11 matches found
PT-2026-31442
Name of the Vulnerable Software and Affected Versions Kamailio versions prior to 6.1.1, prior to 6.0.6, and prior to 5.8.8 Description Kamailio, an open source SIP Signaling Server, contains a flaw where a specially crafted data packet sent over TCP can lead to a denial of service process crash...
Buffer overflow
A Buffer Overflow vulnerability exists in the Message Server service MsJ2EEAddStatistics function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user...
Tincd Post-Authentication Remote TCP Stack Buffer Overflow
This module exploits a stack buffer overflow in Tinc's tincd service. After authentication, a specially crafted tcp packet default port 655 leads to a buffer overflow and allows to execute arbitrary code. This module has been tested with tinc-1.1pre6 on Windows XP custom calc payload and Windows ...
Borland InterBase isc_create_database() Buffer Overflow
No description provided by source. $Id: ibisccreatedatabase.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...
Sysax Multi-Server 6.10 SSHD Key Exchange Denial of Service
This module sends a specially-crafted SSH Key Exchange causing the service to crash. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sysax Multi-Server 6.10 SSHD Key Exchange Denial of Service'...
Joomla <=2.5.8,<=3.0.2 remote tcp connections opener
Joomla core plugin 'highlight' unserializes not trusted input. Plugin is enabled by default in standard joomla installation. This proof of concept exploit uses JStream joomla class to make target opens remote tcp connections to custom address, therefore multiple vulnerable joomla instances can be...
Fonality trixbox - 'langChoice' Local File Inclusion (connect-back) (2)
!/usr/bin/perl -w Jean-Michel BESNARD / LEXSI Audit 2008-07-09 This is an update of the previous exploit. We can now get a root shell, thanks to sudo. perl trixboxfiv2.pl 192.168.1.212 Please listen carefully as our menu option has changed Choose from the following options: 1 Remote TCP shell 2...
Fonality trixbox - langChoice Local File Inclusion (connect-back) (2)
Fonality trixbox - langChoice Local File Inclusion connect-back 2 !/usr/bin/perl -w Jean-Michel BESNARD / LEXSI Audit 2008-07-09 This is an update of the previous exploit. We can now get a root shell, thanks to sudo. perl trixboxfiv2.pl 192.168.1.212 Please listen carefully as our menu option has...
trixbox (langChoice) Local File Inclusion Exploit (connect-back)
No description provided by source. !/usr/bin/perl -w Jean-Michel BESNARD - LEXSI Audit 2008-07-08 perl trixboxfi.pl 192.168.1.212 Please listen carefully as our menu option has changed Choose from the following options: 1 Remote TCP shell 2 Read local file 1 Host and port the reverse shell should...
Authentication Capture: FTP
This module provides a fake FTP service that is designed to capture authentication credentials. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Authentication Capture: FTP', 'Description' = %q...
eIQNetworks ESA License Manager LICMGR_ADDLICENSE Overflow
This module exploits a stack buffer overflow in eIQnetworks Enterprise Security Analyzer. During the processing of long arguments to the LICMGRADDLICENSE command, a stack-based buffer overflow occurs. This module has only been tested against ESA v2.1.13. This module requires Metasploit:...