Section:  .. / 1009-exploits  /

Page 1 of 13
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 >> Files 1 - 25 of 305
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: hpdata-dos.tgz
Description:
HP Data Protector Media Operations version 6.11 suffers from local NULL pointer dereference denial of service vulnerabilities.
Author:d0lc3
File Size:1938634
Last Modified:Sep 12 21:17:45 2010
MD5 Checksum:fbe95dcdae7f0bd512c3484242f2fa7c

 ///  File Name: moaub-aqt.txt
Description:
Month Of Abysssec Undisclosed Bugs - Apple QuickTime player version 7.6.5 suffers from a remote code execution vulnerability.
Author:Abysssec,Shahin
Homepage:http://www.abysssec.com/
File Size:1067588
Related CVE(s):CVE-2010-0520
Last Modified:Sep 18 14:47:28 2010
MD5 Checksum:b65cedab3abbedcaca437a4def1b6c0a

 ///  File Name: joomla-xsrf.tgz
Description:
Joomla version 1.5.x suffers from a cross site request forgery vulnerability.
Author:Beenu Arora
File Size:954436
Last Modified:Sep 22 20:30:53 2010
MD5 Checksum:57051ad48c499fd64ab369e0e9960e0f

 ///  File Name: moaub-excel.tgz
Description:
Month Of Abysssec Undisclosed Bugs - Microsoft Excel suffers from a HFPicture record parsing remote code execution vulnerability. Proof of concept included.
Author:Abysssec,Shahin
Homepage:http://www.abysssec.com/
File Size:896364
Related CVE(s):CVE-2010-1248
Last Modified:Sep 16 20:27:25 2010
MD5 Checksum:9d89886d8219fada9d01c86bd5e23680

 ///  File Name: moaub21-excel.tgz
Description:
Month Of Abysssec Undisclosed Bugs - Microsoft Excel suffers from a WOPT record parsing heap memory corruption vulnerability. Proof of concept included.
Author:Abysssec,Shahin
Homepage:http://www.abysssec.com/
File Size:624448
Related CVE(s):CVE-2010-0824
Last Modified:Sep 21 18:59:01 2010
MD5 Checksum:312e375131ffd5c847ea5ffed7b32309

 ///  File Name: moaub29-msexcel.tgz
Description:
Month Of Abysssec Undisclosed Bugs - Microsoft Excel suffers from a SxView record parsing heap memory corruption vulnerability.
Author:Abysssec,Shahin
Homepage:http://www.abysssec.com/
File Size:568468
Related CVE(s):CVE-2010-1245
Last Modified:Sep 29 16:06:09 2010
MD5 Checksum:c3f32248b631cd7cc20497552726364e

 ///  File Name: moaub23-hfpicture.tgz
Description:
Month Of Abysssec Undisclosed Bugs - Microsoft Excel suffers from a HFPicture record parsing memory corruption vulnerability. Proof of concept included.
Author:Abysssec,Shahin
Homepage:http://www.abysssec.com/
File Size:536780
Last Modified:Sep 23 22:11:23 2010
MD5 Checksum:67fd424e7f07751c4342483ca17f638e

 ///  File Name: cybsecachievo-xsrf.pdf
Description:
CYBSEC Security Advisory - Achievo version 1.4.3 suffers from cross site request forgery vulnerabilities. Proof of concept code included.
Author:Pablo G. Milano
Homepage:http://www.cybsec.com/
File Size:262283
Last Modified:Sep 28 22:02:09 2010
MD5 Checksum:f3279d958d59bbd04764b7c38f0014c1

 ///  File Name: cybsecachievo-auth.pdf
Description:
CYBSEC Security Advisory - Achievo version 1.4.3 suffers from multiple authorization flaws. Proof of concept code included.
Author:Pablo G. Milano
Homepage:http://www.cybsec.com/
File Size:258714
Last Modified:Sep 28 21:58:37 2010
MD5 Checksum:00e54c284fce08ce6643c395d83e73c3

 ///  File Name: msiis6-dos.pdf
Description:
Microsoft IIS 6 suffers from an ASP denial of service stack overflow vulnerability.
Author:Kingcope
File Size:118185
Last Modified:Sep 30 22:26:31 2010
MD5 Checksum:a9ece1eff3afaf400e4f997e4db9745c

 ///  File Name: moaub-quicktime.txt
Description:
Month Of Abysssec Undisclosed Bugs - Apple QuickTime player version 7.6.5 FlashPix NumberOfTiles remote code execution exploit.
Author:Abysssec,Shahin
Homepage:http://www.abysssec.com/
File Size:34415
Related CVE(s):CVE-2010-0519
Last Modified:Sep 2 22:57:48 2010
MD5 Checksum:3b8e0f535bf0ba3739f15044c0249d16

 ///  File Name: ABftw.c
Description:
Linux Kernel x86_64 MCAST_MSFILTER local root exploit.
Author:Ac1db1tch3z
File Size:24351
Last Modified:Sep 16 20:33:31 2010
MD5 Checksum:e73c4ee8fe9a923c477267b05c2a9c48

 ///  File Name: integard-pro.rb.txt
Description:
This Metasploit module exploits a stack buffer overflow in Race river's Integard Home/Pro internet content filter HTTP Server. Versions prior to 2.0.0.9037 and 2.2.0.9037 are vulnerable. The administration web page on port 18881 is vulnerable to a remote buffer overflow attack. By sending an long character string in the password field, both the structured exception handler and the saved extended instruction pointer are over written, allowing an attacker to gain control of the application and the underlying operating system remotely. The administration website service runs with SYSTEM privileges, and automatically restarts when it crashes.
Author:Lincoln,Node,Nullthreat,Rick,corelanc0d3r,jduck
Homepage:http://www.metasploit.com
File Size:18531
Related OSVDB(s):67909
Last Modified:Sep 15 20:14:41 2010
MD5 Checksum:bb6a939603cc7cb3cca5941b99529d4a

