIPfoundry's sipXphone 2.6.0.27. By sending an overly long CSeq value, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the affected application.

tags | exploit, remote, overflow, arbitrary
advisories | CVE-2006-3524
MD5 | e12837715461982da0378b11fb7ab725
Proxy-Pro Professional GateKeeper 4.7 GET Request Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Proxy-Pro Professional GateKeeper 4.7. By sending a long HTTP GET to the default port of 3128, a remote attacker could overflow a buffer and execute arbitrary code.

tags | exploit, remote, web, overflow, arbitrary
advisories | CVE-2004-0326
MD5 | 236e4cbd21b904c274d433570efd4292
Microsoft SQL Server Resolution Overflow
Posted Oct 30, 2009
Authored by H D Moore | Site metasploit.com

This is an exploit for the SQL Server 2000 resolution service buffer overflow. This overflow is triggered by sending a udp packet to port 1434 which starts with 0x04 and is followed by long string terminating with a colon and a number. This Metasploit module should work against any vulnerable SQL Server 2000 or MSDE install (pre-SP3).

tags | exploit, overflow, udp
advisories | CVE-2002-0649
MD5 | aefc402bff82ed6effa9174fe4f05a77
Novell NetMail <= 3.52d IMAP SUBSCRIBE Buffer Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Novell's NetMail 3.52 IMAP SUBSCRIBE verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution.

tags | exploit, overflow, imap
advisories | CVE-2006-6761
MD5 | 530890e764a5916a4016d1246e7c9a07
Microsoft IIS 5.0 Printer Host Header Overflow
Posted Oct 30, 2009
Authored by H D Moore | Site metasploit.com

This exploits a buffer overflow in the request processor of the Internet Printing Protocol ISAPI module in IIS. This Metasploit module works against Windows 2000 service pack 0 and 1. If the service stops responding after a successful compromise, run the exploit a couple more times to completely kill the hung process.

tags | exploit, overflow, protocol
systems | windows, 2k
advisories | CVE-2001-0241
MD5 | 011eb5cfc9ca3a9b443ef09d69cb9770
Oracle 9i XDB HTTP PASS Overflow (win32)
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in the authorization code of the Oracle 9i HTTP XDB service. David Litchfield, has illustrated multiple vulnerabilities in the Oracle 9i XML Database (XDB), during a seminar on "Variations in exploit methods between Linux and Windows" presented at the Blackhat conference.

tags | exploit, web, overflow, vulnerability
systems | linux, windows
advisories | CVE-2003-0727
MD5 | 7f6075fb013baace03f43b207dae7782
MaxDB WebDBM Database Parameter Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in the MaxDB WebDBM service. By sending a specially-crafted HTTP request that contains an overly long database name. A remote attacker could overflow a buffer and execute arbitrary code on the system with privileges of the wahttp process. This Metasploit module has been tested against MaxDB 7.6.00.16 and MaxDB 7.6.00.27.

tags | exploit, remote, web, overflow, arbitrary
advisories | CVE-2006-4305
MD5 | 8e06deb4c7b5790bea7c107e694e65bb
War-FTPD 1.65 Username Overflow
Posted Oct 30, 2009
Authored by riaf | Site metasploit.com

This Metasploit module exploits a buffer overflow found in the USER command of War-FTPD 1.65.

tags | exploit, overflow
advisories | CVE-1999-0256
MD5 | 3435c07010f11d33b212804e0c189e2f
BlazeDVD 5.1 PLF Buffer Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack over flow in BlazeDVD 5.1. When the application is used to open a specially crafted plf file, a buffer is overwritten allowing for the execution of arbitrary code.

tags | exploit, arbitrary
MD5 | 4b192fd114bdfab3ca86f73ff8eea814
SoftArtisans XFile FileManager ActiveX Control Buffer Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in SoftArtisans XFile FileManager ActiveX control (SAFmgPwd.dll 2.0.5.3). When sending an overly long string to the GetDriveName() method an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary, activex
advisories | CVE-2007-1682
MD5 | 931e920ee423b3ac8d2458c849da3eef
Symantec Norton Internet Security 2004 ActiveX Control Buffer Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in the ISAlertDataCOM ActiveX Control (ISLAert.dll) provided by Symantec Norton Internet Security 2004. By sending a overly long string to the "Get()" method, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary, activex
advisories | CVE-2007-1689
MD5 | 27fa43c7a6bc6ad0adaf06f90417e613
Internet Explorer COM CreateObject Code Execution
Posted Oct 30, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a generic code execution vulnerability in Internet Explorer by abusing vulnerable ActiveX objects.

