Section:  .. / 1002-exploits  /

Page 11 of 16
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 >> Files 250 - 275 of 396
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: omnidocs-sql.txt
Description:
Omnidocs suffers from a remote SQL injection vulnerability.
Author:thebluegenius
File Size:1410
Last Modified:Feb 12 01:26:12 2010
MD5 Checksum:2989d37f601129d19d0be75fdf3076f2

 ///  File Name: nikara-xss.txt
Description:
The Nikiara Fraud Management System suffers from a cross site scripting vulnerability.
Author:thebluegenius
File Size:1529
Last Modified:Feb 12 01:24:35 2010
MD5 Checksum:033c2c402d541000c05d6e6f2eca477f

 ///  File Name: coreimpact-dos.txt
Description:
Core Impact version 7.5 denial of service exploit.
Author:Beenu Arora
Homepage:http://www.beenuarora.com/
File Size:5333
Last Modified:Feb 12 01:16:07 2010
MD5 Checksum:45f8e65d67bc9a66b88a0fc46dc7c1dc

 ///  File Name: radasmrap-overflow.txt
Description:
Radasm universal local buffer overflow exploit that creates a malicious .rap file.
Author:Dz_attacker
File Size:4633
Last Modified:Feb 11 19:22:32 2010
MD5 Checksum:3b72a28a4e7e1008b86c48c353317096

 ///  File Name: ms08_078_xml_corruption.rb.txt
Description:
This Metasploit module exploits a vulnerability in the data binding feature of Internet Explorer. In order to execute code reliably, this module uses the .NET DLL memory technique pioneered by Alexander Sotirov and Mark Dowd. This method is used to create a fake vtable at a known location with all methods pointing to our payload. Since the .text segment of the .NET DLL is non-writable, a prefixed code stub is used to copy the payload into a new memory segment and continue execution from there.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:9363
Related OSVDB(s):50622
Related CVE(s):CVE-2008-4844
Last Modified:Feb 11 19:19:23 2010
MD5 Checksum:abc1e3d2c68694f5fa52e7d6b0cfd36f

 ///  File Name: peazip_command_injection.rb.txt
Description:
This Metasploit module exploits a command injection vulnerability in PeaZip. All versions prior to 2.6.2 are suspected vulnerable. Testing was conducted with version 2.6.1 on Windows. In order for the command to be executed, an attacker must convince someone to open a specially crafted zip file with PeaZip, and access the specially file via double-clicking it. By doing so, an attacker can execute arbitrary commands as the victim user.
Author:Nine:Situations:Group::pyrokinesis,jduck
Homepage:http://www.metasploit.com
File Size:2535
Related OSVDB(s):54966
Related CVE(s):CVE-2009-2261
Last Modified:Feb 11 19:18:49 2010
MD5 Checksum:7e46d8877655b8dc00799890963a50a1

 ///  File Name: ie-urlvalidation.txt
Description:
Microsoft Internet Explorer versions 7 and 8 suffer from an url validation vulnerability.
Author:Lostmon
Homepage:http://lostmon.blogspot.com/
File Size:7257
Related OSVDB(s):62245
Related CVE(s):CVE-2010-0027
Last Modified:Feb 10 18:19:31 2010
MD5 Checksum:d60b3fb4b6b318e0680533656880a97f

 ///  File Name: magicblocks-disclose.txt
Description:
Magic_Block1_2 suffers from a remote file disclosure vulnerability.
Author:jiko
File Size:1895
Last Modified:Feb 10 18:13:55 2010
MD5 Checksum:329362495d445b41ad98a5058b1becd0

 ///  File Name: ulokiforum-xss.txt
Description:
ULoki Community Forum version 2.1 suffers from a cross site scripting vulnerability.
Author:Sioma Labs
File Size:1434
Last Modified:Feb 10 18:03:21 2010
MD5 Checksum:25cc6751dc1c3c790c9ead953d7169e0

 ///  File Name: hashe-sql.txt
Description:
HASHE! suffers from multiple remote SQL injection vulnerabilities.
Author:AtT4CKxT3rR0r1ST
File Size:2139
Last Modified:Feb 10 16:16:24 2010
MD5 Checksum:6af80074222e3c119718dd1151a0600a

 ///  File Name: esmile-sql.txt
Description:
eSmile suffers from a remote SQL injection vulnerability.
Author:AtT4CKxT3rR0r1ST
File Size:1473
Last Modified:Feb 10 16:03:44 2010
MD5 Checksum:8a46371cb2e625b94fcae34b3fae7278

 ///  File Name: plspla-overflow.txt
Description:
PLS PLA WMDownloader proof of concept local buffer overflow exploit that creates a malicious .pls file.
Author:Beenu Arora
Homepage:http://www.beenuarora.com/
File Size:2288
Last Modified:Feb 10 15:56:08 2010
MD5 Checksum:37a1cc49e19208d2dad488b79ebef7a4

 ///  File Name: feedDemon.c
Description:
feedDemon version 3.1.0.9 .opml file local buffer overflow exploit.
Author:fl0 fl0w
File Size:9372
Last Modified:Feb 10 15:48:38 2010
MD5 Checksum:80d40a72966fa0347f4aea4b110284e1

