accept no compromises
Showing 51 - 75 of 872 RSS Feed

Files Date: 2009-11-01 to 2009-11-30

America Online ICQ ActiveX Control Arbitrary File Download and Execute.
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module allows remote attackers to download and execute arbitrary files on a users system via the DownloadAgent function of the ICQPhone.SipxPhoneManager ActiveX control.

tags | exploit, remote, arbitrary, activex
advisories | CVE-2006-5650
MD5 | 14f3b45b733f30fd8e7b04a04f7fac35
Apache Win32 Chunked Encoding
Posted Nov 26, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits the chunked transfer integer wrap vulnerability in Apache version 1.2.x to 1.3.24. This particular module has been tested with all versions of the official Win32 build between 1.3.9 and 1.3.24. Additionally, it should work against most co-branded and bundled versions of Apache (Oracle 8i, 9i, IBM HTTPD, etc). You will need to use the Check() functionality to determine the exact target version prior to launching the exploit. The version of Apache bundled with Oracle 8.1.7 will not automatically restart, so if you use the wrong target value, the server will crash.

tags | exploit
systems | windows
advisories | CVE-2002-0392
MD5 | e3d3d24a04a5fa710ddd92b1a78239b0
Apache module mod_rewrite LDAP protocol Buffer Overflow
Posted Nov 26, 2009
Authored by patrick | Site metasploit.com

This Metasploit module exploits the mod_rewrite LDAP protocol scheme handling flaw discovered by Mark Dowd, which produces an off-by-one overflow. Apache versions 1.3.29-36, 2.0.47-58, and 2.2.1-2 are vulnerable. This Metasploit module requires REWRITEPATH to be set accurately. In addition, the target must have 'RewriteEngine on' configured, with a specific 'RewriteRule' condition enabled to allow for exploitation. The flaw affects multiple platforms, however this module currently only supports Windows based installations.

tags | exploit, overflow, protocol
systems | windows
advisories | CVE-2006-3747
MD5 | 24ecf483512ef6982eb1b227d15ee15a
Apple ITunes 4.7 Playlist Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Apple ITunes 4.7 build 4.7.0.42. By creating a URL link to a malicious PLS file, a remote attacker could overflow a buffer and execute arbitrary code. When using this module, be sure to set the URIPATH with an extension of '.pls'.

tags | exploit, remote, overflow, arbitrary
systems | apple
advisories | CVE-2005-0043
MD5 | 2f0010313c0494bc25e2563cadffc6da
Apple QuickTime 7.3 RTSP Response Header Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Apple QuickTime 7.3. By sending an overly long RTSP response to a client, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
systems | apple
advisories | CVE-2007-6166
MD5 | 53ef97f1a29b0a357f71238f64bf8af4
Apple QuickTime 7.1.3 RTSP URI Buffer Overflow
Posted Nov 26, 2009
Authored by MC, egypt | Site metasploit.com

This Metasploit module exploits a buffer overflow in Apple QuickTime 7.1.3. This Metasploit module was inspired by MOAB-01-01-2007. The Browser target for this module was tested against IE 6 and Firefox 1.5.0.3 on Windows XP SP0/2; Firefox 3 blacklists the QuickTime plugin.

tags | exploit, overflow
systems | windows, apple, xp
advisories | CVE-2007-0015
MD5 | d2ab9eb9d899356379e076fe8e98c51f
Ask.com Toolbar askBar.dll ActiveX Control Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Ask.com Toolbar 4.0.2.53. An attacker may be able to execute arbitrary code by sending an overly long string to the "ShortFormat()" method in askbar.dll.

tags | exploit, overflow, arbitrary
advisories | CVE-2007-5107
MD5 | 6468ef0292a337f26024734a3db1ef31
Asus Dpcproxy Buffer Overflow
Posted Nov 26, 2009
Authored by Jacopo Cervini | Site metasploit.com

This Metasploit module exploits a stack overflow in Asus Dpcroxy version 2.0.0.19. It should be vulnerable until version 2.0.0.24.

tags | exploit, overflow
advisories | CVE-2008-1491
MD5 | ee9690acdd567d76a763e07626bad2d4
AtHocGov IWSAlerts ActiveX Control Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in AtHocGov IWSAlerts. When sending an overly long string to the CompleteInstallation() method of AtHocGovTBr.dll (6.1.4.36) an attacker may be able to execute arbitrary code. This vulnerability was silently patched by the vendor.

tags | exploit, overflow, arbitrary
MD5 | 7a69f327cb1b6c6fd85573375b96bec6
Allied Telesyn TFTP Server 1.9 Long Filename Overflow
Posted Nov 26, 2009
Authored by Patrick Webster | Site metasploit.com

This Metasploit module exploits a stack overflow in AT-TFTP v1.9, by sending a request (get/write) for an overly long file name.

tags | exploit, overflow
advisories | CVE-2006-6184
MD5 | 55996fc83e282053a9d1f271282bcf7e
Autodesk IDrop ActiveX Control Heap Memory Corruption
Posted Nov 26, 2009
Authored by Elazar Broad, Trancer | Site metasploit.com

This Metasploit module exploits a heap-based memory corruption vulnerability in Autodesk IDrop ActiveX control (IDrop.ocx) version 17.1.51.160. An attacker can execute arbitrary code by triggering a heap use after free condition using the Src, Background, PackageXml properties.

