Section:  .. / 1008-exploits  /

Page 8 of 17
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 >> Files 175 - 200 of 422
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: joomlalesson-sql.txt
Description:
The Joomla Lesson component suffers from a remote SQL injection vulnerability.
Author:Fl0riX
File Size:885
Last Modified:Aug 20 21:23:14 2010
MD5 Checksum:3363ae4f66aaac9eb172c08ff49ea906

 ///  File Name: karaokevc-dos.txt
Description:
Karaoke Video Create denial of service exploit that creates a malicious .pk2 file.
Author:PASSEWORD
File Size:391
Last Modified:Aug 20 21:15:16 2010
MD5 Checksum:f714806238a19241654f44e8b8ed28df

 ///  File Name: flockbrowser-xss.txt
Description:
Flock Browser version 3.0.0.3989 suffers from a malformed bookmark cross site scripting vulnerability.
Author:Lostmon
Homepage:http://lostmon.blogspot.com/
File Size:2134
Last Modified:Aug 20 21:12:24 2010
MD5 Checksum:735045b18d7a25d267c49e37e2fc3ed0

 ///  File Name: joomlaextcalendar-sql.txt
Description:
The Joomla Extcalendar component suffers from a remote blind SQL injection vulnerability.
Author:Lagripe-Dz
File Size:1132
Last Modified:Aug 20 21:11:07 2010
MD5 Checksum:70707310beda62e884b2cf2d855a07e8

 ///  File Name: mswordparse-overflow.txt
Description:
Microsoft Word record parsing buffer overflow exploit. This takes advantage of the vulnerability discussed in MS-09-027 and spawns calc.exe.
Author:Abhishek Sahni
File Size:2900176
Last Modified:Aug 20 21:08:58 2010
MD5 Checksum:cb496ad718150966414bb142378eb39b

 ///  File Name: NGENUITY-2010-007.txt
Description:
The login page for the Nagios XI management interface prior to version 2009R1.3 is vulnerable to cross-site scripting (XSS). This vulnerability does not require the victim to be authenticated. This vulnerability was originally thought to be addressed in version 2009R1.2C.
Author:Adam Baldwin
File Size:1455
Last Modified:Aug 20 21:07:13 2010
MD5 Checksum:f9f7aee752d34d0a62ecdd76a747a5af

 ///  File Name: playpad-overflow.txt
Description:
PlayPad Music Player version 1.12 denial of service exploit that creates a malicious .mp3 file.
Author:Praveen Darshanam
File Size:842
Last Modified:Aug 20 21:03:42 2010
MD5 Checksum:dd7e5638714cbcc92b4637421834cb1a

 ///  File Name: avmusic-dos.txt
Description:
AV Music Morpher Gold version 5.0.38 denial of service exploit that creates a malicious .m3u file.
Author:b0telh0
File Size:643
Last Modified:Aug 20 21:02:27 2010
MD5 Checksum:d38f84aa8bbcda4b0db44d30c109cb78

 ///  File Name: aventail_epi_activex.rb.txt
Description:
This Metasploit module exploits a format string vulnerability within version 10.0.4.x and 10.5.1 of the SonicWALL Aventail SSL-VPN Endpoint Interrogator/Installer ActiveX control (epi.dll). By calling the 'AuthCredential' method with a specially crafted Unicode format string, an attacker can cause memory corruption and execute arbitrary code. Unfortunately, it does not appear to be possible to indirectly re-use existing stack data for more reliable exploitation. This is due to several particulars about this vulnerability. First, the format string must be a Unicode string, which uses two bytes per character. Second, the buffer is allocated on the stack using the 'alloca' function. As such, each additional format specifier (%x) will add four more bytes to the size allocated. This results in the inability to move the read pointer outside of the buffer. Further testing showed that using specifiers that pop more than four bytes does not help. Any number of format specifiers will result in accessing the same value within the buffer. NOTE: It may be possible to leverage the vulnerability to leak memory contents. However, that has not been fully investigated at this time.
Author:Nikolas Sotiriu,jduck
Homepage:http://www.metasploit.com
File Size:5441
Related OSVDB(s):67286
Last Modified:Aug 20 20:37:48 2010
MD5 Checksum:ed696145b958ba72cb078d78d73be31f

 ///  File Name: alshamel-sql.txt
Description:
Alshamel 2 suffers from a remote SQL injection vulnerability.
Author:indoushka
File Size:3152
Last Modified:Aug 19 21:04:16 2010
MD5 Checksum:d88b9257740ff6fabe3977a1459348d2

 ///  File Name: vbul404-exec.txt
Description:
vBulletin version 4.0.4 suffers from a code execution vulnerability.
Author:mc2_s3lector
File Size:1961
Last Modified:Aug 19 20:54:52 2010
MD5 Checksum:73dd79a37833ff1acd35599f5d5ef305

