3143 matches found
XM Easy Personal FTP Server 5.7.0 NLST Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'XM Easy Personal FTP Server 5.7.0 NLST DoS', 'Description' = %q You need a valid login to DoS this FTP server, but even anonymous can do it as lo...
Novell EDirectory EMBox Unauthenticated File Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell eDirectory eMBox Unauthenticated File Access', 'Description' = %q This module will access Novell eDirectory's eMBox service and can run th...
IBM DB2 Db2rcmd.exe Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM DB2 db2rcmd.exe Command Execution Vulnerability', 'Description' = %q This module exploits a vulnerability in the Remote Command Server...
Tomcat UTF-8 Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tomcat UTF-8 Directory Traversal Vulnerability', 'Description' = %q This module tests whether a directory traversal vulnerability is present in...
Oracle DB SQL Injection Via SYS.LT.REMOVEWORKSPACE
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.REMOVEWORKSPACE', 'Description' = %q This module exploits a sql injection flaw in the REMOVEWORKSPACE procedur...
ManageEngine Multiple Products Arbitrary File Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine Multiple Products Arbitrary File Download', 'Description' = %q This module exploits an arbitrary file download vulnerability in the...
Oracle DB SQL Injection In MDSYS.SDO_TOPO_DROP_FTBL Trigger
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection in MDSYS.SDOTOPODROPFTBL Trigger', 'Description' = %q This module will escalate an Oracle DB user to MDSYS by exploiting ...
Dopewars Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dopewars Denial of Service', 'Description' = %q The jet command in Dopewars 1.5.12 is vulnerable to a segmentation fault due to a lack of input...
Oracle DB SQL Injection Via SYS.DBMS_CDC_PUBLISH.CREATE_CHANGE_SET
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSCDCPUBLISH.CREATECHANGESET', 'Description' = %q The module exploits an sql injection flaw in the...
Microsoft SRV.SYS WriteAndX Invalid DataOffset
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SRV.SYS WriteAndX Invalid DataOffset', 'Description' = %q This module exploits a denial of service vulnerability in the SRV.SYS driver ...
MS15-018 Microsoft Internet Explorer 10 and 11 Cross-Domain JavaScript Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MS15-018 Microsoft Internet Explorer 10 and 11 Cross-Domain JavaScript Injection", 'Description' = %q This module exploits a universal cross-site...
TrendMicro OfficeScanNT Listener Traversal Arbitrary File Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TrendMicro OfficeScanNT Listener Traversal Arbitrary File Access', 'Description' = %q This module tests for directory traversal vulnerability in...
FreeBSD Remote NFS RPC Request Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FreeBSD Remote NFS RPC Request Denial of Service', 'Description' = %q This module sends a specially-crafted NFS Mount request causing a kernel...
Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun DoS', 'Description' = %q This module exploits a buffer underrun vulnerability in Microsoft's...
Microsoft Windows SRV.SYS SrvSmbQueryFsInformation Pool Overflow Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows SRV.SYS SrvSmbQueryFsInformation Pool Overflow DoS', 'Description' = %q This module exploits a denial of service flaw in the...
Titan FTP Server 6.26.630 SITE WHO Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Titan FTP Server 6.26.630 SITE WHO DoS', 'Description' = %q The Titan FTP server v6.26 build 630 can be DoS'd by issuing "SITE WHO". You need a...
Oracle DB SQL Injection Via DBMS_EXPORT_EXTENSION
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via DBMSEXPORTEXTENSION', 'Description' = %q This module will escalate an Oracle DB user to DBA by exploiting a sql...
Pi3Web ISAPI Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pi3Web ISAPI DoS', 'Description' = %q The Pi3Web HTTP server crashes when a request is made for an invalid DLL file in /isapi for versions 2.0.13...
ISC DHCP Zero Length ClientID Denial of Service Module
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ISC DHCP Zero Length ClientID Denial of Service Module', 'Description' = %q This module performs a Denial of Service Attack against the ISC DHCP...
Monkey HTTPD Header Parsing Denial of Service (Denial of Service)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Monkey HTTPD Header Parsing Denial of Service DoS', 'Description' = %q This module causes improper header parsing that leads to a segmentation...