exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 301 RSS Feed

Files Date: 2009-11-26

GAMSoft TelSrv 1.5 Username Buffer Overflow
Posted Nov 26, 2009
Authored by Patrick Webster | Site metasploit.com

This Metasploit module exploits a username sprintf stack overflow in GAMSoft TelSrv 1.5. Other versions may also be affected. The service terminates after exploitation, so you only get one chance!

tags | exploit, overflow
advisories | CVE-2000-0665
SHA-256 | bfbc833e65270019d840fbfcd6e70dac6677788a965836dafaaafb7b81a9b917
3Com 3CDaemon 2.0 FTP Username Overflow
Posted Nov 26, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a vulnerability in the 3Com 3CDaemon FTP service. This package is being distributed from the 3Com web site and is recommended in numerous support documents. This Metasploit module uses the USER command to trigger the overflow.

tags | exploit, web, overflow
advisories | CVE-2005-0277
SHA-256 | 815045260e465802c35cbda9285c0622bfe5f32298f8df68633b64d3f5a3b2a0
ACDSee XPM File Section Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a buffer overflow in ACDSee 9.0. When viewing a malicious XPM file with the ACDSee product, a remote attacker could overflow a buffer and execute arbitrary code.

tags | exploit, remote, overflow, arbitrary
advisories | CVE-2007-2193
SHA-256 | 706f221bbef230a67ec4e852b1c3aaf50be9f1de72a3b66900a221e061c04a9e
activePDF WebGrabber ActiveX Control Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in activePDF WebGrabber 3.8. When sending an overly long string to the GetStatus() method of APWebGrb.ocx (3.8.2.0) an attacker may be able to execute arbitrary code. This control is not marked safe for scripting, so choose your attack vector accordingly.

tags | exploit, overflow, arbitrary
SHA-256 | 9163f61dc97f511b2e58317df4a025bc80a9b3778c59ee7308c803bdd503b511
Adobe Collab.collectEmailInfo() Buffer Overflow
Posted Nov 26, 2009
Authored by MC, Didier Stevens | Site metasploit.com

This Metasploit module exploits a buffer overflow in Adobe Reader and Adobe Acrobat Professional 8.1.1. By creating a specially crafted pdf that a contains malformed Collab.collectEmailInfo() call, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2007-5659
SHA-256 | 518aaf1102414303ab4491f0657827b243a86c8bd0569ed8dd01e3e5a762cfb3
Adobe Collab.getIcon() Buffer Overflow
Posted Nov 26, 2009
Authored by MC, jduck, Didier Stevens | Site metasploit.com

This Metasploit module exploits a buffer overflow in Adobe Reader and Adobe Acrobat Professional < 8.1.4. By creating a specially crafted pdf that a contains malformed Collab.getIcon() call, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2009-0927
SHA-256 | d4a91c898b2b649b678e2e14b004ed1827360112073820eebd1bb1198e2c3e7a
Adobe JBIG2Decode Memory Corruption Exploit
Posted Nov 26, 2009
Authored by redsand, Russell Sanford, MC, Didier Stevens, natron | Site metasploit.com

This Metasploit module exploits a heap-based pointer corruption flaw in Adobe Reader 9.0.0 and earlier. This Metasploit module relies upon javascript for the heap spray.

tags | exploit, javascript
SHA-256 | c70e7201fb6677429aa372f8e4d78ab8b21364ee9a98a1ffc919b117d64949be
Adobe PDF Embedded EXE Social Engineering
Posted Nov 26, 2009
Authored by Colin Ames | Site metasploit.com

This Metasploit module embeds a Metasploit payload into an existing PDF file. The resulting PDF can be sent to a target as part of a social engineering attack.

tags | exploit
SHA-256 | 09a56101a149879ad1e7dd5419aa9168cb66336439178af46431113ea67abec4
Adobe RoboHelp Server 8 Arbitrary File Upload and Execute.
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a authentication bypass vulnerability which allows remote attackers to upload and execute arbitrary code.

