Section:  .. / 1009-exploits  /

Page 8 of 13
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 >> Files 175 - 200 of 305
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: integard-pro.rb.txt
Description:
This Metasploit module exploits a stack buffer overflow in Race river's Integard Home/Pro internet content filter HTTP Server. Versions prior to 2.0.0.9037 and 2.2.0.9037 are vulnerable. The administration web page on port 18881 is vulnerable to a remote buffer overflow attack. By sending an long character string in the password field, both the structured exception handler and the saved extended instruction pointer are over written, allowing an attacker to gain control of the application and the underlying operating system remotely. The administration website service runs with SYSTEM privileges, and automatically restarts when it crashes.
Author:Lincoln,Node,Nullthreat,Rick,corelanc0d3r,jduck
Homepage:http://www.metasploit.com
File Size:18531
Related OSVDB(s):67909
Last Modified:Sep 15 20:14:41 2010
MD5 Checksum:bb6a939603cc7cb3cca5941b99529d4a

 ///  File Name: mp3workstation-seh.txt
Description:
MP3 Workstation version 9.2.1.1.2 SEH overwrite exploit that creates a malicious .pls file.
Author:Sanjeev Gupta
File Size:1657
Last Modified:Sep 15 20:13:02 2010
MD5 Checksum:842ec3a67f364cc276b21beba4217f74

 ///  File Name: pixelpost173-xsrfxss.txt
Description:
PixelPost version 1.7.3 suffers from cross site request forgery and cross site scripting vulnerabilities.
Author:Sweet
File Size:3508
Last Modified:Sep 15 20:11:58 2010
MD5 Checksum:cfab11e8683d294b05c5504b78196fb6

 ///  File Name: robert_you_suck.c
Description:
Local root exploit for the x86_64 Linux kernel ia32syscall emulation vulnerability. This is a variant of a vulnerability found back in 2007.
Author:Ben Hawkes,Pawel Pisarczyk,Robert Swiecki,Venglin,Wojciech Purczynski
Related Exploit:linux-syscall.txt
File Size:5105
Related CVE(s):CVE-2007-4573, CVE-2010-3301
Last Modified:Sep 15 20:04:42 2010
MD5 Checksum:2f03e8832849e0defbb98ca079107559

 ///  File Name: ibmicalendar-overflow.txt
Description:
IBM Lotus Domino iCalendar suffers from an email address stack buffer overflow vulnerability. Versions 8.0 and 8.5 are affected.
Author:A. Plaskett
File Size:5104
Last Modified:Sep 14 22:26:05 2010
MD5 Checksum:2ed030ce30d89e47e7898dbe7a78a64c

 ///  File Name: exoopport-sql.txt
Description:
E-Xoopport - Samsara versions 3.1 and below suffer from a remote blind SQL injection vulnerability.
Author:Dante90,_mRkZ_
Homepage:http://www.warwolfz.org/
File Size:5577
Last Modified:Sep 14 22:21:53 2010
MD5 Checksum:99debf3a08947c0dcd6b219fc8925718

 ///  File Name: moaub-iprint.txt
Description:
Month Of Abysssec Undisclosed Bugs - The Novell iPrint client browser plug-in suffers from a parameter stack overflow vulnerability.
Author:Abysssec,Shahin
Homepage:http://www.abysssec.com/
File Size:2253
Last Modified:Sep 14 20:22:36 2010
MD5 Checksum:e8b5255c49c0ca6e4011ccb11175a30e

 ///  File Name: moaub-fdf.txt
Description:
Month Of Abysssec Undisclosed Bugs - Free Discussion Forum version 1.0 suffers from administrative access and cross site scripting vulnerabilities.
Author:Abysssec
Homepage:http://www.abysssec.com/
File Size:2454
Last Modified:Sep 14 20:20:23 2010
MD5 Checksum:e42a9867a7ec8e34f3b18a517bd2728f

 ///  File Name: joomlajgen-sql.txt
Description:
The Joomla JGen component version 0.9.33 suffers from a remote SQL injection vulnerability.
Author:RoAd_KiLlEr
File Size:2396
Last Modified:Sep 14 20:18:55 2010
MD5 Checksum:94281a247dfcdef036718ec76f437903

 ///  File Name: MVSA-10-009.txt
Description:
Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6) is vulnerable to a CRLF Injection vulnerability. When exploited by an authenticated attacker, such vulnerability could lead to compromising the security of the appliance, allowing injection of custom HTTP cookies, forcing external redirects, potential HTTP Response Splitting attacks, etc.
Author:Dr. Marian Ventuneac
File Size:2056
Related CVE(s):CVE-2010-0155
Last Modified:Sep 13 21:26:47 2010
MD5 Checksum:b33fa31884cc24654eed0944f1b1330c

 ///  File Name: MVSA-10-008.txt
Description:
Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6) is vulnerable to an Insecure Direct Object Reference vulnerability. When exploited by an authenticated attacker, such vulnerability could lead to compromising the security of the appliance, allowing OS command execution, local file inclusion resulting in exposure of appliance configuration files, source code, etc.
Author:Dr. Marian Ventuneac
File Size:1655
Related CVE(s):CVE-2010-0154
Last Modified:Sep 13 21:25:48 2010
MD5 Checksum:3fc270ecdc1794cc8d007e37a8664b2d

