6913 matches found
Hyleos ChemView - ActiveX Control Stack Buffer Overflow (Metasploit)
$Id: hyleoschemviewxactivex.rb 9935 2010-07-27 02:25:15Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
EasyFTP Server <= 1.7.0.11 LIST Command Stack Buffer Overflow
$Id: easyftplistfixret.rb 9935 2010-07-27 02:25:15Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Apple QuickTime 'QuickTimeStreaming.qtx' Remote Stack Buffer Overflow Vulnerability
Description Apple QuickTime is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will like...
Microsoft DNS RPC Service extractQuotedChar() Overflow (SMB)
$Id: ms07029msdnszonename.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Microsoft DNS RPC Service extractQuotedChar() Overflow (TCP)
$Id: ms07029msdnszonename.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
MS07-029 Microsoft DNS RPC Service extractQuotedChar() Overflow (SMB)
This module exploits a stack buffer overflow in the RPC interface of the Microsoft DNS service. The vulnerability is triggered when a long zone name parameter is supplied that contains escaped octal strings. This module is capable of bypassing NX/DEP protection on Windows 2003 SP1/SP2. This modul...
Apache Tomcat mod_jk 1.2.20 - Remote Buffer Overflow (Metasploit)
$Id: apachemodjkoverflow.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Microsoft DNS RPC Service - 'extractQuotedChar()' TCP Overflow (MS07-029) (Metasploit)
$Id: ms07029msdnszonename.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
HP OpenView Network Node Manager netmon.exe Stack Buffer Overflow (CVE-2010-1551; CVE-2010-2703)
The Network Node Manager NNM is an HP OpenView product which manages networks. It determines and displays physical and logical connectivity in networks, as well as information referring to protocols running over the network. A stack buffer overflow vulnerability exists in HP OpenView Network Node...
Mini-Stream RM-MP3 Converter 3.1.2.1 Buffer Overflow
Mini-Stream RM-MP3 Converter v3.1.2.1 .pls Stack Buffer Overflow universal By Madjix lemail ma3andkoum madirou bih Sec4ever.com my $junk="http://"."\x41" x 17425; my $ret = "\xCF\xDA\x05\x10"; jump to ESP - from msrmfilter03.dll my $padding = "\x90" x 24; windows/shellreversetcp - 739 bytes...
Groovy Media Player '.m3u' File Remote Stack Buffer Overflow Vulnerability
This host is installed with Groovy Media Player and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbgroovymediaplayerbofvuln.nasl 5368 2017-02-20 14:34:16Z cfi $ Groovy Media Player '.m3u' File Remote Stack Buffer Overflow Vulnerability Authors: Madhuri D Copyright:...
Mini-Stream RM-MP3 Converter v3.1.2.1 (.pls) Stack Buffer Overflow
Exploit for windows platform in category local exploits ============================================================================ Mini-Stream RM-MP3 Converter v3.1.2.1 .pls Stack Buffer Overflow universal ============================================================================ Mini-Stream...
SAP DB 7.4 - WebTools Buffer Overflow (Metasploit)
$Id: sapdbwebtools.rb 9842 2010-07-16 02:33:25Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
Mini-stream RM-MP3 Converter 3.1.2.1 - '.pls' Local Stack Buffer Overflow Universal
Mini-Stream RM-MP3 Converter v3.1.2.1 .pls Stack Buffer Overflow universal By Madjix lemail ma3andkoum madirou bih Sec4ever.com my $junk="http://"."\x41" x 17425; my $ret = "\xCF\xDA\x05\x10"; jump to ESP - from msrmfilter03.dll my $padding = "\x90" x 24; windows/shellreversetcp - 739 bytes...
Ipswitch Imail Server List Mailer Reply-To Address Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IPSwitch IMail List Mailer. Authentication is not required to exploit this vulnerability. The specific flaw exists within imailsrv.exe which is invoked to handle messages sent to the imailsrv. When...
NaviCOPA Web Server 2.0.1 - URL Handling Buffer Overflow (Metasploit)
$Id: navicopagetoverflow.rb 9797 2010-07-12 23:25:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
InterSystems Cache - UtilConfigHome.csp Argument Buffer Overflow (Metasploit)
$Id: intersystemscache.rb 9797 2010-07-12 23:25:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Microsoft IIS - ISAPI 'w3who.dll' Query String Overflow (Metasploit)
$Id: w3whoquery.rb 9719 2010-07-07 17:38:59Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
BadBlue 2.5 - 'ext.dll' Remote Buffer Overflow (Metasploit)
$Id: badblueextoverflow.rb 9719 2010-07-07 17:38:59Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
VLC Player M3U file ftp:// URI Handler Remote Stack Buffer Overflow
There a Vulnerability in VLC Media Player v1.0.5 Goldeneye when handling M3U files with ftp:// URI handler. When we open the malicious file our EDX and EBP registers point to the user supplied data which might lead to code execution. State of the registers when we opne the malicious file is: EAX...