Section:  .. / 1008-exploits  /

Page 3 of 17
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 >> Files 50 - 75 of 422
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: mswinicmp-dos.txt
Description:
Microsoft Windows IcmpSendEcho2Ex interrupting denial of service exploit.
Author:l3D
File Size:6634
Last Modified:Aug 23 20:44:26 2010
MD5 Checksum:803c473fe5d91ed0f9c6183017d35700

 ///  File Name: nginx-heapcorrupt.txt
Description:
Nginx version 0.6.38 heap corruption exploit.
Author:aaron conole
File Size:6520
Last Modified:Aug 30 17:44:10 2010
MD5 Checksum:36ed98b3f0337da621ba6ffcaebd7ce9

 ///  File Name: avastis-corrupt.txt
Description:
Avast! Internet Security version 5.0 suffers from a memory pool corruption denial of service vulnerability.
Author:x90c
File Size:6476
Last Modified:Aug 3 13:03:38 2010
MD5 Checksum:30170429d3910a259fce16283ffd8124

 ///  File Name: keepass-dllhijack.tgz
Description:
KeePass Password Safe versions 2.12 and below suffer from a DLL hijacking vulnerability.
Author:Aung Khant
Homepage:http://yehg.net/
File Size:6405
Last Modified:Aug 31 19:48:41 2010
MD5 Checksum:4df8443bd6e31f1e8500adef4f594bb2

 ///  File Name: NDSA20100810.txt
Description:
The Rekonq web browser is vulnerable to Javascript injection in a number of components of the user interface. Depending on the exact component affected this can lead to Javascript being executed in a number of contexts which in the worst case could allow an arbitrary web site to be spoofed or even for the Javascript to be executed in the context of an arbitrary context.
Author:Tim Brown
Homepage:http://www.nth-dimension.org.uk/
File Size:6057
Last Modified:Aug 18 20:00:11 2010
MD5 Checksum:f826575d696a6820199c0f8c21c9625a

 ///  File Name: foxitreader-jailbreak.txt
Description:
Foxit Reader versions 4.0 and below pdf jailbreak exploit.
Author:Jose Miguel Esparza
File Size:6028
Last Modified:Aug 25 22:57:02 2010
MD5 Checksum:f5d09de81db318169925d710a9d703b0

 ///  File Name: allintacms-sqlxss.txt
Description:
Allinta CMS version 22.07.2010 suffers from cross site scripting and remote SQL injection vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:5786
Last Modified:Aug 12 00:38:50 2010
MD5 Checksum:4037b071b970f48aab7e9d55bb5c05d1

 ///  File Name: mswinseobjectcreate-bounds.txt
Description:
Microsoft Windows suffers from missing ACE bounds checks in the routine nt!SeObjectCreateSaclAccessBits(). Proof of concept code included.
Author:Tavis Ormandy
File Size:5678
Related CVE(s):CVE-2010-1890
Last Modified:Aug 17 18:36:24 2010
MD5 Checksum:a00365ebdc867a53de1b5dbe9193f33b

 ///  File Name: adobe_pdf_embedded_exe_nojs.rb.txt
Description:
This Metasploit module embeds a Metasploit payload into an existing PDF file in a non-standard method. The resulting PDF can be sent to a target as part of a social engineering attack.
Author:Jeremy L Gaddis
Homepage:http://www.metasploit.com
File Size:5675
Related OSVDB(s):63667
Related CVE(s):CVE-2010-1240
Last Modified:Aug 25 23:51:33 2010
MD5 Checksum:65e538690c4446a2193cda2ebe0b405e

 ///  File Name: dtcentrepiece-xss.txt
Description:
DT Centrepiece version 4.5 suffers from a cross site scripting and logic error vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:5665
Last Modified:Aug 6 13:27:50 2010
MD5 Checksum:0b38abe9dd5faed8f7bab664b31b7592

 ///  File Name: rosoftmp444seh-overflow.txt
Description:
Rosoft Media Player version 4.4.4 SEH buffer overflow exploit.
Author:dijital1
File Size:5656
Last Modified:Aug 16 21:29:39 2010
MD5 Checksum:b19eff44bbbf1ae3afb94d798ff61139

 ///  File Name: aventail_epi_activex.rb.txt
Description:
This Metasploit module exploits a format string vulnerability within version 10.0.4.x and 10.5.1 of the SonicWALL Aventail SSL-VPN Endpoint Interrogator/Installer ActiveX control (epi.dll). By calling the 'AuthCredential' method with a specially crafted Unicode format string, an attacker can cause memory corruption and execute arbitrary code. Unfortunately, it does not appear to be possible to indirectly re-use existing stack data for more reliable exploitation. This is due to several particulars about this vulnerability. First, the format string must be a Unicode string, which uses two bytes per character. Second, the buffer is allocated on the stack using the 'alloca' function. As such, each additional format specifier (%x) will add four more bytes to the size allocated. This results in the inability to move the read pointer outside of the buffer. Further testing showed that using specifiers that pop more than four bytes does not help. Any number of format specifiers will result in accessing the same value within the buffer. NOTE: It may be possible to leverage the vulnerability to leak memory contents. However, that has not been fully investigated at this time.
Author:Nikolas Sotiriu,jduck
Homepage:http://www.metasploit.com
File Size:5441
Related OSVDB(s):67286
Last Modified:Aug 20 20:37:48 2010
MD5 Checksum:ed696145b958ba72cb078d78d73be31f