tags | exploit, code execution, activex
MD5 | a85d55c56e1a1797651aac42aabe0cb8
Facebook Photo Uploader 4 ActiveX Control Buffer Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Facebook Photo Uploader 4. By sending an overly long string to the "ExtractIptc()" property located in the ImageUploader4.ocx (4.5.57.0) Control, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2008-5711
MD5 | afb6e832377ff9482a38b2705422a3b6
CA BrightStor ARCserve Message Engine Heap Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a heap overflow in Computer Associates BrightStor ARCserve Backup 11.5. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2006-5143
MD5 | 30bae2aad319eca435b874c4335b8515
Veritas Backup Exec Windows Remote Agent Overflow
Posted Oct 30, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a stack overflow in the Veritas BackupExec Windows Agent software. This vulnerability occurs when a client authentication request is received with type '3' and a long password argument. Reliable execution is obtained by abusing the stack overflow to smash a SEH pointer.

tags | exploit, overflow
systems | windows
advisories | CVE-2005-0773
MD5 | 4557d9e2aa7bd8179563c3a1b6a4abaa
My Remote File Server Privilege Escalation
Posted Oct 30, 2009
Authored by Francis Provencher

My Remote File Server suffers from a local privilege escalation vulnerability.

tags | advisory, remote, local
MD5 | 996e1566a6e551502ae42f789ccd2008
PSArt 1.2 SQL Injection
Posted Oct 30, 2009
Authored by Securitylab Security Research | Site securitylab.ir

PSArt version 1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1043e1fc083872e2a574e77e1e1078b9
Windows Media Player Local File Detection
Posted Oct 30, 2009
Authored by Renard Volant | Site lrv.ch.vu

Windows Media Player version 11 suffers from a local file detection vulnerability.

tags | advisory, local
systems | windows
MD5 | 98d84d1e1313d92d599b98256f2cb656
Clam AntiVirus Toolkit 0.95.3
Posted Oct 30, 2009
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: This is a bugfix release recommended for all users.
tags | virus
systems | unix
MD5 | eaf9fccc3cc3567605a9732313652967
WTMP Log Cleaner 0.6.6
Posted Oct 30, 2009
Authored by Davide Madrisan | Site davide.madrisan.googlepages.com

wtmpClean is a tool for Unix which clears a given user from the wtmp database.

Changes: The cleaning of the wtmp records no longer leaves any trace, even in the raw output. The listing of user logins was improved.
tags | tool, rootkit
systems | unix
MD5 | 15b31fed9d18ee45607bd2379668ec54
Oracle Database AUTH_SESSKEY Exploit
Posted Oct 30, 2009
Authored by Dennis Yurichev

Proof of concept exploit for Oracle Database versions 10.1.0.5 and 10.2.0.4 that relates to an improper AUTH_SESSKEY parameter length validation.

tags | exploit, proof of concept
advisories | CVE-2009-1979
MD5 | 660b662ab4b883cfab9655f94f942ca7
CubeCart 4 Session Management Bypass
Posted Oct 30, 2009
Authored by Bogdan Calin | Site acunetix.com

CubeCart 4 suffers from a really nasty session management bypass vulnerability.

tags | exploit, bypass
MD5 | 7581bc6c05ca76a7306651bb56bb45f3
Joomla Jumi Is Backdoored
Posted Oct 30, 2009
Authored by Jan van Niekerk

The Joomla Jumi component is backdoored and apparently sends user passwords to another site.

tags | advisory
MD5 | d2f1e119420378da415a4687d0c51ac1
SafeNet SoftRemote Local Buffer Overflow
Posted Oct 30, 2009
Site senseofsecurity.com.au

SafeNet SoftRemote is vulnerable to a local stack based buffer overflow which can lead to the compromise of a vulnerable system. Versions 10.8.5 Build 2 and 10.3.5 Build 6 are verified vulnerable.

tags | advisory, overflow, local
MD5 | 1360d5a09524a3e81447e05a39eab5d2
Debian Linux Security Advisory 1923-1
Posted Oct 30, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1923-1 - A denial of service vulnerability has been found in libhtml-parser-perl, a collection of modules to parse HTML in text documents which is used by several other projects like e.g. SpamAssassin.

tags | advisory, denial of service, perl
systems | linux, debian
advisories | CVE-2009-3627
MD5 | 13668574cbe66bc7e4b56e0660d327fe
Page 1 of 2
Back12Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    12 Files
  • 23
    Sep 23rd
    2 Files
  • 24
    Sep 24th
    2 Files
  • 25
    Sep 25th
    11 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close