Section: .. / 1002-exploits /
| /// File Name: |
rostermain-sql.txt |
Description:
|
Rostermain versions 1.1 and below suffer from a remote SQL injection vulnerability that allows for authentication bypass.
| | Author: | cr4wl3r | | File Size: | 492 | | Last Modified: | Feb 8 18:42:59 2010 |
| MD5 Checksum: | 66c4c6e49d707d3ec3081bda67c6721e |
|
| /// File Name: |
rpc_cmsd_opcode21.rb.txt |
Description:
|
This Metasploit module exploits a buffer overflow vulnerability in opcode 21 handled by rpc.cmsd on AIX. By making a request with a long string passed to the first argument of the "rtable_create" RPC, a stack based buffer overflow occurs. This leads to arbitrary code execution.
| | Author: | Rodrigo Rubira Branco,jduck | | Homepage: | http://www.metasploit.com | | File Size: | 2892 | | Related OSVDB(s): | 58726 | | Related CVE(s): | CVE-2009-3699 | | Last Modified: | Feb 9 21:11:01 2010 |
| MD5 Checksum: | cb4d6ac873330eaa32d39a0ce5164446 |
|
| /// File Name: |
SA-20100208-0.txt |
Description:
|
Xerox WorkCentre versions 5665, 5675, and 5687 suffers from backdoor and authentication vulnerabilities.
| | Author: | Daniel Fabian | | Homepage: | http://www.sec-consult.com | | File Size: | 5380 | | Last Modified: | Feb 23 02:34:49 2010 |
| MD5 Checksum: | c92ff24436f953cf17dc018b9002568c |
|
| /// File Name: |
safari404mc-dos.txt |
Description:
|
Safari version 4.0.4 remote denial of service with possible memory corruption exploit. r45c4l has noted that this code also affects Opera version 10.10 and Firefox version 3.5.7 and that it works on Windows 7 and Mac OS X.
| | Author: | 599eme Man | | File Size: | 381 | | Last Modified: | Feb 8 18:47:36 2010 |
| MD5 Checksum: | ab82de50d3845098c93f269eea804f72 |
|
| /// File Name: |
safarichrome-dos.txt |
Description:
|
Apple Safari version 4.0.4 and Google Chrome version 4.0.249 suffer from a stack overflow denial of service vulnerability.
| | Author: | Rad L. Sneak | | File Size: | 227468 | | Last Modified: | Feb 25 01:15:15 2010 |
| MD5 Checksum: | 82269e14fb958d3fb976e425b9e64c59 |
|
| /// File Name: |
samba-traversal.txt |
Description:
|
Samba suffers from a remote directory traversal vulnerability. A remote attacker can read, list and retrieve nearly all files on the system remotely. Required is a valid samba account for a share which is writable OR a writable share which is configured to be a guest account share, in this case this is a preauth exploit.Included is a smbclient patch that exploits this vulnerability.
| | Author: | Kingcope | | File Size: | 7421 | | Last Modified: | Feb 5 11:15:11 2010 |
| MD5 Checksum: | 1a2d221d161a154517117c74712f77de |
|
| /// File Name: |
sambar6_search_results.rb.txt |
Description:
|
This Metasploit module exploits a buffer overflow found in the /search/results.stm application that comes with Sambar 6. This code is a direct port of Andrew Griffiths's SMUDGE exploit, the only changes made were to the nops and payload. This exploit causes the service to die, whether you provided the correct target or not.
| | Author: | Andrew Griffiths,H D Moore,patrick | | Homepage: | http://www.metasploit.com | | File Size: | 3465 | | Related OSVDB(s): | 5786 | | Related CVE(s): | CVE-2004-2086 | | Last Modified: | Feb 15 17:10:32 2010 |
| MD5 Checksum: | 2dde7f15d5178a785d5c0f1b9e726fd5 |
|
| /// File Name: |
sapone_fc.tar.bz2 |
Description:
|
Remote exploit for SAP MaxDB versions 7.6.03 build 007 and below which suffer from a pre-authentication remote code execution vulnerability. This version has been updated by FortConsult A/S to use the same byte code as the Nessus plugin.
| | Author: | Luigi Auriemma,Peter Osterberg | | Homepage: | http://aluigi.org/ | | Related Exploit: | sapone.zip | | Related File: | sapone.txt | | File Size: | 10569 | | Last Modified: | Feb 8 20:19:54 2010 |
| MD5 Checksum: | 32c6cabe1db27fbf0308144890b2d306 |
|
| /// File Name: |
saskiashopsystem-lfi.txt |
Description:
|
Saskia's Shopsystem beta1 suffers from a local file inclusion vulnerability.
| | Author: | cr4wl3r | | File Size: | 827 | | Last Modified: | Feb 15 15:19:54 2010 |
| MD5 Checksum: | 87c9bad4df74602aac4417d4b2d9c434 |
|
| /// File Name: |
seamonkey201-dos.txt |
Description:
|
SeaMonkey version 2.0.1 remote denial of service with possible memory corruption exploit.