tags | exploit, arbitrary, activex
MD5 | 8ffa620ce9eba17109acaff64cef9690
BadBlue 2.5 EXT.dll Buffer Overflow
Posted Nov 26, 2009
Authored by acaro | Site metasploit.com

This is a stack overflow exploit for BadBlue version 2.5.

tags | exploit, overflow
advisories | CVE-2005-0595
MD5 | a443d82c96a4d2cdb6be4d4d82f037f2
BadBlue 2.72b PassThru Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in the PassThru functionality in ext.dll in BadBlue 2.72b and earlier.

tags | exploit, overflow
advisories | CVE-2007-6377
MD5 | 0e1ee4241d028ab720144a5a3bc8d711
BakBone NetVault Remote Heap Overflow
Posted Nov 26, 2009
Authored by H D Moore, nolimit | Site metasploit.com

This Metasploit module exploits a heap overflow in the BakBone NetVault Process Manager service. This code is a direct port of the netvault.c code written by nolimit and BuzzDee.

tags | exploit, overflow
advisories | CVE-2005-1009
MD5 | 875f10d61e00f6e28f4dd5afef4dd48c
BEA Weblogic JSESSIONID Cookie Value Overflow
Posted Nov 26, 2009
Authored by Pusscat | Site metasploit.com

This Metasploit module exploits a 0day in the JSESSION cookie value when clustering is configured.

tags | exploit
advisories | CVE-2008-5457
MD5 | ec909b5a52fa949dc001b04b2ae78954
BEA Weblogic Transfer-Encoding Buffer Overflow
Posted Nov 26, 2009
Authored by Pusscat | Site metasploit.com

This Metasploit module exploits a stack based buffer overflow in the BEA Weblogic Apache plugin. This vulnerability exists in the error reporting for unknown Transfer-Encoding headers. You may have to run this twice due to timing issues with handlers.

tags | exploit, overflow
advisories | CVE-2008-4008
MD5 | 74af4e2126b11ad29de9538e2e13079b
BearShare 6 ActiveX Control Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in the NCTAudioFile2.Audio ActiveX Control provided by BearShare 6.0.2.26789. By sending a overly long string to the "SetFormatLikeSample()" method, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary, activex
advisories | CVE-2007-0018
MD5 | e52fa5a62ccba780e1cf47122114cb77
Belkin Bulldog Plus Web Service Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Belkin Bulldog Plus 4.0.2 build 1219. When sending a specially crafted http request, an attacker may be able to execute arbitrary code.

tags | exploit, web, overflow, arbitrary
MD5 | 0e6cc12f1405f1054d70415ee14b0c92
BigAnt Server 2.50 SP1 Buffer Overflow
Posted Nov 26, 2009
Authored by Dr_IDE | Site metasploit.com

This exploits a stack overflow in the BigAnt Messaging Service, part of the BigAnt Server product suite. This Metasploit module was tested successfully against version 2.50 SP1.

tags | exploit, overflow
MD5 | b8c3695e97f2b2b70f97bd00056eb4ae
BigAnt Server 2.2 Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in BigAnt Server 2.2. By sending a specially crafted packet, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2008-1914
MD5 | bdff331e09e3dcb3175415f2197439e8
ISS PAM.dll ICQ Parser Buffer Overflow
Posted Nov 26, 2009
Authored by spoonm | Site metasploit.com

This Metasploit module exploits a stack overflow in the ISS products that use the iss-pam1.dll ICQ parser (Blackice/RealSecure). Successful exploitation will result in arbitrary code execution as LocalSystem. This exploit only requires 1 UDP packet, which can be both spoofed and sent to a broadcast address. The ISS exception handler will recover the process after each overflow, giving us the ability to bruteforce the service and exploit it multiple times.

tags | exploit, overflow, arbitrary, udp, spoof, code execution
advisories | CVE-2004-0362
MD5 | 1c58d827d6f1aaeecff28a920e0a3da8
Blue Coat WinProxy Host Header Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a buffer overflow in the Blue Coat Systems WinProxy service by sending a long port value for the Host header in a HTTP request.

tags | exploit, web, overflow
advisories | CVE-2005-4085
MD5 | 6a872c00eb1961383ba93974bdafb62a
Bomberclone 0.11.6 Buffer Overflow
Posted Nov 26, 2009
Authored by acaro | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in Bomberclone 0.11.6 for Windows. The return address is overwritten with lstrcpyA memory address, the second and third value are the destination buffer, the fourth value is the source address of our buffer in the stack. This exploit is like a return in libc. ATTENTION The shellcode is exec ONLY when someone try to close bomberclone.

tags | exploit, overflow, shellcode
systems | windows
advisories | CVE-2006-0460
MD5 | 43871d6e220ead4e9efcb1c617cb3286
Bopup Communications Server Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Bopup Communications Server 3.2.26.5460. By sending a specially crafted packet, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
MD5 | 9950c86723c462529c0ddf010425403b
Borland Interbase Create-Request Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Borland Interbase 2007. By sending a specially crafted create-request packet, a remote attacker may be able to execute arbitrary code.

tags | exploit, remote, overflow, arbitrary
advisories | CVE-2007-3566
MD5 | 758b178ae6d807059f2e66aa8748c5ec
Page 3 of 35
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close