what you don't know can hurt you
Showing 101 - 125 of 301 RSS Feed

Files Date: 2009-11-26 to 2009-11-27

IBM Access Support ActiveX Control Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in IBM Access Support. When sending an overly long string to the GetXMLValue() method of IbmEgath.dll (3.20.284.0) an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2009-0215
SHA-256 | ae89bc47ce4a110b625d4804e0b474e1977905e651b187e5f6987d00e50e120f
IBM Lotus Domino Web Access Upload Module Buffer Overflow
Posted Nov 26, 2009
Authored by Elazar Broad | Site metasploit.com

This Metasploit module exploits a stack overflow in IBM Lotus Domino Web Access Upload Module. By sending an overly long string to the "General_ServerName()" property located in the dwa7w.dll and the inotes6w.dll control, an attacker may be able to execute arbitrary code.

tags | exploit, web, overflow, arbitrary
advisories | CVE-2007-4474
SHA-256 | db688071a11a57ace62f20772c549782d9dff2fc8a961055995a997b12f772df
Icecast 2.0.1 Header Overwrite
Posted Nov 26, 2009
Authored by Luigi Auriemma, spoonm | Site metasploit.com

This Metasploit module exploits a buffer overflow in the header parsing of icecast, discovered by Luigi Auriemma. Sending 32 HTTP headers will cause a write one past the end of a pointer array.

tags | exploit, web, overflow
advisories | CVE-2004-1561
SHA-256 | f52566cdec54b398c8bf936c7c78edca800747f33139bbed5058021572328958
Internet Explorer isComponentInstalled Overflow
Posted Nov 26, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a stack overflow in Internet Explorer. This bug was patched in Windows 2000 SP4 and Windows XP SP1 according to MSRC.

tags | exploit, overflow
systems | windows
advisories | CVE-2006-1016
SHA-256 | 5033e002a24ff1bb12912fdbd65bf54856f11e553edfa19caf2a0a3e7345e52d
Internet Explorer Unsafe Scripting Misconfiguration
Posted Nov 26, 2009
Authored by natron | Site metasploit.com

This exploit takes advantage of the "Initialize and script ActiveX controls not marked safe for scripting" setting within Internet Explorer.

tags | exploit, activex
SHA-256 | 9c2c975c9348a733f16be7b8211fcc06609bf9a7375f942bb2e25d42bfa97d2f
Microsoft Internet Explorer Data Binding Memory Corruption
Posted Nov 26, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a vulnerability in the data binding feature of Internet Explorer. In order to execute code reliably, this module uses the .NET DLL memory technique pioneered by Alexander Sotirov and Mark Dowd. This method is used to create a fake vtable at a known location with all methods pointing to our payload. Since the .text segment of the .NET DLL is non-writable, a prefixed code stub is used to copy the payload into a new memory segment and continue execution from there.

tags | exploit
advisories | CVE-2008-4844
SHA-256 | 53c60ed102e30232619000346bbfebeb96526a4e990b06ce6a59725cc16ec53f
IMail IMAP4D Delete Overflow
Posted Nov 26, 2009
Authored by spoonm | Site metasploit.com

This Metasploit module exploits a buffer overflow in the 'DELETE' command of the the IMail IMAP4D service. This vulnerability can only be exploited with a valid username and password. This flaw was patched in version 8.14.

tags | exploit, overflow
advisories | CVE-2004-1520
SHA-256 | 45c28e289d7ca094f36d717ca5ca385e07a8e3e5009cc9c204983f07644fceb0
IMail LDAP Service Buffer Overflow
Posted Nov 26, 2009
Authored by H D Moore | Site metasploit.com

This exploits a buffer overflow in the LDAP service that is part of the IMail product. This Metasploit module was tested against version 7.10 and 8.5, both running on Windows 2000.

tags | exploit, overflow
systems | windows
advisories | CVE-2004-0297
SHA-256 | b4f794bccff29a6eb0d734b29a0e9d29ea74b7a89d2253dece12524d1517c0df
Ipswitch IMail IMAP SEARCH Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Ipswitch IMail Server 2006.1 IMAP SEARCH verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution. In order for this module to be successful, the IMAP user must have at least one message.

tags | exploit, overflow, imap
advisories | CVE-2007-3925
SHA-256 | 0757ecb74978f93cacdc4418ef7c38cab531545bd9b32a8f39f8239a920240bf
Ipswitch WhatsUp Gold 8.03 Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a buffer overflow in IPswitch WhatsUp Gold 8.03. By posting a long string for the value of 'instancename' in the _maincfgret.cgi script an attacker can overflow a buffer and execute arbitrary code on the system.

tags | exploit, overflow, arbitrary, cgi
advisories | CVE-2004-0798
SHA-256 | 62eb863206132195a6a057fb1d894ec0ce16b0816953299778e3c89dca60d6d1
Juniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow
Posted Nov 26, 2009
Authored by patrick | Site metasploit.com

This Metasploit module exploits a stack overflow in the JuniperSetupDLL.dll library which is called by the JuniperSetup.ocx ActiveX control, as part of the Juniper SSL-VPN (IVE) appliance. By specifying an overly long string to the ProductName object parameter, the stack is overwritten.