 ///  File Name: syntaxhighlighter-xss.txt
Description:
Syntax High Lighter version 3.0.83 suffers from a cross site scripting vulnerability.
Author:indoushka
File Size:3104
Last Modified:Aug 19 20:52:19 2010
MD5 Checksum:435af4d5a610e46b302dd8d4df458240

 ///  File Name: NSOADV-2010-005.txt
Description:
SonicWALL E-Class SSL-VPN Active-X control suffers from a format string overflow.
Author:Nikolas Sotiriu
File Size:8213
Last Modified:Aug 19 20:44:55 2010
MD5 Checksum:99b58d5f89f587835cde84f1c9675e91

 ///  File Name: fennec-dos.txt
Description:
Fennec version 1.2 Beta 3 suffers from a denial of service vulnerability.
Author:d4rk-h4ck3r
File Size:508
Last Modified:Aug 19 20:43:51 2010
MD5 Checksum:357bcb91d8a4c5e6ed0f5630a94007b7

 ///  File Name: tuniac-dos.txt
Description:
Tuniac version 100723 suffers from a denial of service vulnerability.
Author:d4rk-h4ck3r
File Size:472
Last Modified:Aug 19 20:42:48 2010
MD5 Checksum:4e49415d448981a3b53a328c518a72e1

 ///  File Name: freebsd-cache.c
Description:
FreeBSD mbufs() sendfile cache poisoning local privilege escalation exploit that throws a setuid shell in /tmp. Works on 7.x and 8.x builds prior to 12Jul2010.
Author:Kingcope
File Size:4791
Last Modified:Aug 19 16:13:27 2010
MD5 Checksum:853d0646caa6fc732b1d4824faf52e8d

 ///  File Name: websensefail-bypass.txt
Description:
Websense Enterprise version 6.3.3 suffers from a bypass vulnerability using the Via: header. This was believed to be addressed but the remediation was insufficient.
Author:mrhinkydink
Related File:websense633-bypass.txt
File Size:2291
Last Modified:Aug 18 20:13:49 2010
MD5 Checksum:e47cc78195b40a9b1e7454fd630a7ba5

 ///  File Name: NDSA20100810.txt
Description:
The Rekonq web browser is vulnerable to Javascript injection in a number of components of the user interface. Depending on the exact component affected this can lead to Javascript being executed in a number of contexts which in the worst case could allow an arbitrary web site to be spoofed or even for the Javascript to be executed in the context of an arbitrary context.
Author:Tim Brown
Homepage:http://www.nth-dimension.org.uk/
File Size:6057
Last Modified:Aug 18 20:00:11 2010
MD5 Checksum:f826575d696a6820199c0f8c21c9625a

 ///  File Name: linkbucks-xssredir.txt
Description:
Linkbucks.com suffers from cross site scripting and URL redirection vulnerabilities.
Author:Aung Khant
Homepage:http://yehg.net/
File Size:2386
Last Modified:Aug 18 19:58:52 2010
MD5 Checksum:e3aaa6b2108da7284824805103b28c2e

 ///  File Name: adbard-xss.txt
Description:
The Ad Bard Network (adbard.net) suffers from a cross site scripting vulnerability.
Author:Aung Khant
Homepage:http://yehg.net/
File Size:3018
Last Modified:Aug 18 19:57:26 2010
MD5 Checksum:de15c0d33159fe35d6fd4bcf13ae33b9

 ///  File Name: php533-overflow.tgz
Description:
PHP version 5.3.3 suffers from an off-by-one overflow in ibase_gen_id(). Proof of concept code included.
Author:cb
File Size:40332
Last Modified:Aug 18 19:53:10 2010
MD5 Checksum:8a8d814f4ab5c675c18b6ca2e1cf6634

 ///  File Name: joomladirfrm-sql.txt
Description:
The Joomla Dirfrm component suffers from a remote SQL injection vulnerability.
Author:Hieuneo
File Size:1359
Last Modified:Aug 18 19:48:13 2010
MD5 Checksum:fcc2f9167fc03a5607979535c8fd584c

 ///  File Name: openrealty-disclose.txt
Description:
Open-Realty version 2.5.7 suffers from a local file disclosure vulnerability.
Author:Nikola Petrov
File Size:1930
Last Modified:Aug 18 19:46:19 2010
MD5 Checksum:70855efc1a538a647e48bdb9ed3fb6c7

 ///  File Name: rocknwav-overflow.txt
Description:
RockN_Wav Editor version 1.8 suffers from a buffer overflow vulnerability.
Author:d4rk-h4ck3r
File Size:397
Last Modified:Aug 18 19:43:40 2010
MD5 Checksum:dade8e84a900ddba13ae2ccabb4a8546

 ///  File Name: httpdx154-dos.txt
Description:
Httpdx version 1.5.4 suffers from a denial of service vulnerability.
Author:Dr_IDE
File Size:2390
Last Modified:Aug 18 19:42:36 2010
MD5 Checksum:ac4dd81e2c95ede3f176ea2958b04f11