Section:  .. / 1008-exploits  /

Page 2 of 17
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 >> Files 25 - 50 of 422
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: webdav_dll_hijacker.rb.txt
Description:
This Metasploit module presents a directory of file extensions that can lead to code execution when opened from the share. The default EXTENSIONS option must be configured to specify a vulnerable application type.
Author:H D Moore,jcran,jduck
Homepage:http://www.metasploit.com
File Size:11144
Last Modified:Aug 23 20:15:48 2010
MD5 Checksum:21de0bdd172f542b793ce5aa05a8f4d4

 ///  File Name: final_sparc.pl.txt
Description:
rpc.ttdbserverd database parser heap overflow proof of concept exploit for Solaris SPARC.
Author:Rodrigo Rubira Branco
Related File:HPSBUX02556-SSRT100014.txt
File Size:10483
Related CVE(s):CVE-2010-0083
Last Modified:Aug 16 20:37:09 2010
MD5 Checksum:0057d6f278ed4809852593bf1848d7eb

 ///  File Name: cmssource-sqlxsslfi.txt
Description:
CMS Source suffers from cross site scripting, local file inclusion and remote SQL injection vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:10397
Last Modified:Aug 13 18:52:28 2010
MD5 Checksum:2113892a5e803e5b09eea288af28f97a

 ///  File Name: final_x86.pl.txt
Description:
rpc.ttdbserverd database parser heap overflow proof of concept exploit for Solaris x86.
Author:Rodrigo Rubira Branco
Related File:HPSBUX02556-SSRT100014.txt
File Size:10171
Related CVE(s):CVE-2010-0083
Last Modified:Aug 16 20:39:14 2010
MD5 Checksum:6c96a5ec281f1edaa4754a1c0a028028

 ///  File Name: mswinrealdraw-bounds.txt
Description:
Microsoft Windows suffers from missing HBITMAP bounds checks in the win32k!xxxRealDrawMenuItem() routine. Proof of concept code included.
Author:Tavis Ormandy
File Size:9905
Last Modified:Aug 17 18:41:35 2010
MD5 Checksum:fb9dd25753769b96f2052ab1b78b0627

 ///  File Name: SS-2010-007.txt
Description:
A vulnerability in the Windows kernel can be triggered via SMB in Microsoft Windows versions ranging from Windows 2000 through to Windows 7. This vulnerability allows an attacker to trigger a kernel pool corruption by sending a specially crafted SMB_COM_TRANSACTION2 request. Successful exploitation of this issue may result in remote code execution with kernel privileges, while failed attempts will result in a denial of service condition.
Author:laurent gaffie
Homepage:http://www.stratsec.net/
File Size:9891
Last Modified:Aug 12 20:01:59 2010
MD5 Checksum:7da37b9742180e99589a08d84a405ff9

 ///  File Name: modx-xssxsrf.txt
Description:
Mod-X suffers from cross site request forgery and cross site scripting vulnerabilities.
Author:TurboBorland
File Size:9796
Last Modified:Aug 25 23:46:24 2010
MD5 Checksum:dbc9dfad607ec717d709734dde521ed1

 ///  File Name: ministreamripper3121-overflow.txt
Description:
Mini-stream Ripper version 3.1.2.1 buffer overflow exploit with DEP bypass.
Author:fl0 fl0w
File Size:9694
Last Modified:Aug 7 11:38:22 2010
MD5 Checksum:e13c713135591b1104de97f110c16cb0

 ///  File Name: Microstation_dllhijact_exploit.rar
Description:
Bentaly Microstation version 7.1 DLL hijacking exploit.
Author:Kalyan
Homepage:http://reach2kalyan.blogspot.com/
File Size:9126
Last Modified:Aug 26 22:06:26 2010
MD5 Checksum:fbefa8bcde657703ca6582bec8fcd7c5

 ///  File Name: putty-dllhijack.txt
Description:
PuTTY version 0.60 DLL hijacking exploit.
Author:storm
File Size:9001
Last Modified:Aug 26 01:11:04 2010
MD5 Checksum:71bc7ed3b3420f3a61daacadca111795

 ///  File Name: cmsimple-xssxsrf.txt
Description:
CMSimple version 3.3 suffers from cross site request forgery and cross site scripting vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:8953
Last Modified:Aug 16 21:26:37 2010
MD5 Checksum:03bf8b52c05c5bf96bbfe5c5ffab7828

 ///  File Name: vwar-multi.txt
Description:
VWar suffers from cross site scripting, remote SQL injection, broken access controls and weak password generation vulnerabilities.
Author:Darren McDonald
File Size:8790
Last Modified:Aug 23 20:47:02 2010
MD5 Checksum:ebc69cb5ac918e58e9e37d96f8ca6e39

