This Metasploit module exploits a flaw in the Clam AntiVirus suite 'clamav-milter' (Sendmail mail filter). Versions prior to 0.92.2 are vulnerable. When implemented with black hole mode enabled, it is possible to execute commands remotely due to an insecure popen call.
043b522739cdc7453582b55c2d84f10b6d62ae02178d5c618b7212a148347eb0This Metasploit module exploits a flaw in the SpamAssassin spamd service by specifying a malicious vpopmail User header, when running with vpopmail and paranoid modes enabled (non-default). Versions prior to 3.1.3 are vulnerable.
eab32845da0d59fc9f4ab3c4fe32f5ea16cbdf7d908c0e6e672c02b104b4425cThis Metasploit module uses a documented security weakness to execute arbitrary commands on any system running distccd.
0a769db2554d6e63eed260b8856d24d30fee9b9bc7f06f56160f29c66e421927This Metasploit module exploits the ContentKeeper Web Appliance. Versions prior to 125.10 are affected. This module exploits a combination of weaknesses to enable remote command execution as the Apache user. Following exploitation it is possible to abuse an insecure PATH call to 'ps' etc in setuid 'benetool' to escalate to root.
629ee439ef17eb790dc0b4ecfd87cba6375f929234dd537ad09b296c1e24dcecThis Metasploit module uses a buffer overflow in the Solaris 'login' application to bypass authentication in the telnet daemon.
1922fca1702919a985e0d03cd6e813a1ab64a1125cad7362097ca409173defa5This Metasploit module exploits the argument injection vulnerability in the telnet daemon (in.telnetd) of Solaris 10 and 11.
179d8ac56af2b7e7a41f6d04b7d0d59e4a7e59ad60dfdcae4e994920a57db02aThis exploit targets a weakness in the way the ypupdated RPC application uses the command shell when handling a MAP UPDATE request.
7c27019bedb0e26575dc7a9ad1810a98487a76f946e66dee2a85a79237351e19This exploit targets a weakness in the default security settings of the sadmind RPC application. This server is installed and enabled by default on most versions of the Solaris operating system. Vulnerable systems include solaris 2.7, 8, and 9.
14557b273499a2ea3ee86d39d208d2b582a750cf286e96ff62c3dd367eac0d64This Metasploit module exploits a buffer overflow vulnerability in adm_build_path() function of sadmind daemon.
18dec71a8c83fcf83504b2fddb72739d0a61a63af0287624b6f0d47b893416c4Debian Linux Security Advisory 1922-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.
a220a510e52acdc35e63b91c7fafa29b451ce1d41d75745b324d947eec52a426Cherokee versions 0.5.4 and below suffer from a directory traversal vulnerability.
e98d286121b0854950d5c8ad20255bbe19675d7c7fec7efd3126c5b4d9d701feThis Metasploit module exploits an arbitrary command execution flaw in the in.lpd service shipped with all versions of Sun Solaris up to and including 8.0. This module uses a technique discovered by Dino Dai Zovi to exploit the flaw without needing to know the resolved name of the attacking system.
01345783ba4c62397f1139311948fa659b914f7f6b890eea025ca4a22a9c86f9Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
5515ba01277773a2f9c97599d4d28d0898d8b1d7afd5c8942cab087306c28703Remote exploitation of a buffer overflow in the Mozilla Foundation's libpr0n image processing library allows attackers to execute arbitrary code. The libpr0n GIF parser was designed using a state machine which is represented as a series of switch/case statements. One particularly interesting state, 'gif_image_header', is responsible for interpreting a single image/frame description record. A single GIF file may contain many images, each with a different color map associated. The problem lies in the handling of changes to the color map of subsequent images in a multiple-image GIF file. Memory reallocation is not managed correctly and can result in an exploitable heap overflow condition. iDefense confirmed the existence of this vulnerability using Mozilla Firefox versions 3.0.13 and 3.5.2 on 32-bit Windows XP SP3. Other versions, and potentially other applications using libpr0n, are suspected to be vulnerable.
2586d2a113c390f692bd4a3a7b5d2efa7e97552fe0c5a23297e4dd9eebfa000aOscailt CMS version 3.3 suffers from a local file inclusion vulnerability.
62cc89dcaa822c8aacccf2326a30726ab50fc22820b678b1198ee5566f5b10b6Mozilla Firefox version 3.5.3 local download manager exploit that demonstrates a temporary file creation vulnerability.
c57f747c188be90e736885f8d76cc1b16b4e1cbbc6eee9473f672dc486c86f84Small write up called Hijacking Opera's Native Page Using Malicious RSS Payloads.
c291ffa51806c7d5f361262a1cb308612da9ac85545f1e4435e49c40c2a46aa1This is the Mariposa Botnet C+C decryption plugin for wireshark.
02744e4d60616adfc90d84a092087327326970be4d7a91ce0993dd6a4d1564a3This is a port of noir's dtspcd exploit. This Metasploit module should work against any vulnerable version of Solaris 8 (sparc). The original exploit code was published in the book Shellcoder's Handbook.
19e9ec7b08522229c2b19b1bd544a7ff36ddfd0fd2e0f93cbccac310943ae853This Metasploit module exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8. This particular module is capable of exploiting the bug on Mac OS X PowerPC systems.
50174bffbefca0cbfd2b222f0748f7fe7215d1eab4b35f5294d146713fed1392This Metasploit module exploits the Mac OS X Quicktime RTSP Content-Type overflow.
ad4d5f783ef4db1db560df2a1efd3229f2003c31ec35d1990be07b5c88e2e8fcThis Metasploit module exploits the Mac OS X mDNSResponder UPnP location overflow.
da2a1ca7bcbe9b0fd674cad76635052bd827bdcd654c1294987ae687132ffa6fThis Metasploit module exploits a stack overflow in the logging routine of the WebSTAR FTP server. Reliable code execution is obtained by a series of hops through the System library.
b70f8769835947ea2b66253db1f6add42a0554c1ea76331961806fbfff635676This Metasploit module exploits a command execution vulnerability in the Mail.app application shipped with Mac OS X 10.5.0. This flaw was patched in 10.4 in March of 2007, but reintroduced into the final release of 10.5.
aa4bc52d99a5375b0d0710ee2d12fe495a795c13691639ec782fff6ffddc4edeThis Metasploit module exploits a vulnerability in Safari's "Safe file" feature, which will automatically open any file with one of the allowed extensions. This can be abused by supplying a zip file, containing a shell script, with a metafile indicating that the file should be opened by Terminal.app. This module depends on the 'zip' command-line utility.
8c4311240e8171f3f9f4e554f0f29aa8dd421640cd7dc1296331a5d14e3d441f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed