35 matches found
Persits XUpload ActiveX MakeHttpRequest Directory Traversal
No description provided by source. $Id: persitsxuploadtraversal.rb 10998 2010-11-11 22:43:22Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
HP LoadRunner 9.0 ActiveX AddFolder Buffer Overflow
No description provided by source. $Id: hploadrunneraddfolder.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and ter...
Persits XUpload ActiveX AddFile Buffer Overflow
No description provided by source. $Id: hploadrunneraddfile.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...
Persits XUpload ActiveX String Length Buffer Overflow (CVE-2007-6530)
A stack buffer overflow vulnerability has been reported in Persits' XUpload ActiveX control. The vulnerability is due to an error while parsing arguments passed to a certain method. A remote attacker may exploit this vulnerability by passing an overly long string to the method. Successful...
Persits XUpload - ActiveX MakeHttpRequest Directory Traversal (Metasploit)
$Id: persitsxuploadtraversal.rb 10998 2010-11-11 22:43:22Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
HP LoadRunner 9.0 - ActiveX AddFolder Buffer Overflow (Metasploit)
$Id: hploadrunneraddfolder.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Persits XUpload - ActiveX AddFile Buffer Overflow (Metasploit)
$Id: hploadrunneraddfile.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Persits XUpload ActiveX MakeHttpRequest Directory Traversal
$Id: persitsxuploadtraversal.rb 7760 2009-12-08 21:24:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Persits XUpload ActiveX AddFile Buffer Overflow
$Id: hploadrunneraddfile.rb 7724 2009-12-06 05:50:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
HP LoadRunner 9.0 ActiveX AddFolder Buffer Overflow
$Id: hploadrunneraddfolder.rb 7724 2009-12-06 05:50:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Persits XUpload ActiveX MakeHttpRequest Directory Traversal
This module exploits a directory traversal in Persits Software Inc's XUpload ActiveX controlversion 3.0.0.3 that's included in HP LoadRunner 9.5. By passing a string containing ".." sequences to the MakeHttpRequest method, an attacker is able to write arbitrary files to arbitrary locations on...
HP LoadRunner 9.0 ActiveX Buffer Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'HP LoadRunne...
Persits XUpload ActiveX AddFile Buffer Overflow
This module exploits a stack buffer overflow in Persits Software Inc's XUpload ActiveX controlversion 3.0.0.3 thats included in HP LoadRunner 9.5. By passing an overly long string to the AddFile method, an attacker may be able to execute arbitrary code. This module requires Metasploit:...
HP LoadRunner XUpload ActiveX control MakeHttpRequest file download
Added: 10/21/2009 CVE: CVE-2009-3693 BID: 36550 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the XUpload.ocx ActiveX control for performing file exchanges. Problem The MakeHttpRequest method in the XUpload.ocx ActiveX control can be used to download...
Persits Software XUpload AddFile()方式远程栈溢出漏洞
BUGTRAQ ID: 27456 XUpload是功能强大的客户端上传ActiveX控件,允许用户同时上传多个文件。 XUpload的ActiveX控件实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制用户系统。 XUpload的Persits.XUpload.2 ActiveX控件(XUpload.ocx)没有正确地处理传送给AddFile方式的输入参数,如果用户受骗访问了恶意网页并向该方式传送了超长字符串参数的话,就可能触发栈溢出,导致执行任意指令。 Persits XUpload 3.0.0.4 Persits XUpload 2.1.0.1 厂商补丁: Persits...
Stack overflow
Stack-based buffer overflow in the Persits.XUpload.2 ActiveX control in XUpload.ocx 3.0.0.4 and earlier in Persits XUpload 3.0 allows remote attackers to execute arbitrary code via a long argument to the AddFile method. NOTE: some of these details are obtained from third party information...
CVE-2008-0492
Stack-based buffer overflow in the Persits.XUpload.2 ActiveX control in XUpload.ocx 3.0.0.4 and earlier in Persits XUpload 3.0 allows remote attackers to execute arbitrary code via a long argument to the AddFile method. NOTE: some of these details are obtained from third party information...
Persits XUpload 3.0 - AddFile() Remote Buffer Overflow
Persits XUpload 3.0 - AddFile Remote Buffer Overflow Persits XUpload 3.0 AddFile Buffer Overflow Exploit function Check // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var shellcode1 =...
Persits XUpload 3.0 - 'AddFile()' Remote Buffer Overflow
Persits XUpload 3.0 AddFile Buffer Overflow Exploit function Check // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var shellcode1 = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u4949%u4949" +...
XUpload ActiveX Control AddFolder Method Buffer Overflow
The remote host contains a version of the XUpload ActiveX control from Persits Software that reportedly is affected by a buffer overflow in its 'AddFolder' method that can be triggered by a long argument. If a remote attacker can trick a user on the affected host into visiting a specially crafted...