tags | exploit, remote, arbitrary, bypass
advisories | CVE-2009-3068
SHA-256 | 6a9990e0a446456d233f36ace46eca260847af5ae39b82be3254f1d524a2d1af
Adobe util.printf() Buffer Overflow
Posted Nov 26, 2009
Authored by MC, Didier Stevens | Site metasploit.com

This Metasploit module exploits a buffer overflow in Adobe Reader and Adobe Acrobat Professional < 8.1.3. By creating a specially crafted pdf that a contains malformed util.printf() entry, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2008-2992
SHA-256 | 97136b48e204e50ed975b0d248d3e807fc8bfc21f553834a21665ee774475b17
AOL Instant Messenger goaway Overflow
Posted Nov 26, 2009
Authored by skape, thief | Site metasploit.com

This Metasploit module exploits a flaw in the handling of AOL Instant Messenger's 'goaway' URI handler. An attacker can execute arbitrary code by supplying a overly sized buffer as the 'message' parameter. This issue is known to affect AOL Instant Messenger 5.5.

tags | exploit, arbitrary
advisories | CVE-2004-0636
SHA-256 | 3f9f669a44333e450e5fc4a71660d89955d2e85848f584c1c6d9d52d001ed850
AIM Triton 1.0.4 CSeq Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a buffer overflow in AOL's AIM Triton 1.0.4. By sending an overly long CSeq value, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the affected application.

tags | exploit, remote, overflow, arbitrary
advisories | CVE-2006-3524
SHA-256 | 1400d3cfff7200162909897a766209788942d0f1caac020f8e267b40af56e5cd
EMC AlphaStor Agent Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in EMC AlphaStor 3.1. By sending a specially crafted message, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2008-2158
SHA-256 | 8d5b6a48b3d7f5a8de8e276bf81f237545164da6f22f4d76a285254c369b1853
Altap Salamander 2.5 PE Viewer Buffer Overflow
Posted Nov 26, 2009
Authored by patrick | Site metasploit.com

This Metasploit module exploits a buffer overflow in Altap Salamander <= v2.5. By creating a malicious file and convincing a user to view the file with the Portable Executable Viewer plugin within a vulnerable version of Salamander, the PDB file string is copied onto the stack and the SEH can be overwritten.

tags | exploit, overflow
advisories | CVE-2007-3314
SHA-256 | ebf80be5e1b04701f27a0c9bc26e038dbcf822655731d47db5156edbcff7ef55
Alt-N WebAdmin USER Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM level privileges.

tags | exploit, overflow, code execution
advisories | CVE-2003-0471
SHA-256 | 07321bfe13486c72db95bf9c5992da051b5fe4111a96286914e261a01257e730
Amaya Browser v11.0 bdo tag overflow
Posted Nov 26, 2009
Authored by Rob Carter, dookie | Site metasploit.com

This Metasploit module exploits a stack overflow in the Amaya v11 Browser. By sending an overly long string to the "bdo" tag, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2009-0323
SHA-256 | 412b394380677fab8c8871f5e96e3347d60f33fa5e46d1fa954bd1b5be97d7b8
Windows ANI LoadAniIcon() Chunk Size Stack Overflow (SMTP)
Posted Nov 26, 2009
Authored by H D Moore, skape | Site metasploit.com

This Metasploit module exploits a buffer overflow vulnerability in the LoadAniIcon() function of USER32.dll. The flaw is triggered through Outlook Express by using the CURSOR style sheet directive to load a malicious .ANI file. This vulnerability was discovered by Alexander Sotirov of Determina and was rediscovered, in the wild, by McAfee.

tags | exploit, overflow
advisories | CVE-2007-0038, CVE-2007-1765
SHA-256 | ff5578fdfc8c36ccaad517474220f3b7300ff9d3ecf2bb352b81b0e1dffd7516
AOL Radio AmpX ActiveX Control ConvertFile() Buffer Overflow
Posted Nov 26, 2009
Authored by rgod, Trancer | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in AOL IWinAmpActiveX class (AmpX.dll) version 2.4.0.6 installed via AOL Radio website. By setting an overly long value to 'ConvertFile()', an attacker can overrun a buffer and execute arbitrary code.

