Mozilla-Firefox-3.5-(Font-tags)

FireFox 3.5 Heap Spray OS X Exploit Modified by: DrIDE Originally Discovered by: Simon Berry-Bryne Pythonized by: David Kennedy ReL1K @ SecureState Thanks to HDM...

X-Cart Pro 4.0.13 - SQL Injection Proof of Concept

No description provided by source. X-Cart Pro v4.0.13 SQL Injection Proof of Concept Discovered By: s4squatch of SecureState R&D Team www.securestate.com Discovered: Mon, 08 Sep 2008 20:29:07 GMT Version: 4.0.13 obtained from www.website.com/README Can't find reference to this old vuln elsewhere...

MagnetoSoft DNS 4.0.0.9 - ActiveX DNSLookupHostWithServer PoC

No description provided by source. html object classid='clsid:B5ED1577-4576-11D5-851F-00D0B7A934F6' id='target' //object script language='vbscript' 'Magneto Software ActiveX Control ICMP Crash POC 'Discovered by: s4squatch 'Site: www.securestate.com 'Date Discovered: 02/11/10 'Vendor Notified:...

MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetSessionDel PoC

No description provided by source. html object classid='clsid:61251370-92BF-4A0E-8236-5904AC6FC9F2' id='target' //object script language='vbscript' 'Magneto Software Net Resource ActiveX NetSessionDel BOF 'Discovered by: s4squatch 'Site: www.securestate.com 'Date Discovered: 02/11/10 'www:...

Xerver 4.31, 4.32 HTTP Response Splitting

No description provided by source. Xerver 4.31, 4.32 HTTP Response Splitting Discovered: 04-10-08 By: SecureState R&D Team - sasquatch Vendor Notified: 04-11-08 Vendor Response: 04-13-08 New version also vulnerable: 10-07-09 Tested Win32 v4.32 Vendor Notified: 10-07-09 Vendor Response: NONE...

Cisco Collaboration Server 5 XSS, Source Code Disclosure

No description provided by source. Cisco Collaboration Server 5 XSS, Source Code Disclosure Discovered by: s4squatch of SecureState R&D Team www.securestate.com Discovered: 08/26/2008 Note: End of Engineering --...

MagnetoSoft ICMP 4.0.0.18 - ActiveX AddDestinationEntry BOF

No description provided by source. html object classid='clsid:3A86F1F2-4921-4C75-AF2C-A1AA241E12BA' id='target'/object script language='vbscript' 'Magneto Software ICMP ActiveX Control Buffer Overflow 'Discovered by: s4squatch 'website: www.securestate.com 'Date Discovered: 03/11/09 'Exploit...

MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetFileClose SEH Overwrite PoC

No description provided by source. html object classid='clsid:61251370-92BF-4A0E-8236-5904AC6FC9F2' id='target' //object script language='vbscript' 'Magneto Software Net Resource ActiveX NetFileClose SEH Overwrite POC 'Discovered by: s4squatch of SecureState R&D Team 'Site: www.securestate.com...

MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetShareEnum SEH Overwrite PoC

No description provided by source. html object classid='clsid:61251370-92BF-4A0E-8236-5904AC6FC9F2' id='target' //object script language='vbscript' 'Magneto Software Net Resource ActiveX NetShareEnum SEH Overwrite POC 'Discovered by: s4squatch 'Site: www.securestate.com 'Date Discovered: 02/11/10...

LifeSize Room Vulnerabilities

Discovered: 07-13-11 By: Spencer McIntyre zeroSteiner SecureState R&D Team www.securestate.com Background: ----------- Multiple vulnerabilities within the LifeSize Room appliance. Vulnerability Summaries: ------------------------ Login page can be bypassed, granting administrative access to the w...

