This Metasploit module exploits a buffer overflow in SIPfoundry's sipXphone 2.6.0.27. By sending an overly long CSeq value, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the affected application.
16cae06b43b97106a08996b8d5b7db2eef5683927679185e97864948580de0dc
This Metasploit module exploits a stack overflow in Proxy-Pro Professional GateKeeper 4.7. By sending a long HTTP GET to the default port of 3128, a remote attacker could overflow a buffer and execute arbitrary code.
f263e459a51ce3b19e265dbc0a01b7a3c3ab6600a69d08d3754887972c12e298
This is an exploit for the SQL Server 2000 resolution service buffer overflow. This overflow is triggered by sending a udp packet to port 1434 which starts with 0x04 and is followed by long string terminating with a colon and a number. This Metasploit module should work against any vulnerable SQL Server 2000 or MSDE install (pre-SP3).
7711b3551f65de8b3c1a470acec58e0e4ae8a9851dc880cfc289ef0ef106db00
This Metasploit module exploits a stack overflow in Novell's NetMail 3.52 IMAP SUBSCRIBE verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution.
4f3a51860649cb4cf74cf0fc0cb120be7c093bb1528c86e2aeecca4de2ca9ae8
This exploits a buffer overflow in the request processor of the Internet Printing Protocol ISAPI module in IIS. This Metasploit module works against Windows 2000 service pack 0 and 1. If the service stops responding after a successful compromise, run the exploit a couple more times to completely kill the hung process.
b89bdeebebc852766ecaacbc91a18e2b0ea9f977b2ecef4ca5770e85c2e682c9
This Metasploit module exploits a stack overflow in the authorization code of the Oracle 9i HTTP XDB service. David Litchfield, has illustrated multiple vulnerabilities in the Oracle 9i XML Database (XDB), during a seminar on "Variations in exploit methods between Linux and Windows" presented at the Blackhat conference.
6281085b9791e23b392a0a79188a09db7df06943411dd28109795e5dafe88576
This Metasploit module exploits a stack overflow in the MaxDB WebDBM service. By sending a specially-crafted HTTP request that contains an overly long database name. A remote attacker could overflow a buffer and execute arbitrary code on the system with privileges of the wahttp process. This Metasploit module has been tested against MaxDB 7.6.00.16 and MaxDB 7.6.00.27.
41762083ad11674f55c5750f5696d780c5f62b78712e22492dc00ab7d1673f69
This Metasploit module exploits a buffer overflow found in the USER command of War-FTPD 1.65.
6b9d1bed980a1f2e6457ad141aab577141467851a1a03a4918a6b4390b1dba54
This Metasploit module exploits a stack over flow in BlazeDVD 5.1. When the application is used to open a specially crafted plf file, a buffer is overwritten allowing for the execution of arbitrary code.
50ef6ecfa3e159236f31b2eaee5a45f01dba04b1d8ac2f8965dcc62089b1a2f0
This Metasploit module exploits a stack overflow in SoftArtisans XFile FileManager ActiveX control (SAFmgPwd.dll 2.0.5.3). When sending an overly long string to the GetDriveName() method an attacker may be able to execute arbitrary code.
474201b4387d7de75578a0f85b782b1ddad51996e42b696ef4b4dd5421cc7726
This Metasploit module exploits a stack overflow in the ISAlertDataCOM ActiveX Control (ISLAert.dll) provided by Symantec Norton Internet Security 2004. By sending a overly long string to the "Get()" method, an attacker may be able to execute arbitrary code.
57eee3404ecbf360b0ad38314d21191b6bf5e3cc2fb2804d4afed6241f22df64
This Metasploit module exploits a generic code execution vulnerability in Internet Explorer by abusing vulnerable ActiveX objects.
cba235a2b01d01d109d7db9a4cf764f010d842bdcec957fac50efd8f2b5c47d6
This Metasploit module exploits a stack overflow in Facebook Photo Uploader 4. By sending an overly long string to the "ExtractIptc()" property located in the ImageUploader4.ocx (4.5.57.0) Control, an attacker may be able to execute arbitrary code.
b3504b05e054fd4f0ce942b24ac9a517ad22489614eb259059044a52e0f865cc
This Metasploit module exploits a heap overflow in Computer Associates BrightStor ARCserve Backup 11.5. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code.
427b574af9a8cb593fb19149183850cba00151cb2f8c3273f5dc45d957eb8a7a
This Metasploit module exploits a stack overflow in the Veritas BackupExec Windows Agent software. This vulnerability occurs when a client authentication request is received with type '3' and a long password argument. Reliable execution is obtained by abusing the stack overflow to smash a SEH pointer.
ba61f8839cb62683a0ecb79152b2af142df471dba3d77bf8cfeb996178ca8a7d
My Remote File Server suffers from a local privilege escalation vulnerability.
b0d5863983aebf57733c7be0f0976c34e42a4ed7233c11d0fb111626926f6f12
PSArt version 1.2 suffers from a remote SQL injection vulnerability.
f5e470d911a53606b9c19dd111f0c2e33b3fda1208a9cfbceb1b8083201b8c09
Windows Media Player version 11 suffers from a local file detection vulnerability.
c38b03608124285e169d1f036ee295d2a369fd363cbb26807ff7712665cd870d
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
003e7a570932fdffbd19fa7a7996274fbfc93f890d26c3066a36eb824c906250
wtmpClean is a tool for Unix which clears a given user from the wtmp database.
f20339e9bc791d29b822e66deba35d09450a7e97036f9f88f0d36c654e216657
Proof of concept exploit for Oracle Database versions 10.1.0.5 and 10.2.0.4 that relates to an improper AUTH_SESSKEY parameter length validation.
52a2d39306c0ea3dca0906e13dceccca08d82caae4db3bc685d747c0e4e324f1
CubeCart 4 suffers from a really nasty session management bypass vulnerability.
a03e6ea6ae9efabda907cc7a8663fdd7d66739509606981def368df47035b187
The Joomla Jumi component is backdoored and apparently sends user passwords to another site.
32834abecdbef0f2d657947c79146fe6fc4c36075aa18b0276288f6581e0ad94
SafeNet SoftRemote is vulnerable to a local stack based buffer overflow which can lead to the compromise of a vulnerable system. Versions 10.8.5 Build 2 and 10.3.5 Build 6 are verified vulnerable.
56225e9982cc70db07769c44299eba3647755fa089c5db795da3b7b2d5d1a7c8
Debian Linux Security Advisory 1923-1 - A denial of service vulnerability has been found in libhtml-parser-perl, a collection of modules to parse HTML in text documents which is used by several other projects like e.g. SpamAssassin.
9f1818d3726640fc83c9bc282de4c5ec25b1509a4b848c6a2dd32c8de7c5aaf4