IBM Lotus Notes Sametime Room Name Bruteforce

This module bruteforces Sametime meeting room names via the IBM Lotus Notes Sametime web interface. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'enumerable' class MetasploitModule 'IBM Lotus Notes Sametime...

IBM Lotus Notes Sametime User Enumeration

This module extracts usernames using the IBM Lotus Notes Sametime web interface using either a dictionary attack which is preferred, or a bruteforce attack trying all usernames of MAXDEPTH length or less. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2013-2916

Removed by vendor...

HP LaserJet Pro P1606dn Password Reset

!/usr/bin/python Exploit Title: HP LaserJet Pro P1606dn Webadmin password reset Date: 20.05.2013 Exploit Author: m3tamantra http://m3tamantra.wordpress.com/blog Vendor Homepage: http://www8.hp.com/de/de/products/printers/product-detail.html?oid=4110411 Firmware Date: 20100223 import urllib2 ip =...

DEBIAN-CVE-2008-5006

smtp.c in the c-client library in University of Washington IMAP Toolkit 2007b allows remote SMTP servers to cause a denial of service NULL pointer dereference and application crash by responding to the QUIT command with a close of the TCP connection instead of the expected 221 response code...

CVE-2007-2297

The SIP channel driver chansip in Asterisk before 1.2.18 and 1.4.x before 1.4.3 does not properly parse SIP UDP packets that do not contain a valid response code, which allows remote attackers to cause a denial of service crash...

CVE-2007-1594

The handleresponse function in chansip.c in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service crash via a SIP Response code 0 in a SIP packet...

Microsoft Internet Explorer - FTP Server Response Denial of Service (MS07-016)

!/usr/bin/perl MS 07-016 FTP Server Response PoC Usage: ./ms07016ftp.pl LISTENIP Tested Against: MSIE 6.02900.2180 SP2 Details: The response is broken into buffers, either at length 1024, or at '\r\n'. Each buffer is apended with \x00, without bounds checking. If the response is exctly 1024...

Weak authentication in iBill's Password Management CGI

Vulnerable Program: ibillpm.pl Perl CGI script Distributed by: iBill Internet Billing Company, http://www.ibill.com Problem: iBill hard codes a weak password for the user management script, ibillpm.pl, installed for clients that use the Password Management system. The weak password is the client'...

IE5 crash

Hi stumbled across this crash for IE..I am on 5.00.2614.3500 in Win98SE it seems pretty reproducable with an illegal op in URLMON.dll 1 create a web page local is fine and put in an image to one of your servers..this crash dosent even need an image extension on it...just aim it at a directory or...