Section:  .. / 1007-exploits  /

Page 1 of 16
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 >> Files 1 - 25 of 378
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: qtsslame-dos.tgz
Description:
Qt versions 4.6.3 and below suffer from a remote denial of service vulnerability. Exploit included.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
File Size:479052
Last Modified:Jul 7 23:45:00 2010
MD5 Checksum:ea1bac1b7bd191005e97a09ff258e103

 ///  File Name: msexcel0x5d-overflow.txt
Description:
Microsoft Excel 0x5D record stack overflow exploit.
Author:webDEViL
File Size:433621
Related CVE(s):CVE-2010-0822
Last Modified:Jul 14 20:52:15 2010
MD5 Checksum:4377ed669fc212a6fcb734c4a6eb207f

 ///  File Name: rp-0day-08-07-2010.tar
Description:
Real Player version 12.0.0.879 0-day exploit for Windows XP.
Author:webDEViL
File Size:60416
Last Modified:Jul 9 20:24:46 2010
MD5 Checksum:c90f26ce199f925e43a350ae2071712d

 ///  File Name: cybsec-2010-0701.pdf
Description:
InterScan Web Security Virtual Appliance version 5.0 suffers from a permanent cross site scripting vulnerability.
Author:Ivan Huertas
Homepage:http://www.cybsec.com/
File Size:56177
Last Modified:Jul 1 21:22:58 2010
MD5 Checksum:ca41eb0f5623dc1002983ae31a9964a2

 ///  File Name: gkrellm2-plugin-PoC.tar.gz
Description:
GKrellM2 System Monitor Plugin local proof of concept exploit that spawns a shell on tcp/6666.
Author:Marshall Whittaker
File Size:50189
Last Modified:Jul 19 21:00:08 2010
MD5 Checksum:45cf633dccfcdb742412c24ea501ae5d

 ///  File Name: bfonlywebs-upload.tgz
Description:
The Refractor 2 engine in Battlefield 2 versions 1.50 and below and Battlefield 2142 versions 1.50 and below suffers from multiple arbitrary file upload vulnerabilities. Exploit included.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
File Size:37303
Last Modified:Jul 8 00:29:32 2010
MD5 Checksum:1fba493fd4a339f4f0558fffefc2942b

 ///  File Name: dplay8fp.tgz
Description:
DirectPlay8 suffers from NULL pointer and access violation / freeze vulnerabilities. Exploit included.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
File Size:28981
Last Modified:Jul 20 20:16:57 2010
MD5 Checksum:a94c83d3d6f4879699f07aa1565b6b86

 ///  File Name: fearless.tgz
Description:
The Lithtech engine in F.E.A.R and F.E.A.R. 2 Project Origin suffers from a memory corruption vulnerability. Exploit included.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
File Size:23447
Last Modified:Jul 20 20:31:47 2010
MD5 Checksum:e65677a631cace6487e4a186922a43da

 ///  File Name: usbsploit.rb.txt
Description:
USBsploit is a proof of concept for dumping files from remote USB drives on multiple targets at the same time. It works through Meterpreter sessions with a light (24MB) modified version of Metasploit. The interface is a modified version of SET. usbsploit.rb can also be used with the original Metasploit Framework.
Author:Xavier Poli
Homepage:http://secuobs.com/news/14072010-usbsploit_v0.1b_meterpreter_msf_5.shtml
File Size:22112
Last Modified:Jul 15 23:24:13 2010
MD5 Checksum:273abb50efa78c83303f4992aa53a209

 ///  File Name: suckme.tgz
Description:
Microsoft Windows automatic LNK shortcut file code execution exploit.
Author:Ivanlef0u
File Size:22110
Last Modified:Jul 18 16:52:04 2010
MD5 Checksum:5992677a0ccc8670391045065e658f30

 ///  File Name: cisco-manipulate.txt
Description:
Virtual Security Research, LLC. Security Advisory - VSR identified multiple weaknesses in the Cisco CSS 11500's handling of HTTP header interpretation and client-side SSL certificates.
Author:George D. Gal
Homepage:http://www.vsecurity.com/
File Size:20734
Related CVE(s):CVE-2010-1575, CVE-2010-1576
Last Modified:Jul 3 14:05:30 2010
MD5 Checksum:797c8a38bb53ab5306f8eb704417e228

 ///  File Name: ZSL-2010-4946.tgz
Description:
Corel Presentations X5 version 15.0.0.357 (shw) buffer preoccupation proof of concept exploit.
Author:LiquidWorm
Homepage:http://www.zeroscience.mk/
File Size:20522
Last Modified:Jul 12 20:07:57 2010
MD5 Checksum:b6eeada2058a281c2a757936cd1a64f3

 ///  File Name: corelwpoxs-overflow.txt
Description:
Corel WordPerfect Office X5 version 15.0.0.357 (wpd) buffer overflow proof of concept exploit.
Author:LiquidWorm
Homepage:http://www.zeroscience.mk/
File Size:19722
Last Modified:Jul 12 20:02:05 2010
MD5 Checksum:e3438857e9d990728cdb471bcd4a7a78

 ///  File Name: ms10_045_outlook_ref_only.rb.txt
Description:
It has been discovered that certain e-mail message cause Outlook to create Windows shortcut-like attachments or messages within Outlook. Through specially crafted TNEF streams with certain MAPI attachment properties, it is possible to set a path name to files to be executed. When a user double clicks on such an attachment or message, Outlook will proceed to execute the file that is set by the path name value. These files can be local files, but also file stored remotely for example on a file share. Exploitation is limited by the fact that its is not possible for attackers to supply command line options.
Author:Yorick Koster
Homepage:http://www.metasploit.com
File Size:16222
Related OSVDB(s):66296
Related CVE(s):CVE-2010-0266
Last Modified:Jul 26 16:20:32 2010
MD5 Checksum:dcbc54915c27887c2bb2f3952c91bd21

