This Metasploit module exploits an vulnerability in the CA License Client service. This exploit will only work if your IP address can be resolved from the target system point of view. This can be accomplished on a local network by running the 'nmbd' service that comes with Samba. If you are running this exploit from Windows and do not filter udp port 137, this should not be a problem (if the target is on the same network segment). Due to the bugginess of the software, you are only allowed one connection to the agent port before it starts ignoring you. If it wasn't for this issue, it would be possible to repeatedly exploit this bug.
d3f07719ead763dc46245786376f69700d88d42ed26c7accf58521d0730e72deThis Metasploit module exploits an vulnerability in the CA License Server network service. By sending an excessively long GETCONFIG packet the stack may be overwritten.
7db5e725b318157687ab86443425c71c0753992cce2985a0cbb8dde1d0f979bcThis Metasploit module exploits a stack overflow in RKD Software Barcode Application ActiveX Control 'BarCodeAx.dll'. By sending an overly long string to the BeginPrint method of BarCodeAx.dll v4.9, an attacker may be able to execute arbitrary code.
830fb97a12250288c3c344f312f383d28eed3c7a3ad23ca70f9078f2faa09692This Metasploit module exploits a buffer overflow found in the /search/results.stm application that comes with Sambar 6. This code is a direct port of Andrew Griffiths's SMUDGE exploit, the only changes made were to the nops and payload. This exploit causes the service to die, whether you provided the correct target or not.
43d90184c1c0d9d0e9d3c5ac475582ad68fe7328316423ce9e487d6c5499f98bThis Metasploit module exploits a vulnerability in the handling of the FEATHEADER record by Microsoft Excel. Revisions of Office XP and later prior to the release of the MS09-067 bulletin are vulnerable. When processing a FEATHEADER (Shared Feature) record, Microsoft used a data structure from the file to calculate a pointer offset without doing proper validation. Attacker supplied data is then used to calculate the location of an object, and in turn a virtual function call. This results in arbitrary code exection. NOTE: On some versions of Office, the user will need to dismiss a warning dialog prior to the payload executing.
9b3639959e436c2af63dd333ef3f91333a796f538dda29fc89a0fd315c002e96This Metasploit module exploits a stack-based buffer overflow in the Win32AddConnection function of the VideoLAN VLC media player. Versions 0.9.9 throught 1.0.1 are reportedly affected. This vulnerability is only present in Win32 builds of VLC. This payload was found to work with the windows/exec and windows/meterpreter/reverse_tcp payloads. However, the windows/meterpreter/reverse_ord_tcp was found not to work.
a3aa0c6ca5cd47caa7c0c765b71284dcfa7bcc0b1f90d243d75f975cddf960c3Blog Ink suffers from a direct access setting bypass vulnerability.
1b21933904de4b33f140ea77559434f6fd88ca32fa59874d61dcdf022c571be1PEAR version 1.9.0 suffers from multiple remote file inclusion vulnerabilities.
a9c3182cebef586f0c8adc46b5093381ec18afeb720e27dfddfeea8568c3bbf5ShortCMS version 1.2.0 suffers from a remote SQL injection vulnerability.
5469fac423f12e6a05a82fb5ea6b3e85edb35e1b7b7574c38a1a5544b6bd6bd8SyntaxCMS versions 1.3 and below suffer from a remote file inclusion vulnerability.
62d889f267c297cfc9f0578c37fd4cf31db239545096ee5ed33424a313e16a15JTL-Shop version 2 suffers from a remote SQL injection vulnerability in druckansicht.php.
57d0f8da1722f49a93597c5ed9ed3556d294ac5a8c21c8b74758c436883c8b9dThe Mambo Ako Gallery component suffers from a remote SQL injection vulnerability.
81cb2b76142369a03c7e39ec3313abd8c248ba985ec36ea7adb88d19178eff51Joomla Jw_allVideos version 1.0 suffers from a remote file download vulnerability.
57293534d8897d79265115886fb1125388855ae5b13e523c01e4e1b219a439fbDebian Linux Security Advisory 1996-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation.
da4b09b93046c39c7f71e64af9ba0c49875fd79003949543ab719c9dc8783e32libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY.
794746e97fcf1c68e01f83277667b9367a6c7726db771cef702303d731377120CodeIgniter version 1.0 suffers from a remote file inclusion vulnerability.
aa605de6ddbe44872e07d663bc2e6cdcee145d746d798d00559a53cd8a42f1f8The Joomla Images component suffers from a remote SQL injection vulnerability.
dbb97c9bcf9232080367599bb3838c034aba996c2cae508842aade5c1579c813File Upload Manager version 1.3 suffers from a shell upload vulnerability.
7988693b92a4a0011bf1a266f37033942171fb5cfdb3868f90d2b74b94bcf940Katalog Stron Hurricane suffers from remote file inclusion and SQL injection vulnerabilities.
5d48de4f11d3b7940a506cf55df9f298bcd036d185cc983453314dd86bc3092dSaskia's Shopsystem beta1 suffers from a local file inclusion vulnerability.
1649bf6985e30007366786b53adf0e2413e66bb43932d716263ae02f4d614857Southburn Web suffers from a remote SQL injection vulnerability.
cad744a308db4b73f2f2472c05c7201157fb392f0331dcf9c33d932f9b9811ffDebian Linux Security Advisory 1995-1 - Several vulnerabilities have been discovered in the OpenOffice.org office suite.
ed7afdbc83c23bf583d83934adf7f3db4687e64834d06c0314c0b073c09450baWSN Guest version 1.02 suffers from a remote SQL injection vulnerability.
ab998f7c6102c1e5df856c6be5e2d837a78b7dd80e02d7c35816538a6c667c02ZeusCMS version 0.2 suffers from backup related and local file inclusion vulnerabilities.
d1bf73a980c9eb9bae69e131ef0feea5d585b4e86badf11302c6c5a50ca02835Intertech 1.0 suffers from remote SQL injection as well as blind SQL injection vulnerabilities. Note that the primary SQL injection vulnerability listed was already discovered years back.
9583dd04b8daa0295f4d00f0fa92e36d2e7b4cb7880a86b16f14f2400c300bb2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed