Section:  .. / 1002-exploits  /

Page 10 of 16
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 >> Files 225 - 250 of 396
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: myphpguestbook-disclose.txt
Description:
myPHP Guestbook suffers from a database backup disclosure vulnerability.
Author:ViRuSMaN
File Size:1456
Last Modified:Feb 12 02:29:54 2010
MD5 Checksum:8e92efae0b43b7b16235955101b0daf5

 ///  File Name: myre-sql.txt
Description:
MYRE Classified suffers from a remote SQL injection vulnerability.
Author:kaMtiEz
Homepage:http://www.indonesiancoder.com/
File Size:2279
Last Modified:Feb 2 22:44:32 2010
MD5 Checksum:08524e212c8d069fdcdd4922e5702595

 ///  File Name: mysql_yassl_getname.rb.txt
Description:
This Metasploit module exploits a stack buffer overflow in the yaSSL (1.9.8 and earlier) implementation bundled with MySQL. By sending a specially crafted client certificate, an attacker can execute arbitrary code. This vulnerability is present within the CertDecoder::GetName function inside ./taocrypt/src/asn.cpp. However, the stack buffer that is written to exists within a parent function stack frame. NOTE: This vulnerability requires a non-default configuration. First, the attacker must be able to pass the host-based authentication. Next, the server must be configured to listen on an accessible network interface. Lastly, the server must have been manually configured to use SSL. The binary from version 5.5.0-m2 was built with /GS and /SafeSEH. During testing on Windows XP SP3, these protections successfully prevented exploitation. Testing was also done with mysql on Ubuntu 9.04. Although the vulnerable code is present, both version 5.5.0-m2 built from source and version 5.0.75 from a binary package were not exploitable due to the use of the compiler's FORTIFY feature. Although suse11 was mentioned in the original blog post, the binary package they provide does not contain yaSSL or support SSL.
Author:jduck
Homepage:http://www.metasploit.com
File Size:5840
Related OSVDB(s):61956
Last Modified:Feb 5 19:07:12 2010
MD5 Checksum:d029c6a4e1e757e8e1f838fe13930102

 ///  File Name: nabernet-sql.txt
Description:
Nabernet suffers from a remote SQL injection vulnerability.
Author:AtT4CKxT3rR0r1ST
File Size:892
Last Modified:Feb 17 17:27:37 2010
MD5 Checksum:4d081605ed4cc385827fcf58fa47eed2

 ///  File Name: nautilus-poc.txt
Description:
This is a proof of concept exploit for GNOME's Nautilus file manager version 2.26.2.
Author:Joe Dohn
File Size:1318
Last Modified:Feb 10 15:44:58 2010
MD5 Checksum:36091ee6abba13e6c04551711c5c8923

 ///  File Name: neroburningrom9-overflow.txt
Description:
Nero Burning ROM 9 iso compilation local buffer overflow exploit. Version 9.4.13.2 is affected.
Author:LiquidWorm
File Size:2765
Last Modified:Feb 23 02:30:08 2010
MD5 Checksum:62d7a64387219c024ef689f804b43af4

 ///  File Name: netzbrett-disclose.txt
Description:
Netzbrett suffers from an unauthenticated database backup vulnerability.
Author:ViRuSMaN
File Size:1239
Last Modified:Feb 15 18:39:25 2010
MD5 Checksum:9e5daf8fc65dd3a76e2d7d7ac2ba3beb

 ///  File Name: newbiecms-insecure.txt
Description:
Newbie CMS suffers from an insecure cookie handling vulnerability.
Author:jiko
File Size:974
Last Modified:Feb 25 00:06:13 2010
MD5 Checksum:18a16902e4af232fa4b30300393edee3

 ///  File Name: newcms-lfixssxsrfshell.txt
Description:
New-CMS version 1.08 suffers from cross site request forgery, cross site scripting, local file inclusion and shell upload vulnerabilities.
Author:Alberto Fontanella
File Size:2347
Last Modified:Feb 18 21:50:17 2010
MD5 Checksum:39d6ce1a45885ec8d935830e7ce48508

 ///  File Name: newslettertailor-disclose.txt
Description:
Newsletter Tailor suffers from remote database backup and disclosure vulnerabilities.
Author:ViRuSMaN
File Size:1628
Last Modified:Feb 9 17:51:11 2010
MD5 Checksum:fa0826349b5e0ea0926dd004e0b548f1

 ///  File Name: newslettertailor-rfi.txt
Description:
Newsletter Tailor suffers from a remote file inclusion vulnerability.
Author:Snakespc
File Size:990
Last Modified:Feb 9 19:51:31 2010
MD5 Checksum:9917bbeb48754fe7c06eb52a2c3178e9

 ///  File Name: newslettertailor-sql.txt
Description:
Newsletter Tailor suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Author:ViRuSMaN
File Size:1358
Last Modified:Feb 9 17:52:59 2010
MD5 Checksum:34ee1c42a1d59467cc5e096993b86fb6

 ///  File Name: nikara-xss.txt
Description:
The Nikiara Fraud Management System suffers from a cross site scripting vulnerability.
Author:thebluegenius
File Size:1529
Last Modified:Feb 12 01:24:35 2010
MD5 Checksum:033c2c402d541000c05d6e6f2eca477f

