Section: .. / 0911-exploits /
| /// File Name: |
novell_netmail_auth.rb.txt |
Description:
|
This Metasploit module exploits a stack overflow in Novell's NetMail 3.52 IMAP AUTHENTICATE GSSAPI command. By sending an overly long string, an attacker can overwrite the buffer and control program execution. Using the PAYLOAD of windows/shell_bind_tcp or windows/shell_reverse_tcp allows for the most reliable results.
| | Author: | MC | | Homepage: | http://www.metasploit.com | | File Size: | 2278 | | Related OSVDB(s): | 55175 | | Last Modified: | Nov 25 19:34:53 2009 |
| MD5 Checksum: | 15660a0a1a706f47a39e33a44c7c85f2 |
|
| /// File Name: |
novell_netmail_status.rb.txt |
Description:
|
This Metasploit module exploits a stack overflow in Novell's Netmail 3.52 IMAP STATUS verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution.
| | Author: | MC | | Homepage: | http://www.metasploit.com | | File Size: | 1853 | | Related OSVDB(s): | 20956 | | Related CVE(s): | CVE-2005-3314 | | Last Modified: | Nov 25 19:34:53 2009 |
| MD5 Checksum: | d8dbf78e23cb34c721cb3b0508144405 |
|
| /// File Name: |
novell_netmail_subscribe.rb.txt |
Description:
|
This Metasploit module exploits a stack overflow in Novell's NetMail 3.52 IMAP SUBSCRIBE verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution.
| | Author: | MC | | Homepage: | http://www.metasploit.com | | File Size: | 1938 | | Related OSVDB(s): | 31360 | | Related CVE(s): | CVE-2006-6761 | | Last Modified: | Oct 30 17:02:08 2009 |
| MD5 Checksum: | 530890e764a5916a4016d1246e7c9a07 |
|
| /// File Name: |
novelledir88-dos.txt |
Description:
|
Novell eDirectory version 8.8 SP5 for Windows suffers from a denial of service vulnerability.
| | Homepage: | http://www.hackattack.com/ | | File Size: | 2080 | | Last Modified: | Nov 18 07:42:28 2009 |
| MD5 Checksum: | 1730cca83da0c43070683a203814ebd5 |
|
| /// File Name: |
novelliprint_executerequest.rb.txt |
Description:
|
This Metasploit module exploits a stack overflow in Novell iPrint Client 4.26. When sending an overly long string to the ExecuteRequest() property of ienipp.ocx an attacker may be able to execute arbitrary code.
| | Author: | MC | | Homepage: | http://www.metasploit.com | | File Size: | 3599 | | Related OSVDB(s): | 42063 | | Related CVE(s): | CVE-2008-0935 | | Last Modified: | Nov 25 19:34:53 2009 |
| MD5 Checksum: | d27ab2496f2aa9a5475fa9ea0a9bd440 |
|
| /// File Name: |
novelliprint_getdriversettings.rb.t..> |
Description:
|
This Metasploit module exploits a stack overflow in Novell iPrint Client 4.34. When sending an overly long string to the GetDriverSettings() property of ienipp.ocx an attacker may be able to execute arbitrary code.
| | Author: | MC | | Homepage: | http://www.metasploit.com | | File Size: | 3698 | | Related OSVDB(s): | 46194 | | Related CVE(s): | CVE-2008-2908 | | Last Modified: | Nov 25 19:34:53 2009 |
| MD5 Checksum: | 1726ea2925684ae8e8da8a3cb8002fa2 |
|
| /// File Name: |
nowsms.rb.txt |
Description:
|
This Metasploit module exploits a stack overflow in Now SMS/MMS Gateway v2007.06.27. By sending a specially crafted GET request, an attacker may be able to execute arbitrary code.
| | Author: | MC | | Homepage: | http://www.metasploit.com | | File Size: | 1908 | | Related OSVDB(s): | 42953 | | Related CVE(s): | CVE-2008-0871 | | Last Modified: | Nov 25 19:34:53 2009 |
| MD5 Checksum: | e01726994afd53539513ff818a33c783 |
|
| /// File Name: |
nsiislog_post.rb.txt |
Description:
|
This exploits a buffer overflow found in the nsiislog.dll ISAPI filter that comes with Windows Media Server. This Metasploit module will also work against the 'patched' MS03-019 version. This vulnerability was addressed by MS03-022.
| | Author: | H D Moore | | Homepage: | http://www.metasploit.com | | File Size: | 2879 | | Related OSVDB(s): | 4535 | | Related CVE(s): | CVE-2003-0349 | | Last Modified: | Nov 25 19:34:53 2009 |
| MD5 Checksum: | dba62c8353b819b884473034652946c3 |
|
| /// File Name: |
nss-bypass.txt |
Description:
|
Mozilla NSS NULL character CA SSL certificate validation security bypass vulnerability.
| | Author: | Dan Kaminsky | | Homepage: | http://www.doxpara.com | | File Size: | 7450 | | Last Modified: | Nov 16 22:01:57 2009 |
| MD5 Checksum: | 3a02a4eed8006d3a2834913dde03f727 |
|
| /// File Name: |
nukehall-rfi.txt |
Description:
|
NukeHall versions 0.3 and below suffer from multiple remote file inclusion vulnerabilities.
| | Author: | cr4wl3r | | File Size: | 1654 | | Last Modified: | Nov 23 18:30:54 2009 |
| MD5 Checksum: | f8e2d905ca0abedeea44b78b85a54f66 |
|
| /// File Name: |
opt-rfi.txt |
Description:
|
Outreach Project Tool versions 1.2.6 and below suffer from a remote file inclusion vulnerability.