 ///  File Name: ms10_045_outlook_ref_resolve.rb.txt
Description:
It has been discovered that certain e-mail message cause Outlook to create Windows shortcut-like attachments or messages within Outlook. Through specially crafted TNEF streams with certain MAPI attachment properties, it is possible to set a path name to files to be executed. When a user double clicks on such an attachment or message, Outlook will proceed to execute the file that is set by the path name value. These files can be local files, but also file stored remotely for example on a file share. Exploitation is limited by the fact that its is not possible for attackers to supply command line options.
Author:Yorick Koster
Homepage:http://www.metasploit.com
File Size:15127
Related OSVDB(s):66296
Related CVE(s):CVE-2010-0266
Last Modified:Jul 26 16:19:43 2010
MD5 Checksum:e7e89d2eccf76253811695d7fc565779

 ///  File Name: ms10_xxx_windows_shell_lnk_execute...>
Description:
This Metasploit module exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL. This Metasploit module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path.
Author:H D Moore,jduck
Homepage:http://www.metasploit.com
File Size:13203
Related OSVDB(s):66387
Related CVE(s):CVE-2010-2568
Last Modified:Jul 20 20:00:19 2010
MD5 Checksum:fd035d7f7129d354630330909d5674e7

 ///  File Name: weblogic-inject.txt
Description:
Virtual Security Research, LLC. Security Advisory - Over the last several years, VSR analysts had observed unusual behavior in multiple WebLogic deployments when certain special characters were URL encoded and appended to URLs. In late April, 2010 VSR began researching this more in depth and found that the issue could allow for HTTP header injection and HTTP request smuggling attacks.
Author:George D. Gal,Timothy D. Morgan
Homepage:http://www.vsecurity.com/
File Size:12884
Related CVE(s):CVE-2010-2375
Last Modified:Jul 14 01:08:10 2010
MD5 Checksum:9764aaeda5a938776e77b9f8161323a8

 ///  File Name: asxtomp3-seh.txt
Description:
ASX to MP3 Converter version 3.1.2.1 SEH exploit with DEP and ASLR bypass for multiple OSes.
Author:Node
File Size:12677
Last Modified:Jul 14 00:39:02 2010
MD5 Checksum:128a5d09cf798d9f66865e6e2c1c7a56

 ///  File Name: ufoalient-overflow.txt
Description:
UFO: Alien Invasion version 2.2.1 buffer overflow exploit with Windows 7 ASLR and DEP bypass.
Author:Node
File Size:11684
Last Modified:Jul 6 11:01:17 2010
MD5 Checksum:7248bb5219efd2ca07d8bb310728cbd9

 ///  File Name: ari-lfixsrfxss.txt
Description:
Asterisk Recording Interface suffers from cross site request forgery, cross site scripting, denial of service, local file inclusion and path disclosure vulnerabilities.
Author:TurboBorland
File Size:11650
Last Modified:Jul 12 23:28:54 2010
MD5 Checksum:b12a4771ed771c943be7f6740a2c87ba

 ///  File Name: ms10_042_helpctr_xss_cmd_exec.rb.tx..>
Description:
Help and Support Center is the default application provided to access online documentation for Microsoft Windows. Microsoft supports accessing help documents directly via URLs by installing a protocol handler for the scheme "hcp". Due to an error in validation of input to hcp:// combined with a local cross site scripting vulnerability and a specialized mechanism to launch the XSS trigger, arbitrary command execution can be achieved. On IE7 on XP SP2 or SP3, code execution is automatic. If WMP9 is installed, it can be used to launch the exploit automatically. If IE8 and WMP11, either can be used to launch the attack, but both pop dialog boxes asking the user if execution should continue. This exploit detects if non-intrusive mechanisms are available and will use one if possible. In the case of both IE8 and WMP11, the exploit defaults to using an iframe on IE8, but is configurable by setting the DIALOGMECH option to "none" or "player".
Author:Tavis Ormandy
Homepage:http://www.metasploit.com
File Size:11486
Related OSVDB(s):65264
Related CVE(s):CVE-2010-1885
Last Modified:Jul 14 00:36:35 2010
MD5 Checksum:fe6a8f0469f30f0e780266ef8452f14b

 ///  File Name: iscriptssocialware-shell.txt
Description:
iScripts SocialWare version 2.2.x suffers from a shell upload vulnerability.
Author:Salvatore Fresta
File Size:10799
Last Modified:Jul 3 12:54:03 2010
MD5 Checksum:08bd1d84448a5888400ad3c4bb7b677f

 ///  File Name: facebookpa-sql.txt
Description:
The Facebook Political Action application suffers from a remote SQL injection vulnerability that can in turn result in a full shell.
Author:Inj3ct0r
File Size:10696
Last Modified:Jul 19 20:46:05 2010
MD5 Checksum:f10693469449eb7d70ea75df1d29a136

 ///  File Name: freecivet-dos.tgz
Description:
Freeciv version 2.2.1 suffers from denial of service vulnerabilities. Exploit included.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
File Size:9749
Last Modified:Jul 8 00:57:26 2010
MD5 Checksum:deff349fc50ba12ad45826da23b81f72

 ///  File Name: editran-overflow.txt
Description:
Editran editcp version 4.1 R7 suffers from a remote buffer overflow vulnerability.
Author:Pedro Andujar
File Size:8866
Last Modified:Jul 6 15:55:47 2010
MD5 Checksum:99add1af6145e9a9fb8e2e9814bfa8cc