 ///  File Name: novelliprint_datetime.rb.txt
Description:
This Metasploit module exploits a stack overflow in Novell iPrint Client 5.30. When passing a specially crafted date/time string via certain parameters to ienipp.ocx an attacker can execute arbitrary code. NOTE: The "operation" variable must be set to a valid command in order to reach this vulnerability.
Author:jduck
Homepage:http://www.metasploit.com
File Size:3605
Related OSVDB(s):60804
Related CVE(s):CVE-2009-1569
Last Modified:Feb 5 19:05:53 2010
MD5 Checksum:1baa5f1892dc7e563aacd2917138431b

 ///  File Name: novelliprint_target-frame.rb.txt
Description:
This Metasploit module exploits a stack overflow in Novell iPrint Client 5.30. When passing an overly long string via the "target-frame" parameter to ienipp.ocx an attacker can execute arbitrary code. NOTE: The "operation" variable must be set to a valid command in order to reach this vulnerability.
Author:jduck
Homepage:http://www.metasploit.com
File Size:3666
Related OSVDB(s):60803
Related CVE(s):CVE-2009-1568
Last Modified:Feb 5 19:05:37 2010
MD5 Checksum:ed7494832b423837a82986e57fc24d46

 ///  File Name: novelliprint_target_frame.rb.txt
Description:
This Metasploit module exploits a stack overflow in Novell iPrint Client 5.30. When passing an overly long string via the "target-frame" parameter to ienipp.ocx an attacker can execute arbitrary code. NOTE: The "operation" variable must be set to a valid command in order to reach this vulnerability.
Author:jduck
Homepage:http://www.metasploit.com
File Size:3666
Related OSVDB(s):60803
Related CVE(s):CVE-2009-1568
Last Modified:Feb 23 19:30:09 2010
MD5 Checksum:3c93b9922ed66b323be31f7349ec51d0

 ///  File Name: obb-sql.txt
Description:
Open Bulletin Board suffers from a remote blind SQL injection vulnerability.
Author:AtT4CKxT3rR0r1ST
File Size:1431
Last Modified:Feb 8 17:29:57 2010
MD5 Checksum:3188bf3bd97fe1af12f8451e533dbcf4

 ///  File Name: OCHOA-2010-0209.txt
Description:
Flaws in Microsoft's implementation of the NTLM challenge-response authentication protocol causing the server to generate duplicate challenges/nonces and an information leak allow an unauthenticated remote attacker without any kind of credentials to access the SMB service of the target system under the credentials of an authorized user. Depending on the privileges of the user, the attacker will be able to obtain and modify files on the target system and execute arbitrary code. Proof of concept exploit included.
Author:Agustin Azubel,Hernan Ochoa
Homepage:http://www.hexale.org/
File Size:59641
Related CVE(s):CVE-2010-0231
Last Modified:Feb 9 20:03:22 2010
MD5 Checksum:bda076f3b77016ef22d44fd963cc382f

 ///  File Name: odlican-upload.txt
Description:
Odlican CMS version 1.5 suffers from an arbitrary remote file upload vulnerability.
Author:Teo Manojlovic
File Size:1051
Last Modified:Feb 5 18:11:10 2010
MD5 Checksum:8b04948082ee3c90b93ac13439e518cb

 ///  File Name: oes-rfi.txt
Description:
Open Educational System (OES) versions 0.1b and below suffer from a remote file inclusion vulnerability.
Author:cr4wl3r
File Size:2044
Last Modified:Feb 28 14:53:00 2010
MD5 Checksum:cdf8c5935fa51cfceaf2ffd1f96cb4e6

 ///  File Name: officialportal-sqlxss.txt
Description:
Official Portal 2007 suffers from cross site scripting and remote SQL injection vulnerabilities.
Author:Pouya Daneshmand
File Size:1095
Last Modified:Feb 23 01:18:19 2010
MD5 Checksum:65f5825e6b6a8b98fe48041bfa7dd8e1

 ///  File Name: oiblogs-lfi.txt
Description:
OIBlogs suffers from local file inclusion vulnerabilities.
Author:jiko
File Size:929
Last Modified:Feb 23 20:05:54 2010
MD5 Checksum:cab338e44e52bb05c723b367977989d7

 ///  File Name: ollydb-overflow.txt
Description:
OllyDbg version 2.00 Beta 1 local buffer overflow proof of concept exploit that launches calc.exe.
Author:SuBz3r0
File Size:1930
Last Modified:Feb 16 16:46:49 2010
MD5 Checksum:b15be67819c84993e91c3735623713bd

 ///  File Name: ollydbg200-overflow.txt
Description:
Ollydbg version 2.00 Beta1 local buffer overflow exploit.
Author:SuBz3r0
File Size:1712
Last Modified:Feb 23 02:02:21 2010
MD5 Checksum:feac41813cbe1b098a9dee3d23878f7f

 ///  File Name: omnidocs-sql.txt
Description:
Omnidocs suffers from a remote SQL injection vulnerability.
Author:thebluegenius
File Size:1410
Last Modified:Feb 12 01:26:12 2010
MD5 Checksum:2989d37f601129d19d0be75fdf3076f2