Section:  .. / 1010-exploits  /

Page 7 of 12
<< 1 2 3 4 5 6 7 8 9 10 11 12 >> Files 150 - 175 of 284
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: libcglob-exhaust.txt
Description:
libc/glob(3) suffers from a resource exhaustion vulnerability. Proof of concept code included. Affected includes OpenBSD 4.7, NetBSD 5.0.2, FreeBSD 7.3/8.1, Oracle Sun Solaris 10 and GNU Libc (glibc).
Author:Maksymilian Arciemowicz
File Size:13964
Related CVE(s):CVE-2010-2632
Last Modified:Oct 8 00:29:28 2010
MD5 Checksum:f182e9fba0c9144d2784309d1df4d468

 ///  File Name: linux-rds-exploit.c
Description:
Linux kernel versions 2.6.36-rc8 and below RDS privilege escalation exploit.
Author:Dan Rosenberg
Homepage:http://www.vsecurity.com/
File Size:6804
Related CVE(s):CVE-2010-3904
Last Modified:Oct 19 23:53:20 2010
MD5 Checksum:54ff3c68fb1a6ff5120c84c765210789

 ///  File Name: linuxwebshell-remoteroot.txt
Description:
Whitepaper discussing how to go from having a webshell to getting remote root using the GNU dynamic linker DSO vulnerability on Debian versions 5.0.6 and below and Ubuntu versions 10.04 and below.
Author:jmit
File Size:4845
Related CVE(s):CVE-2010-3856
Last Modified:Oct 28 07:25:09 2010
MD5 Checksum:b5d2edb70a3955504df2b49334ec19bf

 ///  File Name: lpksetup-dllhijack.txt
Description:
Microsoft Windows Vista/7 suffers from a DLL hijacking vulnerability in lpksetup.exe.
Author:TurboBorland
File Size:1909
Last Modified:Oct 27 01:49:35 2010
MD5 Checksum:7e4c34d2de94b275886a6a3f08e0c3f5

 ///  File Name: mambotrade-xss.txt
Description:
The Mambo Trade component suffers from a cross site scripting vulnerability.
Author:Fl0riX
File Size:867
Last Modified:Oct 11 17:57:42 2010
MD5 Checksum:40165d5480f8edce23b0b6d7ca38d8a3

 ///  File Name: mapcategory-sql.txt
Description:
MAP Category suffers from a remote SQL injection vulnerability.
Author:jos_ali_joe
File Size:1114
Last Modified:Oct 10 18:57:42 2010
MD5 Checksum:a55e3588328a594c47be4a50ad80f0e0

 ///  File Name: massplayer-dos.txt
Description:
Mass Player version 2.1 denial of service exploit that creates a malicious MP3.
Author:Sweet
File Size:651
Last Modified:Oct 19 23:54:49 2010
MD5 Checksum:76881a6008b5a07e9ef3089628b7b944

 ///  File Name: meo-dllhijack.txt
Description:
MEO DLL hijacking exploit that leverages dwmapi.dll.
Author:anT!-Tr0J4n
File Size:3172
Last Modified:Oct 15 04:18:42 2010
MD5 Checksum:e763ca396111c90b1919b6ba8202e6c6

 ///  File Name: message_engine_72.rb.txt
Description:
This Metasploit module exploits a buffer overflow in Computer Associates BrightStor ARCserve Backup 11.1 - 11.5 SP2. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code.
Author:MC
Homepage:http://www.metasploit.com
File Size:2275
Last Modified:Oct 4 23:15:42 2010
MD5 Checksum:7377f23e956ba83120b66fc897b7cc32

 ///  File Name: minalic10-disclose.txt
Description:
MinaliC Webserver 1.0 suffers from remote source disclosure and file download vulnerabilities.
Author:Dr_IDE
File Size:896
Last Modified:Oct 28 05:46:11 2010
MD5 Checksum:0f936d16876ea0c5e0f76ac9db1cfb3f

 ///  File Name: minalic10-dos.py.txt
Description:
MinaliC Webserver version 1.0 suffers from a denial of service vulnerability.
Author:John Leitch
File Size:911
Last Modified:Oct 25 15:44:44 2010
MD5 Checksum:26dfc86d55deb994bf7abebb912ab139

 ///  File Name: minalic10-traversal.txt
Description:
MinaliC Webserver version 1.0 suffers from a directory traversal vulnerability.
Author:John Leitch
File Size:899
Last Modified:Oct 25 15:12:12 2010
MD5 Checksum:2aaef84104b4d0d8af11f4c4ea14182e

 ///  File Name: mp3converter-dllhijack.txt
Description:
MP3 Converter DLL hijacking exploit that leverages iacenc.dll.
Author:anT!-Tr0J4n
File Size:2715
Last Modified:Oct 17 22:09:24 2010
MD5 Checksum:dc857b8d6e15a641ab35c52ca8d4f394