 ///  File Name: adobelifecycle-dllhijack.txt
Description:
Adobe LifeCycle ES suffers from a DLL hijacking vulnerability. Version 8.2.1.3144.1.471865 is affected.
Author:AmnPardaz Security Research Team
Homepage:http://www.bugreport.ir/
File Size:2304
Last Modified:Sep 13 21:19:40 2010
MD5 Checksum:8024adc3732c3e3bedff108779558abc

 ///  File Name: joomlamosets-shell.txt
Description:
The Joomla Mosets Tree component version 2.1.5 suffers from a shell upload vulnerability.
Author:jdc
File Size:1449
Last Modified:Sep 13 21:17:34 2010
MD5 Checksum:f792ec32a686b3104d77a622deb17ade

 ///  File Name: moaub-realplayer.txt
Description:
Month Of Abysssec Undisclosed Bugs - RealPlayer SP 1.1.4 suffers from FLV parsing integer overflows.
Author:Abysssec,Shahin
Homepage:http://www.abysssec.com/
File Size:1324
Related CVE(s):CVE-2010-3000
Last Modified:Sep 13 21:14:04 2010
MD5 Checksum:a22818213644013b9a744e4f415c21eb

 ///  File Name: moaub-luftguitar.txt
Description:
Month Of Abysssec Undisclosed Bugs - Luftguitar CMS version 2.0.2 suffers from an arbitrary file upload vulnerability.
Author:Abysssec
Homepage:http://www.abysssec.com/
File Size:1137
Last Modified:Sep 13 21:09:39 2010
MD5 Checksum:b3f19073a448e76659e84800c4995386

 ///  File Name: MVSA-10-007.txt
Description:
Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6 and 2.5) is vulnerable to multiple persistent and reflected XSS attacks. When exploited by an external/internal attacker, such identified vulnerabilities could lead to Session Hijack, Information Disclosure, force installation of malicious file or Trojan on users' PCs, etc.
Author:Dr. Marian Ventuneac
File Size:3285
Related CVE(s):CVE-2010-0152
Last Modified:Sep 13 21:03:00 2010
MD5 Checksum:d000347eefac0631f9db2c32676ba011

 ///  File Name: aasmtp-dos.txt
Description:
AA SMTP Server version 1.1 crash proof of concept exploit.
Author:SONiC
File Size:1645
Last Modified:Sep 13 20:56:31 2010
MD5 Checksum:b8d925134ddf6034ba82c3f6289c2779

 ///  File Name: kingsoftav-overflow.txt
Description:
Kingsoft Antivirus versions 2010.04.26.648 and below kernel buffer overflow exploit.
Author:Lufeng Li
File Size:1173
Last Modified:Sep 13 20:53:35 2010
MD5 Checksum:b5fb552546a7107e5c0448fc076d5a1e

 ///  File Name: ucenter-sql.txt
Description:
UCenter Home version 2.0 suffers from a remote SQL injection vulnerability.
Author:KnocKout
File Size:1764
Last Modified:Sep 13 20:52:09 2010
MD5 Checksum:9ae4a9355807a0d4298bc64963d8a07a

 ///  File Name: storyteller-lfi.txt
Description:
Storyteller CMS suffers from a local file inclusion vulnerability.
Author:BorN To K!LL
File Size:711
Last Modified:Sep 13 20:50:54 2010
MD5 Checksum:4ffc0a8f716146743710e6782c63d34d

 ///  File Name: osdate-shell.txt
Description:
osDate suffers from a remote shell upload vulnerability in uploadvideos.php.
Author:Xa7m3d
File Size:1650
Last Modified:Sep 13 20:49:37 2010
MD5 Checksum:3261b524af230cbffa73229019bf0081

 ///  File Name: hpdata-dos.tgz
Description:
HP Data Protector Media Operations version 6.11 suffers from local NULL pointer dereference denial of service vulnerabilities.
Author:d0lc3
File Size:1938634
Last Modified:Sep 12 21:17:45 2010
MD5 Checksum:fbe95dcdae7f0bd512c3484242f2fa7c

 ///  File Name: myhobbysite-sql.txt
Description:
MyHobbySite version 1.01 suffers from bypass and remote SQL injection vulnerabilities.
Author:YuGj VN
File Size:1994
Last Modified:Sep 12 21:01:59 2010
MD5 Checksum:0383f8c6c39fbd39ffa1f477b6eea75e

 ///  File Name: systemshop-sql.txt
Description:
System Shop suffers from a remote SQL injection vulnerability.
Author:secret
File Size:1109
Last Modified:Sep 12 20:59:51 2010
MD5 Checksum:127c4f9af715f363d32a9104977c761e

 ///  File Name: alstraaskme-sql.txt
Description:
AlstraSoft AskMe Pro version 2.1 suffers from a remote SQL injection vulnerability in forum_answer.php.
Author:Amine_92
File Size:1022
Last Modified:Sep 12 20:32:18 2010
MD5 Checksum:f344a53bcc28e5ece3f2c6e687bf8e82