 ///  File Name: digistoreecommerce-shell.txt
Description:
Digistore Ecommerce version 4.0 suffers from a remote shell upload vulnerability.
Author:indoushka
File Size:5323
Last Modified:Aug 3 09:59:12 2010
MD5 Checksum:de7a932cb681f014c74d23c333d18b7c

 ///  File Name: cubecart-shell.txt
Description:
Cube Cart version 3.0.19 suffers from a shell upload vulnerability.
Author:indoushka
File Size:5319
Last Modified:Aug 3 10:16:58 2010
MD5 Checksum:b7616b1051c9f48224315055d716120d

 ///  File Name: MSA100410.txt
Description:
CA Oneview monitor lets users save configuration files with arbitrary extensions allowing for the execution of arbitrary JSP code.
Author:Giorgio Fedon
Homepage:http://www.mindedsecurity.com/
File Size:5229
Last Modified:Aug 12 22:04:30 2010
MD5 Checksum:afb06289541ea8a3fffdf8123756ea74

 ///  File Name: adobear-corrupt.tgz
Description:
Adobe Acrobat Reader memory corruption proof of concept exploit.
Author:ItSecTeam
File Size:5024
Last Modified:Aug 26 00:12:52 2010
MD5 Checksum:3b7e94e88e29c146555e726f4abe9d7b

 ///  File Name: openblog-xssxsrf.txt
Description:
Open Blog version 1.2.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:5013
Last Modified:Aug 6 13:44:24 2010
MD5 Checksum:e516155ff0111eddd17de378c0b79bd4

 ///  File Name: eazycms-xss.txt
Description:
eazyCMS suffers from a cross site scripting vulnerability.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:4988
Last Modified:Aug 13 18:54:33 2010
MD5 Checksum:a79767f2e3711d515aa73a9a601238cc

 ///  File Name: apple_quicktime_smil_debug.rb.txt
Description:
This Metasploit module exploits a buffer overflow in Apple QuickTime 7.6.6. When processing a malformed SMIL uri, a stack-based buffer overflow can occur when logging an error message.
Author:Krystian Kloskowski,jduck
Homepage:http://www.metasploit.com
File Size:4912
Related OSVDB(s):66636
Related CVE(s):CVE-2010-1799
Last Modified:Aug 16 19:32:57 2010
MD5 Checksum:86889c929e573ecc452b6f495d2461ee

 ///  File Name: sopcast-overflow.txt
Description:
Sopcast version 3.2.9 remote buffer overflow exploit.
Author:Sud0
File Size:4893
Last Modified:Aug 12 02:39:56 2010
MD5 Checksum:79638fd3b783b36096502cdaf39e9f2f

 ///  File Name: htmlcreator-overflow.txt
Description:
HTML Email Creator version 2.42 build 718 buffer overflow exploit.
Author:MadjiX
File Size:4869
Last Modified:Aug 3 01:24:32 2010
MD5 Checksum:d78362f99af50e0117ed5462eb2ce7df

 ///  File Name: freebsd-cache.c
Description:
FreeBSD mbufs() sendfile cache poisoning local privilege escalation exploit that throws a setuid shell in /tmp. Works on 7.x and 8.x builds prior to 12Jul2010.
Author:Kingcope
File Size:4791
Last Modified:Aug 19 16:13:27 2010
MD5 Checksum:853d0646caa6fc732b1d4824faf52e8d

 ///  File Name: diamondlist-xssxsrf.txt
Description:
DiamondList version 0.1.6 suffers from cross site request forgery and cross site scripting vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:4709
Last Modified:Aug 6 13:29:12 2010
MD5 Checksum:567342ddc675cf69b6c827994acd1d02

 ///  File Name: itunes-xss.txt
Description:
It appears that the Apple iTunes store suffers from some cross site scripting vulnerabilities.
Author:Ivan Sanchez
File Size:4635
Last Modified:Aug 3 10:14:10 2010
MD5 Checksum:bcfb8cc7845ed8922a76a35db3fa087f

 ///  File Name: MSA130510.txt
Description:
JForum versions 2.08 and below suffer from a stored cross site scripting vulnerability.
Author:Giorgio Fedon
Homepage:http://www.mindedsecurity.com/
File Size:4626
Last Modified:Aug 12 22:06:31 2010
MD5 Checksum:d2770c80907f80d8c09b0a1659e15efe