LifeSize Room Command Injection

Exploit for php platform in category web applications require 'msf/core' class Metasploit3 'LifeSize Room Command Injection', 'Description' = %q This module exploits a vulnerable resource in LifeSize Room versions 3.5.3 and 4.7.18 to inject OS commmands. LifeSize Room is an appliance and thus the...

SiteScape Enterprise Forum 7 - TCL Injection

!/usr/bin/env python """ -- coding: utf-8 -- sitescapesploit.py Copyright 2010 Spencer McIntyre This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, ...

MagnetoSoft NetworkResources ActiveX NetConnectionEnum SEH Overwrite POC

No description provided by source. html object classid='clsid:61251370-92BF-4A0E-8236-5904AC6FC9F2' id='target' //object script language='vbscript' 'Magneto Software Net Resource ActiveX NetConnectionEnum SEH Overwrite POC 'Discovered by: s4squatch 'Site: www.securestate.com 'Date Discovered:...

MagnetoSoft DNS Active-X DNSLookupHostWithServer Proof Of Concept

'Magneto Software ActiveX Control ICMP Crash POC 'Discovered by: s4squatch 'Site: www.securestate.com 'Date Discovered: 02/11/10 'Vendor Notified: 02/02/10 -- NO RESPONSE 'Vendor Notified: 02/11/10 -- NO RESPONSE 'Vendor Notified: 02/17/10 -- NO RESPONSE 'Published 04/13/10 'www:...

MagnetoSoft NetworkResources Active-X NetFileClose SEH Overwrite

'Magneto Software Net Resource ActiveX NetFileClose SEH Overwrite POC 'Discovered by: s4squatch of SecureState R&D Team 'Site: www.securestate.com 'Date Discovered: 02/11/10 'www: http://www.magnetosoft.com/products/sknetresource/sknetresourcefeatures.htm 'Download:...

MagnetoSoft ICMP 4.0.0.18 - ActiveX AddDestinationEntry Buffer Overflow

MagnetoSoft ICMP 4.0.0.18 - ActiveX AddDestinationEntry Buffer Overflow 'Magneto Software ICMP ActiveX Control Buffer Overflow 'Discovered by: s4squatch 'website: www.securestate.com 'Date Discovered: 03/11/09 'Exploit Written: 02/02/10 'Vendor Notified: 02/02/10 -- NO RESPONSE 'Vendor Notified:...

MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetFileClose Overwrite (SEH) (PoC)

MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetFileClose Overwrite SEH PoC 'Magneto Software Net Resource ActiveX NetFileClose SEH Overwrite POC 'Discovered by: s4squatch of SecureState R&D Team 'Site: www.securestate.com 'Date Discovered: 02/11/10 'www:...

MagnetoSoft SNTP ActiveX SntpGetReply BOF

Exploit for windows platform in category remote exploits ========================================= MagnetoSoft SNTP ActiveX SntpGetReply BOF ========================================= 'Magneto Software SNTP ActiveX SntpGetReply BOF 'Discovered by: s4squatch 'Site: www.securestate.com 'File Name =...

MagnetoSoft DNS 4.0.0.9 - ActiveX DNSLookupHostWithServer (PoC)

'Magneto Software ActiveX Control ICMP Crash POC 'Discovered by: s4squatch 'Site: www.securestate.com 'Date Discovered: 02/11/10 'Vendor Notified: 02/02/10 -- NO RESPONSE 'Vendor Notified: 02/11/10 -- NO RESPONSE 'Vendor Notified: 02/17/10 -- NO RESPONSE 'Published 04/13/10 'www:...

MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpSendRequest Crash (PoC)

'Magneto Software SNTP ActiveX SntpSendRequest BOF POC 'Discovered by: s4squatch 'Site: www.securestate.com 'www: http://www.magnetosoft.com/products/sksntp/sksntpfeatures.htm 'Download: http://www.magnetosoft.com/downloads/sksntpsetup.exe 'Vendor Notified: 02/02/10 -- NO RESPONSE 'Vendor Notifie...