Section:  .. / 1009-exploits  /

Page 9 of 13
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 >> Files 200 - 225 of 305
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: moovida-dllhijack.tgz
Description:
Moovida Media Player versions 2.0.0.15 and below DLL hijacking exploit.
Author:Aung Khant
Homepage:http://yehg.net/
File Size:11434
Last Modified:Sep 2 23:06:50 2010
MD5 Checksum:a822bb5288d37ba5b82362025654c4e9

 ///  File Name: motorito-sqlxss.txt
Description:
Motorito versions prior to 2.0 Ni 483 suffer from cross site scripting and remote SQL injection vulnerabilities.
Author:Mario Diaz Caldera
File Size:4180
Last Modified:Sep 23 21:58:17 2010
MD5 Checksum:87298e11ee836e66e020834c3d23217c

 ///  File Name: mp3-workstation.rb.txt
Description:
MP3 Workstation version 9.2.1.1.2 SEH exploit to be used with the Metasploit Framework.
Author:MadjiX
File Size:2201
Last Modified:Sep 22 21:06:30 2010
MD5 Checksum:df1a851bbcbf003f06773d29d8577c06

 ///  File Name: mp3workstation-seh.txt
Description:
MP3 Workstation version 9.2.1.1.2 SEH overwrite exploit that creates a malicious .pls file.
Author:Sanjeev Gupta
File Size:1657
Last Modified:Sep 15 20:13:02 2010
MD5 Checksum:842ec3a67f364cc276b21beba4217f74

 ///  File Name: ms10_061_spoolss.rb.txt
Description:
This Metasploit module exploits the RPC service impersonation vulnerability detailed in Microsoft Bulletin MS10-061. By making a specific DCE RPC request to the StartDocPrinter procedure, an attacker can impersonate the Printer Spooler service to create a file. The working directory at the time is %SystemRoot%\\\\system32. An attacker can specify any file name, including directory traversal or full paths. By sending WritePrinter requests, an attacker can fully control the content of the created file. In order to gain code execution, this module writes an EXE and then (ab)uses the impersonation vulnerability a second time to create a secondary RPC connection to the \\\\PIPE\\\\ATSVC named pipe. We then proceed to create a remote AT job using a blind NetrJobAdd RPC call.
Author:hdm,jduck
Homepage:http://www.metasploit.com
File Size:13690
Related OSVDB(s):67988
Related CVE(s):CVE-2010-2729
Last Modified:Sep 21 14:32:51 2010
MD5 Checksum:0580f4d44dd64fd3314f7ef5a0b654d1

 ///  File Name: msiis6-dos.pdf
Description:
Microsoft IIS 6 suffers from an ASP denial of service stack overflow vulnerability.
Author:Kingcope
File Size:118185
Last Modified:Sep 30 22:26:31 2010
MD5 Checksum:a9ece1eff3afaf400e4f997e4db9745c

 ///  File Name: msnetobj-overflowdos.txt
Description:
Microsoft DRM technology suffers from Active-x related buffer overflow and denial of service vulnerabilities.
Author:Asheesh Kumar Mani Tripathi
File Size:4967
Last Modified:Sep 18 14:57:33 2010
MD5 Checksum:8f594583273a077238965c33a2966578

 ///  File Name: msvidctl-activex.txt
Description:
Microsoft DirectX 9 Video Mixer Renderer suffers from Active-X related overflows in msvidctl.dll.
Author:Asheesh Kumar Mani Tripathi
File Size:5763
Last Modified:Sep 25 15:18:05 2010
MD5 Checksum:4d6ceac448bac02697fa93c361f889a5

 ///  File Name: MVSA-10-002.txt
Description:
Multiple persistent and reflected Cross-Site Scripting (XSS) vulnerabilities were identified in Security Console (Admin Console), Message Center Classic and Message Center II services of Google Message Security (powered by Postini).
Author:Dr. Marian Ventuneac
File Size:4007
Last Modified:Sep 15 21:10:09 2010
MD5 Checksum:d787d35d1432d68b726179b34705a9f1

 ///  File Name: MVSA-10-007.txt
Description:
Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6 and 2.5) is vulnerable to multiple persistent and reflected XSS attacks. When exploited by an external/internal attacker, such identified vulnerabilities could lead to Session Hijack, Information Disclosure, force installation of malicious file or Trojan on users' PCs, etc.
Author:Dr. Marian Ventuneac
File Size:3285
Related CVE(s):CVE-2010-0152
Last Modified:Sep 13 21:03:00 2010
MD5 Checksum:d000347eefac0631f9db2c32676ba011

 ///  File Name: MVSA-10-008.txt
Description:
Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6) is vulnerable to an Insecure Direct Object Reference vulnerability. When exploited by an authenticated attacker, such vulnerability could lead to compromising the security of the appliance, allowing OS command execution, local file inclusion resulting in exposure of appliance configuration files, source code, etc.
Author:Dr. Marian Ventuneac
File Size:1655
Related CVE(s):CVE-2010-0154
Last Modified:Sep 13 21:25:48 2010
MD5 Checksum:3fc270ecdc1794cc8d007e37a8664b2d