 ///  File Name: compucms-sqlxss.txt
Description:
CompuCMS suffers from cross site scripting and remote SQL injection vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:8707
Last Modified:Aug 26 22:44:31 2010
MD5 Checksum:931bb6b0b8459b6af3e6c8251b8a694f

 ///  File Name: NSOADV-2010-005.txt
Description:
SonicWALL E-Class SSL-VPN Active-X control suffers from a format string overflow.
Author:Nikolas Sotiriu
File Size:8213
Last Modified:Aug 19 20:44:55 2010
MD5 Checksum:99b58d5f89f587835cde84f1c9675e91

 ///  File Name: joomlaxoopszina-sql.txt
Description:
The Zina component for both Joomla and XOOPS suffers from a remote SQL injection vulnerability.
Author:Th3 RDX
File Size:7930
Last Modified:Aug 23 18:58:17 2010
MD5 Checksum:be1d06313731d6f58e2ca11001e15d37

 ///  File Name: sigplus-overflow.txt
Description:
SigPlus Pro version 3.74 Active-X LCDWriteString() remote buffer overflow exploit with JIT spray and ASLR/DEP bypass.
Author:mr_me
File Size:7860
Last Modified:Aug 3 01:16:15 2010
MD5 Checksum:909e19753f084a10e9ed2a79d8ea4a04

 ///  File Name: amethyst-xssxsrf.txt
Description:
Amethyst version 0.1.5 suffers from cross site request forgery and cross site scripting vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:7386
Last Modified:Aug 6 13:56:05 2010
MD5 Checksum:1f8b361ad92af23fcf10056cea26c5d1

 ///  File Name: webmatic-xssxsrf.txt
Description:
Webmatic version 3.0.5 suffers from cross site request forgery and cross site scripting vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:7304
Last Modified:Aug 26 21:47:00 2010
MD5 Checksum:7959a1583d00a8e6d0da73249b8ed98d

 ///  File Name: NGENUITY-2010-006.txt
Description:
Nagios XI 2009R1.2B suffers from a cross site request forgery vulnerability.
Author:Adam Baldwin
File Size:7279
Last Modified:Aug 12 00:56:22 2010
MD5 Checksum:5a3bedb9e8caaabc208b14be101ea3af

 ///  File Name: notepad-dllhijack.tgz
Description:
The Notepad++ application is vulnerable to the insecure DLL hijacking vulnerability. Versions 5.7 and below are affected.
Author:Aung Khant
Homepage:http://yehg.net/
File Size:7130
Last Modified:Aug 30 15:37:11 2010
MD5 Checksum:0ee3aa75cc4a2f9f8a6ceddf1347ceb0

 ///  File Name: bxr-sqlxssxsrf.txt
Description:
BXR version 0.6.8 suffers from cross site request forgery, cross site scripting and remote SQL injection vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:7099
Last Modified:Aug 6 13:21:30 2010
MD5 Checksum:bb585a7edc6a318b787430817da5d3c6

 ///  File Name: apple_quicktime_marshaled_punk.rb.t..>
Description:
This Metasploit module exploits a memory trust issue in Apple QuickTime 7.6.7. When processing a specially-crafted HTML page, the QuickTime ActiveX control will treat a supplied parameter as a trusted pointer. It will then use it as a COM-type pUnknown and lead to arbitrary code execution. This exploit utilizes a combination of heap spraying and the QuickTimeAuthoring.qtx module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions. NOTE: The addresses may need to be adjusted for older versions of QuickTime.
Author:Ruben Santamarta,jduck
Homepage:http://www.metasploit.com
File Size:7052
Related CVE(s):CVE-2010-1818
Last Modified:Aug 30 19:00:59 2010
MD5 Checksum:7ad044f928efe468c6ea9c5cb5d51a74

 ///  File Name: qtweb-dllhijack.tgz
Description:
QtWeb Browser version 3.3 build 043 DLL hijacking exploit.
Author:Aung Khant
Homepage:http://yehg.net/
File Size:6842
Last Modified:Aug 30 17:57:10 2010
MD5 Checksum:a61ba519336b8cb290a240a5a1997066

 ///  File Name: mswinntcreatethread-racecondition.t..>
Description:
Microsoft Windows suffers from a race condition in NtCreateThread(). Proof of concept code included.
Author:Tavis Ormandy
File Size:6833
Related CVE(s):CVE-2010-1888
Last Modified:Aug 17 18:30:48 2010
MD5 Checksum:35848b6e617f707b6528987bbbb83e1a

 ///  File Name: maxthon-dllhijack.tgz
Description:
Maxthon Browser version 2.5.15.1000 DLL hijacking exploit that leverages dwmapi.dll.
Author:Aung Khant
Homepage:http://yehg.net/
File Size:6808
Last Modified:Aug 30 17:54:17 2010
MD5 Checksum:daebc041ed83ae09d1c932d3fb0c4c61