CA eTrust PestPatrol - ActiveX Control Buffer Overflow (Metasploit)

$Id: etrustpestscan.rb 10998 2010-11-11 22:43:22Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

Critical Office Hole Patched In November Release

Microsoft issued its monthly patch on Tuesday, releasing three security bulletins to fix security holes in a range of products, including a critical hole in versions of the Microsoft Office Suite. The three bulletins, MS10-087, 088 and -089 fixed a total of 11 vulnerabilities, five in Microsoft...

CitectSCADA/CitectFacilities ODBC Buffer Overflow

This module exploits a stack buffer overflow in CitectSCADA's ODBC daemon. This has only been tested against Citect v5, v6 and v7. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...

Novell Groupwise Internet Agent - IMAP 'LIST LSUB' Remote Code Execution

Application: Novell Groupwise Internet Agent IMAP LIST LSUB Command Remote Code Execution Vulnerability Platforms: SLES 10 SP3 GroupWise 8.0.2 Exploitation: Remote code execution CVE Number: Novell TID: 7007157 Author: Francis Provencher Protek Research Lab's WebSite:...

Microsoft Office RTF Stack Buffer Overflow (MS10-087; CVE-2010-3333)

RTF provides a format for text and graphics interchange that can be used with different operating systems. A buffer overflow vulnerability has been identified in the way Microsoft Office parses Rich Text Format RTF files. The vulnerability is due to an error in Microsoft Office that fails to...

IBM Informix Dynamic Server DBINFO Stack Buffer Overflow (CVE-2010-4069)

Informix is a family of relational database management system RDBMS products by IBM. IBM Informix Dynamic Server is an online transaction processing data server. A stack buffer overflow exists in IBM Informix Dynamic Server Database. The vulnerability is caused by an insufficient bounds checking ...

Cisco ICM Setup Manager Agent.exe AgentUpgrade Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Unified ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When handling the...

Cisco ICM Setup Manager Agent.exe HandleQueryNodeInfoReq Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When handling the...

MOXA Device Manager Tool 2.1 Buffer Overflow

This module exploits a stack buffer overflow in MOXA MDM Tool 2.1. When sending a specially crafted MDMGw MDM2Gateway response, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

CA BrightStor ARCserve for Laptops & Desktops LGServer (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow

$Id: $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'CA...

MOXA MediaDBPlayback ActiveX Control Buffer Overflow

$Id: moxamediadbplayback.rb 10909 2010-11-04 23:59:56Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

MOXA MediaDBPlayback - ActiveX Control Buffer Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'MOXA MediaDBPlayback ActiveX Control Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in...

CA BrightStor ARCserve for Laptops & Desktops LGServer Multiple Commands Buffer Overflow

$Id: lgservermulti.rb 10909 2010-11-04 23:59:56Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

Webster HTTP Server GET Buffer Overflow

$Id: websterhttp.rb 10887 2010-11-03 12:19:19Z patrickw $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

CA BrightStor ARCserve for Laptops and Desktops LGServer Multiple Commands Buffer Overflow

This module exploits a stack buffer overflow in Computer Associates BrightStor ARCserve Backup for Laptops & Desktops 11.1. By sending a specially crafted request to multiple commands, an attacker could overflow the buffer and execute arbitrary code. This module requires Metasploit:...

MOXA MediaDBPlayback ActiveX Control Buffer Overflow

This module exploits a stack buffer overflow in MOXAActiveXSDK. When sending an overly long string to the PlayFileName of MediaDBPlayback.DLL 2.2.0.5 an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

Network Associates PGP KeyServer 7 LDAP Buffer Overflow

This module exploits a stack buffer overflow in the LDAP service that is part of the NAI PGP Enterprise product suite. This module was tested against PGP KeyServer v7.0. Due to space restrictions, egghunter is used to find our payload - therefore you may wish to adjust WfsDelay. This module...

CA BrightStor ARCserve for Laptops and Desktops LGServer rxsSetDataGrowthScheduleAndFilter Buffer Overflow

This module exploits a stack buffer overflow in Computer Associates BrightStor ARCserve Backup for Laptops & Desktops 11.1. By sending a specially crafted request rxsSetDataGrowthScheduleAndFilter, an attacker could overflow the buffer and execute arbitrary code. This module requires Metasploit:...

CA BrightStor ARCserve for Laptops & Desktops LGServer - Remote Buffer Overflow (Metasploit) (3)

$Id: lgserverrxrlogin.rb 10892 2010-11-03 22:09:44Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

CA BrightStor ARCserve License Service - 'GCR NETWORK' Remote Buffer Overflow (Metasploit)

$Id: licensegcr.rb 10892 2010-11-03 22:09:44Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...