exploit the possibilities
Showing 1 - 25 of 82 RSS Feed

Files Date: 2009-12-31

Secunia Security Advisory 37899
Posted Dec 31, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ams has reported two vulnerabilities in Wing FTP Server, which can be exploited by malicious people to conduct script insertion attacks or cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | b9e29aaa2773463b34d5815d4a3084b2
Secunia Security Advisory 37957
Posted Dec 31, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in I-Escorts Directory, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 2891d2a1249e01660a59e5532a21f065
Secunia Security Advisory 37912
Posted Dec 31, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - LionTurk has reported a security issue in UranyumSoft Listing Service, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | 2a057d182c208343eab1b48c6280fe79
Secunia Security Advisory 37979
Posted Dec 31, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in vBulletin, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | 67e3ce4ba9b22b4c35e91cf8d310f6bc
Secunia Security Advisory 37998
Posted Dec 31, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sendmail, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | 481ed474e7f285d06fe7e0654ea6f050
Secunia Security Advisory 37944
Posted Dec 31, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in PicMe, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 8ad6d1365aae20af11338880fbfe8021
Secunia Security Advisory 37965
Posted Dec 31, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SecurityRules has reported a vulnerability in DirectAdmin, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 844d73b90bedd6216e6c27c0e26bd98e
Secunia Security Advisory 37879
Posted Dec 31, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Autocomplete Widgets for CCK Text and Number module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
MD5 | 6828ad53c3730638b3370ce3dc9c4a84
Secunia Security Advisory 37948
Posted Dec 31, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in iDevAffiliate, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | d12bb01b70a41f6e0d2e1ff09d69e8fa
Secunia Security Advisory 37956
Posted Dec 31, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in FlashChat, which can be exploited by malicious people to disclose system information.

tags | advisory
MD5 | d3d06ac0055a595fe1c1be19b613c78d
Secunia Security Advisory 37898
Posted Dec 31, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability with an unknown impact has been reported in the Run Digital Download component for Joomla!.

tags | advisory
MD5 | db02908f467a92f384ee5e175b9cc1a9
Secunia Security Advisory 37953
Posted Dec 31, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fabian Yamaguchi has discovered a vulnerability in Pidgin, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | d96f2c6f3c3fee0df3a8259392f1d667
Secunia Security Advisory 37954
Posted Dec 31, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fabian Yamaguchi has reported a vulnerability in Adium, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | b433d2156bc8e5a940336db173664118
Secunia Security Advisory 37985
Posted Dec 31, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in dB Masters Links Directory, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | e888cea7d31166c4fcbad94de9f248a8
Secunia Security Advisory 37939
Posted Dec 31, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - indoushka has discovered multiple vulnerabilities in Despe FreeCell, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 16e80439b1fe75f0bb5bbcfd41a96e14
Secunia Security Advisory 37958
Posted Dec 31, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Avatar Studio module for PHP-Fusion, which can be exploited by malicious users to disclose sensitive information.

tags | advisory, php
MD5 | 40a6e2165caf0f76e2a49c77f25099a9
Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
Posted Dec 31, 2009
Authored by bannedit, jduck | Site metasploit.com

This exploit takes advantage of a stack based overflow. Once the stack corruption has occurred it is possible to overwrite a pointer which is later used for a memcpy. This gives us a write anything anywhere condition similar to a format string vulnerability.

tags | exploit, overflow
advisories | CVE-2006-2502
MD5 | 1ded0732305630bb2eb948c2bb1027bc
Computer Associates ARCserve REPORTREMOTEEXECUTECML Buffer Overflow
Posted Dec 31, 2009
Authored by MC, Nahuel Cayento Riva | Site metasploit.com

This Metasploit module exploits a buffer overflow in Computer Associates BrighStor ARCserve r11.5 (build 3884). By sending a specially crafted RPC request to opcode 0x342, an attacker could overflow the buffer and execute arbitrary code. In order to successfully exploit this vulnerability, you will need set the hostname argument (HNAME).

tags | exploit, overflow, arbitrary
advisories | CVE-2008-4397
MD5 | 919226f787d00935bbbced3153583218
IBM Tivoli Storage Manager Express RCA Service Buffer Overflow
Posted Dec 31, 2009
Authored by jduck | Site metasploit.com

This Metasploit module exploits a stack overflow in the IBM Tivoli Storage Manager Express Remote Client Agent service. By sending a "dicuGetIdentify" request packet containing a long NodeName parameter, an attacker can execute arbitrary code. NOTE: this exploit first connects to the CAD service to start the RCA service and obtain the port number on which it runs. This service does not restart.