| | Author: | cr4wl3r | | File Size: | 1231 | | Last Modified: | Nov 23 18:11:27 2009 |
| MD5 Checksum: | ea41da736ee338576107090fb6db2d8a |
|
| /// File Name: |
oracle9i_xdb_ftp_pass.rb.txt |
Description:
|
By passing an overly long string to the PASS command, a stack based buffer overflow occurs. David Litchfield, has illustrated multiple vulnerabilities in the Oracle 9i XML Database (XDB), during a seminar on "Variations in exploit methods between Linux and Windows" presented at the Blackhat conference.
| | Author: | MC | | Homepage: | http://www.metasploit.com | | File Size: | 2362 | | Related OSVDB(s): | 2449 | | Related CVE(s): | CVE-2003-0727 | | Last Modified: | Nov 25 19:34:53 2009 |
| MD5 Checksum: | 4012e434c06da55ebf571269af1b896b |
|
| /// File Name: |
oracle9i_xdb_pass.rb.txt |
Description:
|
This Metasploit module exploits a stack overflow in the authorization code of the Oracle 9i HTTP XDB service. David Litchfield, has illustrated multiple vulnerabilities in the Oracle 9i XML Database (XDB), during a seminar on "Variations in exploit methods between Linux and Windows" presented at the Blackhat conference.
| | Author: | MC | | Homepage: | http://www.metasploit.com | | File Size: | 2501 | | Related OSVDB(s): | 2449 | | Related CVE(s): | CVE-2003-0727 | | Last Modified: | Oct 30 17:01:59 2009 |
| MD5 Checksum: | 7f6075fb013baace03f43b207dae7782 |
|
| /// File Name: |
orbit_connecting.rb.txt |
Description:
|
This Metasploit module exploits a stack overflow in Orbit Downloader 2.8.4. When an attacker serves up a malicious web site, arbitrary code may be executed. The PAYLOAD windows/shell_bind_tcp works best.
| | Author: | MC | | Homepage: | http://www.metasploit.com | | File Size: | 2612 | | Related OSVDB(s): | 52294 | | Related CVE(s): | CVE-2009-0187 | | Last Modified: | Nov 25 19:34:53 2009 |
| MD5 Checksum: | 1a99975be54b85c979da853c728b0314 |
|
| /// File Name: |
osb_ndmp_auth.rb.txt |
Description:
|
The module exploits a stack overflow in Oracle Secure Backup. When sending a specially crafted NDMP_CONNECT_CLIENT_AUTH packet, an attacker may be able to execute arbitrary code.
| | Author: | MC | | Homepage: | http://www.metasploit.com | | File Size: | 2646 | | Related OSVDB(s): | 51340 | | Related CVE(s): | CVE-2008-5444 | | Last Modified: | Nov 25 19:34:53 2009 |
| MD5 Checksum: | fddd4904ec29cd341e1b063cecfe53e9 |
|
| /// File Name: |
oscommerce-exec.txt |
Description:
|
OS Commerce version 2.2RC2 suffers from an administrative bypass vulnerability allowing for command execution.
| | Author: | Stuart Udall | | File Size: | 1905 | | Last Modified: | Nov 18 08:14:35 2009 |
| MD5 Checksum: | ad06e2bf86e2ce3a4a85fb83786e9d9c |
|
| /// File Name: |
owc_spreadsheet_msdso.rb.txt |
Description:
|
This Metasploit module exploits a memory corruption vulnerability within the Office Web Component Spreadsheet ActiveX control. This module was based on an exploit found in the wild.
| | Author: | H D Moore | | Homepage: | http://www.metasploit.com | | File Size: | 3440 | | Related OSVDB(s): | 55806 | | Related CVE(s): | CVE-2009-1136 | | Last Modified: | Nov 25 19:34:53 2009 |
| MD5 Checksum: | bee50eb7ea8616846ffa5017d862a768 |
|
| /// File Name: |
PDFU3DExploitJS_CVE_2009_2990.py.tx..> |
Description:
|
When a U3D CLODProgressiveMeshContinuation (blocktype: 0xFFFFFF3C) is parsed by Adobe Acrobat Reader U3D plugin the split position index is read from the input without any validation. That index is then used for getting an object out of the limits of the array, object from which a function pointer is dereferenced and called. Adobe Acrobat Reader version 8.1.6 and below and 9.1.3 and below are affected.
| | Author: | Felipe Andres Manzano | | File Size: | 18487 | | Related CVE(s): | CVE-2009-2990 | | Last Modified: | Nov 16 20:18:20 2009 |
| MD5 Checksum: | 40034ae18c2f05f734950b74bb35ae53 |
|
| /// File Name: |
phd-xss.txt |
Description:
|
PHD Help Desk version 1.43 suffers from cross site scripting vulnerabilities.
| | Author: | Amol Naik | | File Size: | 2628 | | Last Modified: | Nov 18 10:07:17 2009 |
| MD5 Checksum: | fe58ab446a9f7bcfa607aabf344d1459 |
|
| /// File Name: |
photoshop-escalate.txt |
Description:
|
Adobe Photoshop Elements active file monitor service suffers from a local privilege escalation vulnerability.
| | Author: | Nine:Situations:Group::bellick | | File Size: | 396 | | Last Modified: | Nov 18 09:07:18 2009 |
| MD5 Checksum: | 2d2084656cff67714aec6c2f16b23081 |
|
| /// File Name: |
php530-bypass.txt |
Description:
|
PHP version 5.3.0 suffers from a pdflib extension open_basedir bypass vulnerability.
| | Author: | Sina Yazdanmehr | | File Size: | 1144 | | Last Modified: | Nov 6 16:53:22 2009 |
| MD5 Checksum: | 3b869a2aa8de8d32a47e808c10c4f929 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
