Section:  .. / 1007-exploits  /

Page 2 of 16
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 >> Files 25 - 50 of 378
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: libpng-dos.txt
Description:
libpng versions 1.4.2 and below denial of service exploit.
Author:kripthor
File Size:8671
Related CVE(s):CVE-2010-1205
Last Modified:Jul 20 20:45:44 2010
MD5 Checksum:7f1073c36bb1f2f8c8da6c89ec9a2380

 ///  File Name: sunjavawebserver70-overflow.txt
Description:
Sun Java Web Server version 7.0 update 7 remote stack overflow exploit that is capable of bypassing DEP. In order to do this it uses ROP to invoke SetProcessDEPPolicy(). This is the second version of this exploit.
Author:Dominic Chell
File Size:8597
Related CVE(s):CVE-2010-0361
Last Modified:Jul 9 11:55:05 2010
MD5 Checksum:b4bc12d05fef465f901186598f1165c3

 ///  File Name: windows-dcerpc-ms07_029_msdns_zonen..>
Description:
This Metasploit module exploits a stack buffer overflow in the RPC interface of the Microsoft DNS service. The vulnerability is triggered when a long zone name parameter is supplied that contains escaped octal strings. This Metasploit module is capable of bypassing NX/DEP protection on Windows 2003 SP1/SP2.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:8587
Related OSVDB(s):34100
Related CVE(s):CVE-2007-1748
Last Modified:Jul 26 16:18:51 2010
MD5 Checksum:63098092df859e7e334084e3ddb459c8

 ///  File Name: syndeocms-xss.txt
Description:
SyndeoCMS versions 2.9.0 and below suffer from multiple cross site scripting vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:8190
Last Modified:Jul 27 20:04:21 2010
MD5 Checksum:7968a477727cac0314791654ba903d9f

 ///  File Name: windows-smb-ms07_029_msdns_zonename..>
Description:
This Metasploit module exploits a stack buffer overflow in the RPC interface of the Microsoft DNS service. The vulnerability is triggered when a long zone name parameter is supplied that contains escaped octal strings. This Metasploit module is capable of bypassing NX/DEP protection on Windows 2003 SP1/SP2. This Metasploit module exploits the RPC service using the \\\\DNSSERVER pipe available via SMB. This pipe requires a valid user account to access, so the SMBUSER and SMBPASS options must be specified.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:8074
Related OSVDB(s):34100
Related CVE(s):CVE-2007-1748
Last Modified:Jul 26 16:19:15 2010
MD5 Checksum:13ee9c64d141d0397e165c1fa9112fa0

 ///  File Name: ibmaix5l-hash.txt
Description:
AIX 5l with FTP server remote root hash disclosure exploit. Creates a coredump including the root user hash from /etc/security/passwd. This is the second version that was written to be more portable between hosts.
Author:Kingcope
File Size:8059
Last Modified:Jul 23 15:19:37 2010
MD5 Checksum:9960734c7ca1d426705d71ffbd6d6444

 ///  File Name: punbbpunpm-sql.txt
Description:
PunBB versions 1.3.x and below with Pun_PM versions 1.2.6 and below remote blind SQL injection exploit.
Author:Dante90
File Size:7628
Last Modified:Jul 27 21:16:23 2010
MD5 Checksum:6e2c0f3eee120f9b20dfae1d6ecb8956

 ///  File Name: CORELAN-10-058.txt
Description:
ActiTime version 2.0-MA suffers from a cross site request forgery vulnerability.
Author:Markot
Homepage:http://www.corelan.be/
File Size:7514
Last Modified:Jul 16 22:19:11 2010
MD5 Checksum:b327bcc93de5ce2ad5988f814a14f454

 ///  File Name: sunjavawebserver-overflow.txt
Description:
Sun Java Web Server version 7.0 update 7 remote stack overflow exploit.
Author:Dominic Chell
File Size:7075
Related CVE(s):CVE-2010-0361
Last Modified:Jul 3 15:12:56 2010
MD5 Checksum:e89f7a89d0fbf46da6b8e234f3d4e54c

 ///  File Name: spitfire-xss.txt
Description:
Spitfire versions 1.0.336 and below suffer from multiple cross site scripting vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:6818
Last Modified:Jul 22 21:30:31 2010
MD5 Checksum:bd46e5ae3f1c129034413a74ba2f1b7e

 ///  File Name: minercpp-overflow.txt
Description:
minerCPP version 0.4b buffer overflow and format string exploit.
Author:l3D
File Size:6625
Last Modified:Jul 6 17:04:31 2010
MD5 Checksum:7c049bd908f40b8fc681614a0daa5322

 ///  File Name: lucidlynx-overflow.txt
Description:
Ubuntu 10.04 LTS - Lucid Lynx FTP Client version 0.17-19build1 suffers from a buffer overflow vulnerability related to the ACCT command.
Author:d0lc3
File Size:6496
Last Modified:Jul 23 20:30:31 2010
MD5 Checksum:24510248419f3e20285e695271783c3f

 ///  File Name: sumatrapdf-dos.txt
Description:
Sumatra PDF Reader version 1.1 denial of service exploit that creates a malicious .pdf file.
Author:Azim Poonawala
File Size:6409
Last Modified:Jul 1 01:58:08 2010
MD5 Checksum:bdffc31148b72bd484869957f39f4e3e