 ///  File Name: nautilus-poc.txt
Description:
This is a proof of concept exploit for GNOME's Nautilus file manager version 2.26.2.
Author:Joe Dohn
File Size:1318
Last Modified:Feb 10 15:44:58 2010
MD5 Checksum:36091ee6abba13e6c04551711c5c8923

 ///  File Name: vermillion_ftpd_port.rb.txt
Description:
This Metasploit module exploits an out-of-bounds array access in the Arcane Software Vermillion FTP server. By sending an specially crafted FTP PORT command, an attacker can corrupt stack memory and execute arbitrary code. This particular issue is caused by processing data bound by attacker controlled input while writing into a 4 byte stack buffer. Unfortunately, the writing that occurs is not a simple byte copy. Processing is done using a source ptr (p) and a destination pointer (q). The vulnerable function walks the input string and continues while the source byte is non-null. If a comma is encountered, the function increments the the destination pointer. If an ascii digit [0-9] is encountered, the following occurs: *q = (*q * 10) + (*p - '0'); All other input characters are ignored in this loop. As a consequence, an attacker must craft input such that modifications to the current values on the stack result in usable values. In this exploit, the low two bytes of the return address are adjusted to point at the location of a 'call edi' instruction within the binary. This was chosen since 'edi' points at the source buffer when the function returns. NOTE: This server can be installed as a service using "vftpd.exe install". If so, the service does not restart automatically, giving an attacker only one attempt.
Author:jduck
Homepage:http://www.metasploit.com
File Size:5806
Related OSVDB(s):62163
Last Modified:Feb 9 21:13:30 2010
MD5 Checksum:0dbcd2c3469f1061e7b7ab3d2f7daa4c

 ///  File Name: iis_webdav_upload_asp.rb.txt
Description:
This Metasploit module can be used to execute a payload on IIS servers that have world-writeable directories. The payload is uploaded as an ASP script using a WebDAV PUT request.
Homepage:http://www.metasploit.com
File Size:3629
Related OSVDB(s):397
Last Modified:Feb 9 21:12:45 2010
MD5 Checksum:82c7cccc401998d74c7ac1163e6b8cca

 ///  File Name: rpc_cmsd_opcode21.rb.txt
Description:
This Metasploit module exploits a buffer overflow vulnerability in opcode 21 handled by rpc.cmsd on AIX. By making a request with a long string passed to the first argument of the "rtable_create" RPC, a stack based buffer overflow occurs. This leads to arbitrary code execution.
Author:Rodrigo Rubira Branco,jduck
Homepage:http://www.metasploit.com
File Size:2892
Related OSVDB(s):58726
Related CVE(s):CVE-2009-3699
Last Modified:Feb 9 21:11:01 2010
MD5 Checksum:cb4d6ac873330eaa32d39a0ce5164446

 ///  File Name: TWSL2010-001.txt
Description:
SpiderLabs has documented view state tampering vulnerabilities in three products from separate vendors. Microsoft ASP.Net version 3.5, Apache MyFaces versions 1.2.8 and 1.2.7, and Sun Microsystems Mojarra versions 1.2_14 and 2.0.2 are all vulnerable.
Homepage:http://www.trustwave.com/
File Size:11039
Last Modified:Feb 9 20:59:07 2010
MD5 Checksum:b7a0e2b58df7410038fd965bd2738cc8

 ///  File Name: adultbannerexchange-insecure.txt
Description:
AdultBannerExchange suffers from an insecure cookie handling vulnerability.
Author:jiko
File Size:773
Last Modified:Feb 9 20:56:28 2010
MD5 Checksum:2006490b66c551aef5404022772b0c65

 ///  File Name: apartmentsearch-insecuresql.txt
Description:
ApartmentSearch suffers from remote SQL injection and insecure cookie handling vulnerabilities.
Author:jiko
File Size:879
Last Modified:Feb 9 20:55:23 2010
MD5 Checksum:d73f66e452c8fc1cb865546f79336b34

 ///  File Name: bannerexchange-insecure.txt
Description:
BannerExchange suffers from an insecure cookie handling vulnerability.
Author:jiko
File Size:787
Last Modified:Feb 9 20:54:27 2010
MD5 Checksum:75fb6312e6f6f89e87879fa02cd903de

 ///  File Name: classifiedultra-insecuresql.txt
Description:
ClassifiedUltra suffers from remote SQL injection and insecure cookie handling vulnerabilities.
Author:jiko
File Size:802
Last Modified:Feb 9 20:53:19 2010
MD5 Checksum:b052427a25e724f7f988a38a3d5fb115

 ///  File Name: gameroom-upload.txt
Description:
GameRoom suffers from a remote shell upload vulnerability.
Author:jiko
File Size:759
Last Modified:Feb 9 20:51:56 2010
MD5 Checksum:5f067d884b2b87a86b949e821a993cd4

 ///  File Name: fontssite-disclose.txt
Description:
Fonts Site Script suffers from a remote file disclosure vulnerability.
Author:jiko
File Size:1231
Last Modified:Feb 9 20:50:19 2010
MD5 Checksum:f5659c65145dc221a787521425ff5d30

 ///  File Name: plspla-dos.txt
Description:
PLS PLA WMDownloader proof of concept denial of service exploit.
Author:jiko
File Size:3053
Last Modified:Feb 9 20:34:39 2010
MD5 Checksum:999596f37e714fad9d31dd2d3e28c928