Section:  .. / 1003-exploits  /

Page 3 of 17
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 >> Files 50 - 75 of 424
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: applesafari-overflow.txt
Description:
Apple Safari Tag heap spray buffer overflow exploit for OS X.
Author:eidelweiss
File Size:4365
Last Modified:Mar 22 17:45:16 2010
MD5 Checksum:0b28bf5fb15b0d384a509fdf1057c42c

 ///  File Name: quickzip_xpsp3.pl.txt
Description:
QuickZip version 4.60.019 stack buffer overflow exploit for XP SP3.
Author:corelanc0d3r
File Size:4363
Last Modified:Mar 16 00:13:48 2010
MD5 Checksum:115495832ffe27ef0c37a2dfa4d3d799

 ///  File Name: freesshd-dos.txt
Description:
FreeSSHD version 1.2.4 buffer overflow denial of service exploit.
Author:Pi3rrot
File Size:4351
Last Modified:Mar 22 19:34:31 2010
MD5 Checksum:8ba60eb9530f30acc508a0e53aede77a

 ///  File Name: dojo-xss.txt
Description:
Dojo Toolkit SDK versions 1.4.1 and below suffer from a cross site scripting vulnerability.
Author:Adam Bixby
Homepage:http://www.gdssecurity.com/
File Size:4343
Last Modified:Mar 16 00:46:57 2010
MD5 Checksum:35c74e69700d51106381fc918fded8e4

 ///  File Name: webex_ucf_newobject.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow in WebEx's WebexUCFObject ActiveX Control. If an long string is passed to the 'NewObject' method, a stack- based buffer overflow will occur when copying attacker-supplied data using the sprintf function. It is noteworthy that this vulnerability was discovered and reported by multiple independent researchers.
Author:Elazar Broad,Guido Landi,Tobias Klein
Homepage:http://www.metasploit.com
File Size:4340
Related OSVDB(s):47344
Related CVE(s):CVE-2008-3558
Last Modified:Mar 4 18:34:42 2010
MD5 Checksum:f2d99a88beab4e4dd35711d91502b078

 ///  File Name: hpopenview-overflow.txt
Description:
HP OpenView NNM version 7.53 OvWebHelp.exe CGI topic buffer overflow exploit.
Author:S2 Crew
File Size:4261
Related CVE(s):CVE-2009-4178
Last Modified:Mar 30 20:54:58 2010
MD5 Checksum:1bdd19fe6d27adabe3be80b4ae3772d3

 ///  File Name: embedthis-dos.txt
Description:
Embedthis Appweb version 3.1.2 remote denial of service exploit.
Author:chr1x
File Size:4192
Last Modified:Mar 16 00:21:05 2010
MD5 Checksum:21b1af26a52d6bc36668e826d80f52a0

 ///  File Name: flirtmatching-sql.txt
Description:
Flirt Matching SMS System remote SQL injection exploit.
Author:Easy Laster
File Size:4167
Last Modified:Mar 28 16:04:26 2010
MD5 Checksum:5423129505a40fb9d41d94d3aa9e0a3b

 ///  File Name: lexmark-overflow.txt
Description:
Multiple Lexmark laser printers suffer from a remote stack overflow vulnerability. Proof of concept code included.
Author:Francis Provencher
File Size:4161
Related CVE(s):CVE-2010-0619
Last Modified:Mar 23 18:28:09 2010
MD5 Checksum:8781883c783d1af4ab4f637e574f8b45

 ///  File Name: prosshd-overflow.txt
Description:
ProSSHD version 1.2 buffer overflow exploit with reverse shell shellcode.
Author:S2 Crew
File Size:4061
Last Modified:Mar 2 21:24:36 2010
MD5 Checksum:d17a8f0f099e506780744501cff9e544

 ///  File Name: easyclanpage21-sql.txt
Description:
Easy-Clanpage versions 2.1 and below remote SQL injection exploit.
Author:Easy Laster
Related Exploit:easyclanpage201-sql.txt
File Size:4011
Last Modified:Mar 30 21:45:36 2010
MD5 Checksum:5db926d1467ddfcc390e48bcb827a010

 ///  File Name: SAP-Logon7-System.zip
Description:
SAP GUI version 7.10 WebViewer3D Active-X JIT-Spray exploit.
Author:Alexey Sintsov
Homepage:http://www.dsec.ru/
File Size:3995
Last Modified:Mar 8 15:59:07 2010
MD5 Checksum:ecdcfd44aa28996e595d1ad2416aaf39

 ///  File Name: ms09_043_owc_htmlurl.rb.txt
Description:
This Metasploit module exploits a buffer overflow in Microsoft's Office Web Components. When passing an overly long string as the "HTMLURL" parameter an attacker can execute arbitrary code.
Author:jduck
Homepage:http://www.metasploit.com
File Size:3959
Related OSVDB(s):56916
Related CVE(s):CVE-2009-1534
Last Modified:Mar 3 16:09:22 2010
MD5 Checksum:5e0896753d9f76d6397285f011c79a38

 ///  File Name: httpdx153b-crash.txt
Description:
httpdx version 1.5.3b remote pre-authentication denial of service proof of concept exploit.
Author:loneferret
File Size:3898
Last Modified:Mar 16 00:19:41 2010
MD5 Checksum:cd6eaf143dd7d6978809b8f9990e2645