tags | exploit, overflow, arbitrary, activex
SHA-256 | b255bff048b696b83be33b74127329a23af7e1d356d9b41e180802e9add63785
America Online ICQ ActiveX Control Arbitrary File Download and Execute.
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module allows remote attackers to download and execute arbitrary files on a users system via the DownloadAgent function of the ICQPhone.SipxPhoneManager ActiveX control.

tags | exploit, remote, arbitrary, activex
advisories | CVE-2006-5650
SHA-256 | 8c48ffbf1406cda705db3856a1f59070d8db0942626e09b6ac356cac87f546f0
Apache Win32 Chunked Encoding
Posted Nov 26, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits the chunked transfer integer wrap vulnerability in Apache version 1.2.x to 1.3.24. This particular module has been tested with all versions of the official Win32 build between 1.3.9 and 1.3.24. Additionally, it should work against most co-branded and bundled versions of Apache (Oracle 8i, 9i, IBM HTTPD, etc). You will need to use the Check() functionality to determine the exact target version prior to launching the exploit. The version of Apache bundled with Oracle 8.1.7 will not automatically restart, so if you use the wrong target value, the server will crash.

tags | exploit
systems | windows
advisories | CVE-2002-0392
SHA-256 | 02caca0c3ef84c379c6053e31707b4b6389939755466b8435f5f2edee463d9f2
Apache module mod_rewrite LDAP protocol Buffer Overflow
Posted Nov 26, 2009
Authored by patrick | Site metasploit.com

This Metasploit module exploits the mod_rewrite LDAP protocol scheme handling flaw discovered by Mark Dowd, which produces an off-by-one overflow. Apache versions 1.3.29-36, 2.0.47-58, and 2.2.1-2 are vulnerable. This Metasploit module requires REWRITEPATH to be set accurately. In addition, the target must have 'RewriteEngine on' configured, with a specific 'RewriteRule' condition enabled to allow for exploitation. The flaw affects multiple platforms, however this module currently only supports Windows based installations.

tags | exploit, overflow, protocol
systems | windows
advisories | CVE-2006-3747
SHA-256 | 96b871a0195d2591844969f9bba63abc59813d3e7296ce6634f95d37eb06d859
Apple ITunes 4.7 Playlist Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Apple ITunes 4.7 build 4.7.0.42. By creating a URL link to a malicious PLS file, a remote attacker could overflow a buffer and execute arbitrary code. When using this module, be sure to set the URIPATH with an extension of '.pls'.

tags | exploit, remote, overflow, arbitrary
systems | apple
advisories | CVE-2005-0043
SHA-256 | 60c5b0f8c0b2bae758156348e4c8ec79ad1ee0f66b1e62f0f5b340492a94c0c6
Apple QuickTime 7.3 RTSP Response Header Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Apple QuickTime 7.3. By sending an overly long RTSP response to a client, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
systems | apple
advisories | CVE-2007-6166
SHA-256 | 21574fbd6e00724523d7a5f9074376708ca42fdee7cfd7358724cf3a988c22ab
Apple QuickTime 7.1.3 RTSP URI Buffer Overflow
Posted Nov 26, 2009
Authored by MC, egypt | Site metasploit.com

This Metasploit module exploits a buffer overflow in Apple QuickTime 7.1.3. This Metasploit module was inspired by MOAB-01-01-2007. The Browser target for this module was tested against IE 6 and Firefox 1.5.0.3 on Windows XP SP0/2; Firefox 3 blacklists the QuickTime plugin.

tags | exploit, overflow
systems | windows, apple
advisories | CVE-2007-0015
SHA-256 | 0b2ce5d40bcda714f7eeb620c09554a9625b558fd3dd638b89ff17d6190c2eee
Ask.com Toolbar askBar.dll ActiveX Control Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Ask.com Toolbar 4.0.2.53. An attacker may be able to execute arbitrary code by sending an overly long string to the "ShortFormat()" method in askbar.dll.

tags | exploit, overflow, arbitrary
advisories | CVE-2007-5107
SHA-256 | 0249fa5425f66e515b44963220de048bef1629fae9fdbbac12b1b044adf57ee6
Page 1 of 13
Back12345Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    33 Files
  • 8
    Feb 8th
    34 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close