31 matches found
EudoraQualcomm-WorldMail-9.0.333.0
PRE AUTHENTICATION Eudora Qualcomm WorldMail 9.0.333.0 IMAPd Service Preauthentication Buffer Overflow. - Tested on: Windows Server 2003 SP1. - SEH gets overwritten at 749 bytes when using UID command. Only 79 bytes left after SEH, So the shellcode was placed before SEH and backward jump is used...
Sysax Multi-Server 5.64 Create Folder Buffer Overflow
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit...
Microsoft Active Directory LDAP Server Username Enumeration Weakness
No description provided by source. source: http://www.securityfocus.com/bid/32305/info Microsoft Active Directory is prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. Attackers may exploit this weakness to discern valid...
Eudora Qualcomm WorldMail 9.0.333.0 IMAPd Service UID - Buffer Overflow
Exploit for windows platform in category remote exploits !/usr/bin/python import sys,socket banner = """ Coded by: Muhammad EL Harmeel m.harmeelatgmaildotcom Details: - PRE AUTHENTICATION Eudora Qualcomm WorldMail 9.0.333.0 IMAPd Service Preauthentication Buffer Overflow. - Tested on: Windows...
Eudora Qualcomm WorldMail 9.0.333.0 - IMAPd Service UID Buffer Overflow
Eudora Qualcomm WorldMail 9.0.333.0 - IMAPd Service UID Buffer Overflow !/usr/bin/python Tested on 6.1.19.0 import sys,socket banner = """ Coded by: Muhammad Alharmeel Details: - PRE AUTHENTICATION Eudora Qualcomm WorldMail 9.0.333.0 IMAPd Service Preauthentication Buffer Overflow. - Tested on:...
Sysax Multi Server 5.64 - Create Folder Buffer Overflow (Metasploit)
Sysax Multi Server 5.64 - Create Folder Buffer Overflow Metasploit This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require...
Sysax Multi-Server 5.64 Create Folder Buffer Overflow
Sysax Multi-Server 5.64 Create Folder Buffer Overflow. Remote exploit for windows platform $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use...
Sysax Multi Server 5.64 Create Folder Buffer Overflow
This module exploits a stack buffer overflow in the create folder function in Sysax Multi Server 5.64. This issue was fixed in 5.66. In order to trigger the vulnerability valid credentials with the create folder permission must be provided. The HTTP option must be enabled on Sysax too. This modul...
Sysax Multi Server 5.64 Buffer Overflow
require 'msf/core' require 'base64' class Metasploit3 'Sysax Multi Server 5.64 Create Folder BoF', 'Description' = %q This module exploits a stack buffer overflow in the create folder function in Sysax Multi Server 5.64. This issue was fixed in 5.66. You must have valid credentials to trigger the...
Sysax Multi-Server 5.64 Create Folder Buffer Overflow
Exploit for windows platform in category remote exploits require 'msf/core' require 'base64' class Metasploit3 'Sysax Multi Server 5.64 Create Folder BoF', 'Description' = %q This module exploits a stack buffer overflow in the create folder function in Sysax Multi Server 5.64. This issue was fixe...
Immunity Canvas: CVE_2011_3175
Name| CVE20113175 ---|--- CVE| CVE-2011-3175 Exploit Pack| CANVAS Description| Novell ZENworks Configuration Management 0x6c Buffer Overflow Notes| CVE Name: CVE-2011-3175 VENDOR: Novell Notes: Tested on ZenWork Configuration Managment 10 SP3 on Windows Server 2003 SP1 This exploit should work an...
ScriptFTP <= 3.3 Remote Buffer Overflow (LIST)
Exploit for windows platform in category remote exploits Exploit Title: ScriptFTP Yes, this poc is using PASSIVE connection and it w...
Microsoft Windows索引服务ActiveX控件内存破坏漏洞(MS09-057)
BUGTRAQ ID: 36629 CVECAN ID: CVE-2009-2507 Windows是微软发布的非常流行的操作系统。 Windows的索引服务所包含的ActiveX控件未正确处理特制Web内容,导致Windows系统上的索引服务中存在内存破坏漏洞。成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 SP1 Microsoft Windows...
IBM Lotus Domino Sametime STMux.exe Stack Buffer Overflow
This module exploits a stack buffer overflow in Lotus Domino's Sametime Server. By sending an overly long POST request to the Multiplexer STMux.exe service we are able to overwrite SEH. Based on the exploit by Manuel Santamarina Suarez. This module requires Metasploit:...
Microsoft Active Directory LDAP Server - Username Enumeration
Microsoft Active Directory LDAP Server - Username Enumeration source: https://www.securityfocus.com/bid/32305/info Microsoft Active Directory is prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. Attackers may exploit this...
Microsoft Windows Speech组件语音识别远程命令执行漏洞(MS08-032)
BUGTRAQ ID: 22359 CVECAN ID: CVE-2007-0675 Microsoft Windows是微软发布的非常流行的操作系统。 如果Windows中启用了语音识别功能的话,则Speech组件sapi.dll中存在远程执行代码漏洞。攻击者可以通过构造嵌入了声音对象的特制网页来利用该漏洞,当用户查看网页时,该漏洞可能允许远程执行代码。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP1 Microsoft...
Memory corruption
The HxTocCtrl ActiveX control hxvz.dll, as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, which triggers memory corruption...
Microsoft Windows TCP/IP实现ICMP请求远程拒绝服务漏洞(MS08-001)
BUGTRAQ ID: 27139 CVECAN ID: CVE-2007-0066 Microsoft Windows是微软发布的非常流行的操作系统。 Windows内核的TCP/IP实现(tcpip.sys)中处理碎片路由器广播ICMP查询的方式实现上存在漏洞,远程攻击者可能利用此漏洞导致系统崩溃。 匿名攻击者可以通过在网络上向计算机特制的ICMP报文利用此漏洞,导致计算机停止响应和自动重新启动。但利用此漏洞所必须的ICMP路由发现协议(RDP)不是默认启用的。 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2...
Microsoft Windows TCP/IP实现IGMP及MLD报文远程溢出漏洞(MS08-001)
BUGTRAQ ID: 27100 CVECAN ID: CVE-2007-0069 Microsoft Windows是微软发布的非常流行的操作系统。 Windows内核的TCP/IP实现(tcpip.sys)处理存储IGMPv3和MLDv2查询状态的TCP/IP结构的方式存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制服务器。 匿名攻击者可以通过在网络上向计算机发送特制的IGMPv3和MLDv2报文来利用此漏洞。成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。 Microsoft Windows XP SP...
Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow
Added: 12/28/2007 CVE: CVE-2007-4218 BID: 25395 OSVDB: 39752 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow in the ServerProtect service allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request which is...