 ///  File Name: ultraoffice_httpupload.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow in Ultra Shareware's Office Control. When processing the 'HttpUpload' method, the arguments are concatenated together to form a command line to run a bundled version of cURL. If the command fails to run, a stack-based buffer overflow occurs when building the error message. This is due to the use of sprintf() without proper bounds checking. NOTE: Due to input restrictions, this exploit uses a heap-spray to get the payload into memory unmodified.
Author:jduck ,shinnai
Homepage:http://www.metasploit.com
File Size:3850
Related OSVDB(s):47866
Related CVE(s):CVE-2008-3878
Last Modified:Mar 4 22:53:30 2010
MD5 Checksum:aefc32154c02bb9668cd3b779b48f669

 ///  File Name: ultraiso_cue.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow in EZB Systems, Inc's UltraISO. When processing .CUE files, data is read from file into a fixed-size stack buffer. Since no bounds checking is done, a buffer overflow can occur. Attackers can execute arbitrary code by convincing their victim to open an CUE file. NOTE: A file with the same base name, but the extension of "bin" must also exist. Opening either file will trigger the vulnerability, but the files must both exist.
Author:jduck
Homepage:http://www.metasploit.com
File Size:3810
Related OSVDB(s):36570
Related CVE(s):CVE-2007-2888
Last Modified:Mar 29 22:42:25 2010
MD5 Checksum:51bf024fb6d7f9dc9c86340abf590c67

 ///  File Name: chilkat_crypt_writefile.rb.txt
Description:
This Metasploit module allows attackers to execute code via the 'WriteFile' unsafe method of Chilkat Software Inc's Crypt ActiveX control. This exploit is based on shinnai's exploit that uses an hcp:// protocol URI to execute our payload immediately. However, this method requires that the victim user be browsing with Administrator. Additionally, this method will not work on newer versions of Windows. NOTE: This vulnerability is still unpatched. The latest version of Chilkat Crypt at the time of this writing includes ChilkatCrypt2.DLL version 4.4.4.0.
Author:jduck ,shinnai
Homepage:http://www.metasploit.com
File Size:3732
Related OSVDB(s):49510
Related CVE(s):CVE-2008-5002
Last Modified:Mar 4 22:53:51 2010
MD5 Checksum:f3b162c328a7f7e6484b72aabd8fb52e

 ///  File Name: 60cyclecms-xss.txt
Description:
60cycleCMS suffers from a cross site scripting vulnerability.
Author:Pratul Agrawal
File Size:3606
Last Modified:Mar 10 10:15:49 2010
MD5 Checksum:47b9959eebc266e101924d1fd6e37482

 ///  File Name: directadmin1344-xsrf.txt
Description:
DirectAdmin version 1.34.4 suffers from a cross site request forgery vulnerability.
Author:K053
File Size:3530
Last Modified:Mar 19 22:22:04 2010
MD5 Checksum:9ba28f02c4b37d7413c604296f30c7e2

 ///  File Name: ms09_043_owc_msdso.rb.txt
Description:
This Metasploit module exploits a memory corruption vulnerability within the Office Web Component Spreadsheet ActiveX control. This Metasploit module was based on an exploit found in the wild.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:3393
Related OSVDB(s):55806
Related CVE(s):CVE-2009-1136
Last Modified:Mar 2 20:45:57 2010
MD5 Checksum:2d5642512494e02db704c47380a6a0f6

 ///  File Name: baofeng_storm_onbeforevideodownload..>
Description:
This Metasploit module exploits a buffer overflow in BaoFeng's Storm media Player ActiveX control. Versions of mps.dll including 3.9.4.27 and lower are affected. When passing an overly long string to the method "OnBeforeVideoDownload" an attacker can execute arbitrary code.
Author:jduck
Homepage:http://www.metasploit.com
File Size:3388
Related OSVDB(s):54169
Related CVE(s):CVE-2009-1612
Last Modified:Mar 2 20:46:52 2010
MD5 Checksum:e18883898f1138c4508cddb2852a05af

 ///  File Name: woltlabb-sql.txt
Description:
Woltlab Burning Board Teamsite Hack version 3.0 remote SQL injection exploit that leverages ts_other.php.
Author:Easy Laster
File Size:3386
Last Modified:Mar 22 17:41:38 2010
MD5 Checksum:a9be3de96d106c3fea0a5d57588c9069

 ///  File Name: quickzip.py.txt
Description:
QuickZip version 4.60 local buffer overflow proof of concept exploit that creates a malicious .zip file. This version does not have the egghunter.
Author:corelanc0d3r,mr_me
File Size:3329
Last Modified:Mar 8 21:10:35 2010
MD5 Checksum:855aae375aa00be2327a35c12ecd0a76

 ///  File Name: easyclanpage201-sql.txt
Description:
Easy-Clanpage versions 2.01 and below remote SQL injection exploit.
Author:Easy Laster
Related Exploit:easyclanpage-sql.txt
File Size:3327
Last Modified:Mar 28 15:28:37 2010
MD5 Checksum:26d02c2229547262e5bd819143161457

 ///  File Name: spamassassin-remoteroot.txt
Description:
The Spamassassin Milter plugin suffers from a remote root command execution vulnerability. Full exploit details provided.
Author:Kingcope
File Size:3309
Last Modified:Mar 8 17:05:26 2010
MD5 Checksum:65f987b29f0f557007bd95469466936d