tags | exploit, overflow, activex
systems | juniper
advisories | CVE-2006-2086
SHA-256 | 26f61dc73b61764daa3a06c44ab90c018a5f7c37d9a49f838a2c3b1e07f7ce49
Kazaa Altnet Download Manager ActiveX Control Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in the Altnet Download Manager ActiveX Control (amd4.dll) bundled with Kazaa Media Desktop 3.2.7. By sending a overly long string to the "Install()" method, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary, activex
advisories | CVE-2007-5217
SHA-256 | 5d1758e4f31cc274877c0af7ccfe4530b03057a15b64b22f74060f5ae4a1291e
Kerio Firewall 2.1.4 Authentication Packet Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Kerio Personal Firewall administration authentication process. This Metasploit module has only been tested against Kerio Personal Firewall 2 (2.1.4).

tags | exploit, overflow
advisories | CVE-2003-0220
SHA-256 | edc1d978131e3581f43ad5e622fc1cab8073e286badc41b326604e4b3171fa04
LANDesk Management Suite 8.7 Alert Service Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in LANDesk Management Suite 8.7. By sending an overly long string to the Alert Service, a buffer is overwritten and arbitrary code can be executed.

tags | exploit, overflow, arbitrary
advisories | CVE-2007-1674
SHA-256 | 712f990a9059b1a0f0767c92cadba2f532dad000c6b43637db954fb565ef2f99
LeapWare LeapFTP v2.7.3.600 PASV Reply Client Overflow
Posted Nov 26, 2009
Authored by Patrick Webster | Site metasploit.com

This Metasploit module exploits a buffer overflow in the LeapWare LeapFTP v2.7.3.600 client that is triggered through an excessively long PASV reply command. This Metasploit module was ported from the original exploit by drG4njubas with minor improvements.

tags | exploit, overflow
advisories | CVE-2003-0558
SHA-256 | 5e8788d89e903af1ee598af2630dba9de9b353c7d92cd67665efa427f0b0368d
CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup for Laptops & Desktops 11.1. By sending a specially crafted request, an attacker could overflow the buffer and execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2007-5003
SHA-256 | 89dcdea6ef96bdeef448d96e7edf4c62c82b7760d1e36f0672ecbef437a5a680
CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup for Laptops & Desktops 11.1. By sending a specially crafted request (rxsUseLicenseIni), an attacker could overflow the buffer and execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2007-3216
SHA-256 | 04d3e370cc91737108c6e8d608ebb3fcf78bcf946260e33678031f2bc2131d3d
CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup for Laptops & Desktops 11.1. By sending a specially crafted request, an attacker could overflow the buffer and execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2007-0449
SHA-256 | 486a807e0edd6cfc7d817fc0b03a32b214d7c2d2f90cbffcbcf4d44c6e14eb11
CA BrightStor ARCserve License Service GCR NETWORK Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup 11.0. By sending a specially crafted request to the lic98rmtd.exe service, an attacker could overflow the buffer and execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2005-0581
SHA-256 | f898147c81fee57073362e43dcc4cf5fc962db6fc16bd1958616572dabebacf6
Logitech VideoCall ActiveX Control Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in the Logitech VideoCall ActiveX Control (wcamxmp.dll 2.0.3470.448). By sending a overly long string to the "Start()" method, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary, activex
advisories | CVE-2007-2918
SHA-256 | 0c7b04e1f849ddc4850c9536ff8dd998900875f3fa62c18765a1cd7361e9fabc
iseemedia / Roxio / MGI Software LPViewer ActiveX Control Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in LPViewer ActiveX control (LPControll.dll 3.2.0.2). When sending an overly long string to the URL() property an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary, activex
advisories | CVE-2008-4384
SHA-256 | 8b73bbe7717a92850dc76ef0bd0d73c8f530e698a6786eb3f40fa58199fc8aec
Lyris ListManager MSDE Weak sa Password
Posted Nov 26, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a weak password vulnerability in the Lyris ListManager MSDE install. During installation, the 'sa' account password is set to 'lminstall'. Once the install completes, it is set to 'lyris' followed by the process ID of the installer. This Metasploit module brute forces all possible process IDs that would be used by the installer.

tags | exploit
advisories | CVE-2005-4145
SHA-256 | 3e9967373a96f54cda01aebbcdc36aa78a953ebe39d847c90b4f728e4986cdd3
Macrovision InstallShield Update Service Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Macrovision InstallShield Update Service(Isusweb.dll 6.0.100.54472). By passing an overly long ProductCode string to the DownloadAndExecute method, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2007-5660
SHA-256 | 8fd766a299855ccac71b4bf2d08520f11d24d38e7c51849c1037d889c15caf21
Macrovision InstallShield Update Service ActiveX Unsafe Method
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module allows attackers to execute code via an unsafe methods in Macrovision InstallShield 2008.

tags | exploit
advisories | CVE-2007-5660
SHA-256 | 4e580a205fec77ecdd48e346ed17a1dde6d1df5f7df8a18eff7102a08400ad01
TABS MailCarrier v2.51 SMTP EHLO Overflow
Posted Nov 26, 2009
Authored by Patrick Webster | Site metasploit.com

This Metasploit module exploits the MailCarrier v2.51 suite SMTP service. The stack is overwritten when sending an overly long EHLO command.

tags | exploit
advisories | CVE-2004-1638
SHA-256 | 9def8c6bc7afd6b37a54cfbd536ef1dbea1bda259a7ed818e65302d2b275cfe8
Page 5 of 12
Back34567Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close