tags | exploit, remote, overflow, arbitrary
advisories | CVE-2008-4828
MD5 | fa051c0f07469d1a334bfa7b17bae821
HP Application Recovery Manager (OmniInet.exe) Buffer Overflow
Posted Dec 31, 2009
Authored by EgiX | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in HP Application Recovery Manager OmniInet daemon. By sending a specially crafted MSG_PROTOCOL packet, a remote attacker may be able to execute arbitrary code.

tags | exploit, remote, overflow, arbitrary
advisories | CVE-2009-3844
MD5 | c14829e4027fcb4f36e80817705967a7
Eureka Email 2.2q ERR Remote Buffer Overflow Exploit
Posted Dec 31, 2009
Authored by Dr_IDE, Francis Provencher, jduck, dookie | Site metasploit.com

This Metasploit module exploits a buffer overflow in the Eureka Email 2.2q client that is triggered through an excessively long ERR message. NOTE: this exploit isn't very reliable. Unfortunately reaching the vulnerable code can only be done when manually checking mail (Ctrl-M). Checking at startup will not reach the code targeted here.

tags | exploit, overflow
advisories | CVE-2009-3837
MD5 | 6cf9e60c1d3f8e4b11891d6b756b3249
IBM Tivoli Storage Manager Express CAD Service Buffer Overflow
Posted Dec 31, 2009
Authored by jduck | Site metasploit.com

This Metasploit module exploits a stack overflow in the IBM Tivoli Storage Manager Express CAD Service. By sending a "ping" packet containing a long string, an attacker can execute arbitrary code. NOTE: the dsmcad.exe service must be in a particular state (CadWaitingStatus = 1) in order for the vulnerable code to be reached. This state doesn't appear to be reachable when the TSM server is not running. This service does not restart.

tags | exploit, overflow, arbitrary
advisories | CVE-2009-3853
MD5 | ee24c193eb411fe535df8a3850ee4693
Timbuktu <= 8.6.6 PlughNTCommand Named Pipe Buffer Overflow
Posted Dec 31, 2009
Authored by bannedit | Site metasploit.com

This Metasploit module exploits a stack based buffer overflow in Timbuktu Pro version <= 8.6.6 in a pretty novel way. This exploit requires two connections. The first connection is used to leak stack data using the buffer overflow to overwrite the nNumberOfBytesToWrite argument. By supplying a large value for this argument it is possible to cause Timbuktu to reply to the initial request with leaked stack data. Using this data allows for reliable exploitation of the buffer overflow vulnerability. Props to Infamous41d for helping in finding this exploitation path. The second connection utilizes the data from the data leak to accurately exploit the stack based buffer overflow vulnerability. TODO: hdm suggested using meterpreter's migration capability and restarting the process for multishot exploitation.

tags | exploit, overflow
advisories | CVE-2009-1394
MD5 | df028563116486eee817e5533ceb5895
Microsoft Workstation Service NetpManageIPCConnect Overflow
Posted Dec 31, 2009
Authored by jduck | Site metasploit.com

This Metasploit module exploits a stack overflow in the NetApi32 NetpManageIPCConnect function using the Workstation service in Windows 2000 SP4 and Windows XP SP2. In order to exploit this vulnerability, you must specify a the name of a valid Windows DOMAIN. It may be possible to satisfy this condition by using a custom dns and ldap setup, however that method is not covered here. Although Windows XP SP2 is vulnerable, Microsoft reports that Administrator credentials are required to reach the vulnerable code. Windows XP SP1 only requires valid user credentials. Also, testing shows that a machine already joined to a domain is not exploitable.

tags | exploit, overflow
systems | windows, 2k, xp
advisories | CVE-2006-4691
MD5 | e76d81bd330174da3b3561db126d28f5
Persits XUpload ActiveX MakeHttpRequest Directory Traversal
Posted Dec 31, 2009
Authored by jduck | Site metasploit.com

This Metasploit module exploits a directory traversal in Persits Software Inc's XUpload ActiveX control(version 3.0.0.3) that's included in HP LoadRunner 9.5. By passing a string containing "..\\\\" sequences to the MakeHttpRequest method, an attacker is able to write arbitrary files to arbitrary locations on disk. Code execution occurs by writing to the All Users Startup Programs directory. You may want to combine this module with the use of multi/handler since a user would have to log for the payload to execute.

tags | exploit, arbitrary, code execution, activex
advisories | CVE-2009-3693
MD5 | 21253126f433fcd26e510a6f0bb90732
Page 1 of 4
Back1234Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    31 Files
  • 8
    Apr 8th
    18 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close