 ///  File Name: MVSA-10-009.txt
Description:
Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6) is vulnerable to a CRLF Injection vulnerability. When exploited by an authenticated attacker, such vulnerability could lead to compromising the security of the appliance, allowing injection of custom HTTP cookies, forcing external redirects, potential HTTP Response Splitting attacks, etc.
Author:Dr. Marian Ventuneac
File Size:2056
Related CVE(s):CVE-2010-0155
Last Modified:Sep 13 21:26:47 2010
MD5 Checksum:b33fa31884cc24654eed0944f1b1330c

 ///  File Name: myhobbysite-sql.txt
Description:
MyHobbySite version 1.01 suffers from bypass and remote SQL injection vulnerabilities.
Author:YuGj VN
File Size:1994
Last Modified:Sep 12 21:01:59 2010
MD5 Checksum:0383f8c6c39fbd39ffa1f477b6eea75e

 ///  File Name: myphpauction-sql.txt
Description:
MyPHPAuction version 2010 suffers from a remote SQL injection vulnerability.
Author:BorN To K!LL
File Size:601
Last Modified:Sep 29 15:43:13 2010
MD5 Checksum:a3fb8efd849a80808c9d929106a9fa59

 ///  File Name: netscape-crossdomain.txt
Description:
Netscape version 9.0.0.6 suffers from a cross domain vulnerability.
Author:Securitylab Security Research
Homepage:http://securitylab.ir/
File Size:310
Last Modified:Sep 23 22:24:09 2010
MD5 Checksum:6e2430c4ae44c7b8bbadafc3c5f5ee3b

 ///  File Name: novelliprint_callbackurl.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow in Novell iPrint Client 5.42. When sending an overly long string to the 'call-back-url' parameter in an op-client-interface-version action of ienipp.ocx an attacker may be able to execute arbitrary code.
Author:Trancer
Homepage:http://www.metasploit.com
File Size:5440
Related OSVDB(s):67411
Related CVE(s):CVE-2010-1527
Last Modified:Sep 21 18:46:34 2010
MD5 Checksum:80269d9e5705e85962cc7e26d8957a01

 ///  File Name: novelliprint_executerequest_dbg.rb...>
Description:
This Metasploit module exploits a stack-based buffer overflow in Novell iPrint Client 5.40. When sending an overly long string to the 'debug' parameter in ExecuteRequest() property of ienipp.ocx an attacker may be able to execute arbitrary code.
Author:Trancer
Homepage:http://www.metasploit.com
File Size:5695
Related OSVDB(s):66960
Related CVE(s):CVE-2010-3106
Last Modified:Sep 21 18:45:05 2010
MD5 Checksum:4c82e48d18c60cbb339bae8863c7b2e3

 ///  File Name: nws007-lfi.txt
Description:
NWS Classifieds 007 suffers from a local file inclusion vulnerability.
Author:John Leitch
File Size:885
Last Modified:Sep 15 21:18:05 2010
MD5 Checksum:968fac90012a0a1c317513367fbb9f12

 ///  File Name: onecms-xss.txt
Description:
OneCMS version 2.6.1 suffers from a cross site scripting vulnerability.
Author:anT!-Tr0J4n
File Size:897
Last Modified:Sep 2 23:45:56 2010
MD5 Checksum:740f705d0901e689fd0d4c44af86aedf

 ///  File Name: opencart-shell.txt
Description:
Opencart version 1.4.9.1 suffers from a shell upload vulnerability.
Author:Net.Edit0r
File Size:1476
Last Modified:Sep 20 21:07:56 2010
MD5 Checksum:59b03e2bbe7f453fe3bbaf4d48137a2e

 ///  File Name: openjournalsystem-xss.txt
Description:
OpenJournalSystem suffers from stored cross site scripting vulnerabilities.
Author:Sweet
File Size:2981
Last Modified:Sep 8 01:09:34 2010
MD5 Checksum:4afa498b46d5dd7cabc96aaa6759a8fe

 ///  File Name: opentext-xsrfxss.txt
Description:
OpenText LiveLink version 9.7.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
Author:Alejandro Ramos
File Size:2277
Last Modified:Sep 23 20:25:10 2010
MD5 Checksum:1308dc00b81df7b8ede5e979d8c5a0d4

 ///  File Name: osdate-shell.txt
Description:
osDate suffers from a remote shell upload vulnerability in uploadvideos.php.
Author:Xa7m3d
File Size:1650
Last Modified:Sep 13 20:49:37 2010
MD5 Checksum:3261b524af230cbffa73229019bf0081

 ///  File Name: ovbb-lfi.txt
Description:
OvBB version 0.16a suffers from multiple local file inclusion vulnerabilities.
Author:cOndemned
Homepage:http://condemned.r00t.la/
File Size:4192
Last Modified:Sep 23 22:01:46 2010
MD5 Checksum:2d06eb84884b24291becb61c44f02af8

 ///  File Name: pbboard-shellsqlxss.txt
Description:
PBBoard version 2.1.1 suffers from cross site scripting, SQL injection and shell upload vulnerabilities.
Author:jiko
File Size:1823
Last Modified:Sep 27 22:15:09 2010
MD5 Checksum:cb7c2d3a32bf71b1ac9cc062739e3d44