 ///  File Name: moaub-adobenewclass.txt
Description:
Month Of Abysssec Undisclosed Bugs - Adobe Acrobat Reader and Flash Player suffer from a "newclass" invalid pointer vulnerability.
Author:Abysssec,Shahin
Homepage:http://www.abysssec.com/
File Size:13937
Related CVE(s):CVE-2010-1297
Last Modified:Sep 1 16:08:18 2010
MD5 Checksum:e44475e68ca437d68b131cf63c343d95

 ///  File Name: ms10_061_spoolss.rb.txt
Description:
This Metasploit module exploits the RPC service impersonation vulnerability detailed in Microsoft Bulletin MS10-061. By making a specific DCE RPC request to the StartDocPrinter procedure, an attacker can impersonate the Printer Spooler service to create a file. The working directory at the time is %SystemRoot%\\\\system32. An attacker can specify any file name, including directory traversal or full paths. By sending WritePrinter requests, an attacker can fully control the content of the created file. In order to gain code execution, this module writes an EXE and then (ab)uses the impersonation vulnerability a second time to create a secondary RPC connection to the \\\\PIPE\\\\ATSVC named pipe. We then proceed to create a remote AT job using a blind NetrJobAdd RPC call.
Author:hdm,jduck
Homepage:http://www.metasploit.com
File Size:13690
Related OSVDB(s):67988
Related CVE(s):CVE-2010-2729
Last Modified:Sep 21 14:32:51 2010
MD5 Checksum:0580f4d44dd64fd3314f7ef5a0b654d1

 ///  File Name: adobe_cooltype_sing.rb.txt
Description:
This Metasploit module exploits a vulnerability in the Smart INdependent Glyplets (SING) table handling within versions 8.2.4 and 9.3.4 of Adobe Reader. Prior version are assumed to be vulnerable as well.
Author:jduck,neox_fx,sn0wfl0w,vicheck
Homepage:http://www.metasploit.com
File Size:13655
Related OSVDB(s):67849
Related CVE(s):CVE-2010-2883
Last Modified:Sep 8 22:05:40 2010
MD5 Checksum:a074bbb270cee3663e6a624314d93a55

 ///  File Name: moovida-dllhijack.tgz
Description:
Moovida Media Player versions 2.0.0.15 and below DLL hijacking exploit.
Author:Aung Khant
Homepage:http://yehg.net/
File Size:11434
Last Modified:Sep 2 23:06:50 2010
MD5 Checksum:a822bb5288d37ba5b82362025654c4e9

 ///  File Name: cve-2010-3437.c
Description:
Linux kernel versions prior to 2.6.36-rc6 pktcdvd kernel memory disclosure exploit.
Author:Jon Oberheide
File Size:9612
Related CVE(s):CVE-2010-3437
Last Modified:Sep 29 15:48:02 2010
MD5 Checksum:bd262a32a99c96cc365a054ad47cdf65

 ///  File Name: fbsdpmap-racecondition.txt
Description:
FreeBSD versions 7.3 and 8.1 suffer from a vm.pmap kernel local race condition denial of service vulnerability.
Author:Maksymilian Arciemowicz
File Size:8649
Last Modified:Sep 8 22:03:24 2010
MD5 Checksum:1b199d7aac81714fd93982f73df8a96d

 ///  File Name: moaub-rainbowportal.txt
Description:
Month Of Abysssec Undisclosed Bugs - Rainbow Portal version 2.0 suffers from login weakness, cross site scripting and remote SQL injection vulnerabilities.
Author:Abysssec,Shahin
Homepage:http://www.abysssec.com/
File Size:7143
Last Modified:Sep 2 22:54:57 2010
MD5 Checksum:8ae0ef410cda573b1cdcf2b600096f27

 ///  File Name: TWSL2010-005.txt
Description:
FreePBX versions 2.8.0 and below suffer from a remote code execution vulnerability.
Homepage:http://www.trustwave.com/
File Size:7127
Related CVE(s):CVE-2010-3490
Last Modified:Sep 23 22:27:06 2010
MD5 Checksum:cb5cb33f8f49b55305355e9f6eae3add

 ///  File Name: webspellwcms-sql.txt
Description:
webSPELL wCMS-Clanscript version 4.01.02net remote blind SQL injection exploit.
Author:Easy Laster
File Size:7125
Last Modified:Sep 29 15:41:46 2010
MD5 Checksum:92e9ce3ba320c9d34ee26518adbc9bf3

 ///  File Name: audiotran1424-sehoverwrite.txt
Description:
Audiotran version 1.4.2.4 SEH overflow exploit with DEP bypass.
Author:Muhamad Fadzil Ramli
File Size:6977
Last Modified:Sep 20 20:16:59 2010
MD5 Checksum:6b40dbbef54d0c80cabc4f93df3ef84a

 ///  File Name: tftpdwin-traversal.txt
Description:
TFTPDWIN version 0.4.2 suffers from a directory traversal vulnerability.
Author:chr1x
File Size:6884
Last Modified:Sep 1 16:18:58 2010
MD5 Checksum:f656003b3289d7a806b0ae3a44cd7add

 ///  File Name: moaub-interphoto.txt
Description:
Month Of Abysssec Undisclosed Bugs - InterPhoto Gallery versions 2.4.0 and below suffer from shell upload, cross site request forgery, cross site scripting and disclosure vulnerabilities.
Author:Abysssec
Homepage:http://www.abysssec.com/
File Size:6853
Last Modified:Sep 7 22:21:13 2010
MD5 Checksum:a6768e07dec4e4fbd8cb30f8d2b5b415