 ///  File Name: ms09_053_ftpd_nlst.rb.txt
Description:
This Metasploit module exploits a stack buffer overflow flaw in the Microsoft IIS FTP service. The flaw is triggered when a special NLST argument is passed while the session has changed into a long directory path. For this exploit to work, the FTP server must be configured to allow write access to the file system (either anonymously or in conjunction with a real account).
Author:H D Moore,Kingcope
Homepage:http://www.metasploit.com
File Size:5309
Related OSVDB(s):57589
Related CVE(s):CVE-2009-3023
Last Modified:Oct 6 21:16:03 2010
MD5 Checksum:2d7090cb831b8a36bb2070fb81db4f50

 ///  File Name: MSSQL_CLR_Stored_Procedure_POC.zip
Description:
Microsoft SQL Server supports so called CLR Stored Procedures which are written in a .NET language and are run directly inside MS SQL Server. If an hijacked account has appropriate permissions, it can be used to run a native payload (inject native code into a new thread) or to tunnel a TCP connection or a shell via the SQL port (needed if the database server is properly firewalled). They can also be combined to tunnel a reverse_tcp payload. Additional permissions, like xp_cmdshell, are not required. This file is a proof of concept that demonstrates this ability.
Author:Michael Schierl
File Size:16550
Last Modified:Oct 11 05:17:26 2010
MD5 Checksum:b4742f2d5c678a6bb59a0a83aa1bd65c

 ///  File Name: msvisio2007.c
Description:
Microsoft Visio 2007 DLL hijacking exploit.
Author:Pepelux
Homepage:http://www.enye-sec.org/
File Size:959
Last Modified:Oct 11 01:01:26 2010
MD5 Checksum:5c9368078c2cc08b0996d36bac2ee54c

 ///  File Name: mswlive2009.c
Description:
Microsoft Windows Live Mail 2009 DLL hijacking exploit.
Author:Pepelux
Homepage:http://www.enye-sec.org/
File Size:1089
Last Modified:Oct 11 00:57:57 2010
MD5 Checksum:e368ac33395fc1c95cfed0f7bea18212

 ///  File Name: multi-dllhijack.txt
Description:
DLL hijacking exploits for Audio Record Expert, Hanso CD Extractor, Hanso Converter, Hanso Tagger, M-Player, Sun VirtualBox, Sweet Midi Player and Ultimate DVD Player.
Author:anT!-Tr0J4n
File Size:26026
Last Modified:Oct 22 02:36:54 2010
MD5 Checksum:4dfc4f3bf982bcc76efd0b802f642e02

 ///  File Name: multisoft-dllhijack.txt
Description:
SmartFTP version 4.0.1142.0, Speak Aloud, The GodFather version 0.80, Vip Rumor Player version 3.7 and Wise Registry Cleaner DLL hijacking exploit.
Author:anT!-Tr0J4n
File Size:19016
Last Modified:Oct 27 01:53:22 2010
MD5 Checksum:c118c7246cd7c320e8d8391e21902f12

 ///  File Name: mvt-dllhijack.txt
Description:
My Vacation Tracker DLL hijacking exploit that leverages svctaglib.dll.
Author:anT!-Tr0J4n
File Size:1008
Last Modified:Oct 6 15:02:00 2010
MD5 Checksum:663c0f95ff02670e83250acb2ba4cced

 ///  File Name: mybb16-disclose.txt
Description:
MyBB version 1.6 suffers from a path disclosure vulnerability.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:976
Last Modified:Oct 28 05:04:57 2010
MD5 Checksum:f80071558537b408e16c97f2bca6b268

 ///  File Name: mycart-execsqlxss.txt
Description:
MyCart version 2.0 suffers from cross site scripting, remote SQL injection and code execution vulnerabilities.
Author:Salvatore Fresta
File Size:4253
Last Modified:Oct 28 06:58:30 2010
MD5 Checksum:ed079679309869e074e643a520437e7d

 ///  File Name: mygamingladder-sql.txt
Description:
mygamingladder MGL Combo System versions 7.5 and below remote SQL injection exploit that leverages game.php.
Author:Easy Laster
File Size:4856
Last Modified:Oct 29 15:45:46 2010
MD5 Checksum:61579276895b10192aca384a888d59c3

 ///  File Name: netgearcg3100d-escalate.txt
Description:
The Netgear CG3100D Residential Gateway suffers from multiple bypass vulnerabilities that allow for privilege escalation.
Author:Alejandro Alvarez Bravo
File Size:1861
Last Modified:Oct 15 04:01:37 2010
MD5 Checksum:999ed8301b056dbf275b37de2b493070

 ///  File Name: netstumbler040.c
Description:
NetStumbler version 0.4.0 DLL hijacking exploit.
Author:Pepelux
Homepage:http://www.enye-sec.org/
File Size:940
Last Modified:Oct 11 00:58:57 2010
MD5 Checksum:35de3c4d638a2beca298459eb4d002f7