| | Author: | 599eme Man | | File Size: | 384 | | Last Modified: | Feb 8 18:46:14 2010 |
| MD5 Checksum: | d52e12e25a3c2982fdb9f788c92e83a0 |
|
| /// File Name: |
sfbd-sql.txt |
Description:
|
Scripts Feed Business Directory suffers from a remote SQL injection vulnerability.
| | Author: | Crux | | File Size: | 898 | | Last Modified: | Feb 28 14:03:07 2010 |
| MD5 Checksum: | a8577f19b57a8f9ca1449835814307fd |
|
| /// File Name: |
sfds-sql.txt |
Description:
|
Scripts Feed Dating Software suffers from remote SQL injection and cookie manipulation vulnerabilities.
| | Author: | Crux | | File Size: | 1658 | | Last Modified: | Feb 28 14:34:38 2010 |
| MD5 Checksum: | 9a722b569b1f84bca38051c82e918c59 |
|
| /// File Name: |
shortcms-sql.txt |
Description:
|
ShortCMS version 1.2.0 suffers from a remote SQL injection vulnerability.
| | Author: | Thibow | | File Size: | 3797 | | Last Modified: | Feb 15 17:04:09 2010 |
| MD5 Checksum: | 6a452007642bb025c7c79e833c7fe1fd |
|
| /// File Name: |
shoutcms-sql.txt |
Description:
|
Shout! CMS suffers from a remote SQL blind injection vulnerability.
| | Author: | Zero Cold | | File Size: | 1215 | | Last Modified: | Feb 1 20:13:40 2010 |
| MD5 Checksum: | 739a588bd6e2e445c5c6bb6a4f85c921 |
|
| /// File Name: |
simplepms-lfi.txt |
Description:
|
SimplePMS versions 0.1.4 and below suffer from a local file inclusion vulnerability.
| | Author: | cr4wl3r | | Related Exploit: | simplepms-exec.txt | | File Size: | 761 | | Last Modified: | Feb 12 15:52:42 2010 |
| MD5 Checksum: | 389996986d2a6ed404f1b99bcae0381f |
|
| /// File Name: |
slaed-rfishell.txt |
Description:
|
Slaed CMS version 4 suffers from remote file inclusion, shell upload, and other vulnerabilities.
| | Author: | indoushka | | File Size: | 2653 | | Last Modified: | Feb 28 13:49:46 2010 |
| MD5 Checksum: | f6423449b72a6c2f1ab9ade38b6287c8 |
|
| /// File Name: |
softbizauktios-sql.txt |
Description:
|
Softbiz Auktios suffers from multiple remote SQL injection vulnerabilities.
| | Author: | Easy Laster | | File Size: | 5134 | | Last Modified: | Feb 25 00:53:05 2010 |
| MD5 Checksum: | dd6d566e55ce1f03401d2274cfef0784 |
|
| /// File Name: |
softbizcp-sql.txt |
Description:
|
Softbiz Classifieds PLUS suffers from multiple remote SQL injection vulnerabilities.
| | Author: | Easy Laster | | Related Exploit: | softbiz-sql.txt | | File Size: | 3348 | | Last Modified: | Feb 25 00:49:45 2010 |
| MD5 Checksum: | 81945e0bc247b90f6b2477662daade38 |
|
| /// File Name: |
softbizjobs-sql.txt |
Description:
|
Softbiz Jobs suffers from a remote SQL injection vulnerability.
| | Author: | Baybora | | File Size: | 747 | | Last Modified: | Feb 23 02:10:55 2010 |
| MD5 Checksum: | a3d473fc21151c1a0df9d9991a97f256 |
|
| /// File Name: |
softbizjobs-xsrf.txt |
Description:
|
Softbiz Jobs suffers from a cross site request forgery vulnerability.
| | Author: | Pratul Agrawal | | File Size: | 1995 | | Last Modified: | Feb 23 19:46:40 2010 |
| MD5 Checksum: | 3272c39215d05b2e59667cf9cf968141 |
|
| /// File Name: |
softbizjobs-xss.txt |
Description:
|
Softbiz Jobs suffers from a cross site scripting vulnerability.
| | Author: | Pratul Agrawal | | File Size: | 1598 | | Last Modified: | Feb 23 19:47:37 2010 |
| MD5 Checksum: | 5c5190e163798b80dec3200defe33d30 |
|
| /// File Name: |
softbizjobsmulti-sql.txt |
Description:
|
Softbiz Jobs suffers from remote SQL injection vulnerabilities in searchresult.php and moredetails.php.
| | Author: | Easy Laster | | Related Exploit: | softbizjobs-sql.txt | | File Size: | 3135 | | Last Modified: | Feb 23 19:52:33 2010 |
| MD5 Checksum: | baa46fcadf01bd309b5afd9a61ea2c31 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