 ///  File Name: pixie-xssxsrf.txt
Description:
Pixie version 1.0.4 suffers from cross site request forgery and cross site scripting vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:6260
Last Modified:Jul 15 23:09:20 2010
MD5 Checksum:f3c2ff0241e0d5adbdf58a568269c930

 ///  File Name: chain_reply.rb.txt
Description:
This exploits a memory corruption vulnerability present in Samba versions prior to 3.3.13. When handling chained response packets, Samba fails to validate the offset value used when building the next part. By setting this value to a number larger than the destination buffer size, an attacker can corrupt memory. Additionally, setting this value to a value smaller than 'smb_wct' (0x24) will cause the header of the input buffer chunk to be corrupted. After close inspection, it appears that 3.0.x versions of Samba are not exploitable. Since they use an "InputBuffer" size of 0x20441, an attacker cannot cause memory to be corrupted in an exploitable way. It is possible to corrupt the heap header of the "InputBuffer", but it didn't seem possible to get the chunk to be processed again prior to process exit. In order to gain code execution, this exploit attempts to overwrite a "talloc chunk" destructor function pointer. This particular module is capable of exploiting the flaw on x86 Linux systems that do not have the nx memory protection. NOTE: It is possible to make exploitation attempts indefinitely since Samba forks for user sessions in the default configuration.
Author:jduck
Homepage:http://www.metasploit.com
File Size:6093
Related OSVDB(s):65518
Related CVE(s):CVE-2010-2063
Last Modified:Jul 16 21:58:31 2010
MD5 Checksum:8062b52a5590ee932de029a55d8641fb

 ///  File Name: ie70-dos.txt
Description:
Internet Explorer 7.0 denial of service proof of concept exploit that leverages the Microsoft Clip Organizer Active-X control.
Author:Beenu Arora,Dinesh Arora
File Size:5669
Last Modified:Jul 20 20:11:02 2010
MD5 Checksum:838cf8c5f0d95417bd4c5aa25b144846

 ///  File Name: ufoalieninvasion221-exec.txt
Description:
UFO: Alien Invasion version 2.2.1 IRC client remote code execution exploit for Max OS X Snow Leopard.
Author:d1dn0t
File Size:5614
Last Modified:Jul 8 16:35:24 2010
MD5 Checksum:2ca56d95d62a8116b54d72c7f9580ea1

 ///  File Name: symantecams-flaw.txt
Description:
Symantec Antivirus Corporate Edition AMS Intel Alert Handler service (hndlrsvc.exe) proof of concept command execution exploit.
Author:Spider
Related File:foofus-20100726.txt
File Size:5229
Last Modified:Jul 28 14:20:54 2010
MD5 Checksum:99af1c5cdd484a0a3d2744bc9ee6a38d

 ///  File Name: zipcentralzip-overflow.txt
Description:
ZipCentral buffer overflow exploit that creates a malicious .zip file.
Author:Jiten Pathy
File Size:5176
Last Modified:Jul 21 20:14:29 2010
MD5 Checksum:d208ed2af0e8b03e1932b4325dc4ec2c

 ///  File Name: dmfilemanager-shell.txt
Description:
DM Filemanager version 3.9.11 suffers from a remote shell upload vulnerability.
Author:eidelweiss
File Size:5107
Last Modified:Jul 26 16:35:43 2010
MD5 Checksum:362db9a6cfc30255e8bd01ff42f7adc5

 ///  File Name: webpress-xss.txt
Description:
WebPress version 01.07.2010 suffers from multiple cross site scripting vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:5079
Last Modified:Jul 15 23:07:38 2010
MD5 Checksum:66ff9fc89450b7cdab79383dd69b0b5b

 ///  File Name: struts2xwork-exec.txt
Description:
Struts2/XWork suffers from a remote command execution vulnerability.
Author:Meder Kydyraliev
File Size:5071
Related CVE(s):CVE-2010-1870
Last Modified:Jul 14 00:47:40 2010
MD5 Checksum:7b3e0de9c487574165854c0ba0e90d8e

 ///  File Name: evocamosx-overflow.txt
Description:
Remote exploit for EvoCam Web Server versions 3.6.6 and 3.6.7 on Snow Leopard. Binds a shell to port 4444.
Author:d1dn0t
File Size:4979
Last Modified:Jul 6 20:22:33 2010
MD5 Checksum:acc2f287d74c9abb83f9bd11a6cf9ee9

 ///  File Name: zenphoto-xsrf.txt
Description:
Zenphoto CMS version 1.3 suffers from multiple cross site request forgery vulnerabilities.
Author:10n1z3d
File Size:4956
Last Modified:Jul 14 20:51:10 2010
MD5 Checksum:154cb4d87898bb0474614ad26f23b967

 ///  File Name: haihaisoft-overflow.txt
Description:
Haihaisoft PDF Reader with OCX control version 1.1.2.0 suffers from a remote buffer overflow vulnerability.
Author:shinnai
File Size:4877
Last Modified:Jul 16 22:08:09 2010
MD5 Checksum:1143781c492509aaa54392191231be99