This Metasploit module attempts to exploit multiple issues in order to gain remote code execution under Pandora FMS versions equal to and prior to 5.0 SP2. First, an attempt to authenticate using default credentials is performed. If this method fails, a SQL injection vulnerability is leveraged in order to extract the "Auto Login" password hash. If this value is not set, the module will then extract the administrator account's MD5 password hash.
fc913d99854d2c8194e4f3b46434494278885d559958fa670ed923151a77b005
This Metasploit module exploits an unauthenticated SQL injection vulnerability affecting Zabbix versions 2.0.8 and lower. The SQL injection issue can be abused in order to retrieve an active session ID. If an administrator level user is identified, remote code execution can be gained by uploading and executing remote scripts via the 'scripts_exec.php' file.
43e33eef7564de8ef7460b90f5eacf0b5e096e9067163c4790e0950c800b1b87
This Metasploit module exploits a buffer overflow vulnerability found in the PORT command in Turbo FTP Server versions 1.30.823 and 1.30.826, which results in remote code execution under the context of SYSTEM.
abb8df5bd9e6fe13f397d60912333dbe638be84ba39c6009e9215a03bc909d53
This Metasploit module exploits a stack-based buffer overflow vulnerability in the latest version 3.5 of TugZip archiving utility. In order to trigger the vulnerability, an attacker must convince someone to load a specially crafted zip file with TugZip by double click or file open. By doing so, an attacker can execute arbitrary code as the victim user.
dfd1d434ab7742db844f4361a73baede359a856715df5794ad3d96c86362e269
Iconics GENESIS32 version 9.21.201.01 suffers from an integer overflow vulnerability. The GenBroker service on port 38080 is affected by three integer overflow vulnerabilities while handling opcode 0x4b0, which is caused by abusing the the memory allocations needed for the number of elements passed by the client. This results unexpected behaviors such as direct registry calls, memory location calls, or arbitrary remote code execution. Please note that in order to ensure reliability, this exploit will try to open calc (hidden), inject itself into the process, and then open up a shell session. Also, DEP bypass is supported.
7bae29e02d02057cc61741efd202ae99da696fffbf3d953322faa7fcd5294a22
This Metasploit module exploits a vulnerability in the igssdataserver.exe component of 7-Technologies IGSS up to version 9.00.00 b11063. While processing a ListAll command, the application fails to do proper bounds checking before copying data into a small buffer on the stack. This causes a buffer overflow and allows to overwrite a structured exception handling record on the stack, allowing for unauthenticated remote code execution.
d6e50055a18ef8053fcab8d3dbb3013cea1bef5f64706db8cc621234903f31fb
This Metasploit module exploits a stack-based buffer overflow vulnerability in version 3.0 of ediSys Corp.'s eZip Wizard. In order for the command to be executed, an attacker must convince someone to open a specially crafted zip file with eZip Wizard, and access the specially file via double-clicking it. By doing so, an attacker can execute arbitrary code as the victim user.
f7cf6b8da01815b33b60d03bf75a15fdc34e7db6f1efa9610628e431ece1a389
This Metasploit module exploits a stack buffer overflow in Race river's Integard Home/Pro internet content filter HTTP Server. Versions prior to 2.0.0.9037 and 2.2.0.9037 are vulnerable. The administration web page on port 18881 is vulnerable to a remote buffer overflow attack. By sending an long character string in the password field, both the structured exception handler and the saved extended instruction pointer are over written, allowing an attacker to gain control of the application and the underlying operating system remotely. The administration website service runs with SYSTEM privileges, and automatically restarts when it crashes.
d01b8d0eccb2aec11afecf3d49371c3c926e2d006a81facbb808d6626fec7fa3
This Metasploit module exploits a stack buffer overflow in Race river's Integard Home/Pro internet content filter HTTP Server. Versions prior to 2.0.0.9037 and 2.2.0.9037 are vulnerable. The administration web page on port 18881 is vulnerable to a remote buffer overflow attack. By sending an long character string in the password field, both the structured exception handler and the saved extended instruction pointer are over written, allowing an attacker to gain control of the application and the underlying operating system remotely. The administration website service runs with SYSTEM privileges, and automatically restarts when it crashes.
39c01041cd7a953eb8e64486e1f5865273ee4d2db2d0b6b1cfb86aad1711e782
This is a Metasploit module that exploits a remote buffer overflow in Integard Home and Pro version 2.
d4089119cb05d1fbda649606b655fb13dc6b8bd56736cee01e8bbc3e9d7072ab
123 Flashchat version 7.8 Remote suffers from clear text password disclosure, open crossdomain policy, cross site scripting and directory traversal vulnerabilities.
e6f4b2e751ddbd9ca30cd70a91dc1fd7db559f9a793e435b808a1749e33196ba
Sygate Personal Firewall 5.6 build 2808 active-x exploit with DEP bypass.
86b61ff700b2d7710754181efb3d7c2c1e9da867d3bb34a2d51e0d839de25516
This Metasploit module exploits a stack buffer overflow in the ANSMTP.dll/AOSMTP.dll ActiveX Control provided by CommuniCrypt Mail 1.16. By sending a overly long string to the "AddAttachments()" method, an attacker may be able to execute arbitrary code.
65f4583b340496aacd44bcd7b4987ace8fe604c038312ce81965057381f89f0f
CommuniCrypt Mail version 1.16 (ANSMTP.dll/AOSMTP.dll) Active-X buffer overflow exploit.
52df9cbdb8622bd771beb386d5a6fbca357bda60f58016ef745a1f5afdae5714
SyncBack Freeware version 3.2.20.0 local buffer overflow exploit that creates a malicious .sps file.
87370c4f68dc789390ad72b4b9ca2c5ee5992dd1ea78373e0fdb715c43946353
Incredimail suffers from an Active-X memory corruption vulnerability in ImShExtU.dll.
5e8b9eb5daf14a3ad72d42f509c6e4c67a8bd929ae3f2276d5f3d64b68647e2b
Urgent Backup version 3.20, ABC Backup Pro version 5.20 and ABC Backup version 5.50 SEH exploit that creates a malicious .zip file.
61ab4ec986a1a00a6be031557d1010971379c71bebe7ee0a8f677278cbd5cf73
Archive Searcher version 2.1 suffers from a stack overflow vulnerability.
582f4a3973fddd70c105d4382330b620193bad1eb347489344824e98e103a47c
Tembria Server Monitor version 5.6.0 suffers from a stack overflow vulnerability.
2c2e79decf3313f4a5d1345601bba1b7e6285b2f6c4cee6fc50f184b1c74bf15
eZip Wizard version 3.0 buffer overflow exploit that creates a malicious .zip file.
f010a2dae64b554d9b39247ff8f0eb04a16bae1238dea7fc4dc4d26fbce69b92
ZipScan version 2.2c buffer overflow exploit that creates a malicious .zip file.
1ceca7cff059a32bb8f47a5ede4b7d904ae8a6fab410175e36f81eadad238be9
TugZip version 3.5 SEH buffer overflow exploit that creates a malicious .zip file.
809b6b79c73e10e49768fefdc092e5219a325451ab5619e3f989d67abb501ded
Open and Compact FTPd pre-authentication remote exploit that binds a shell to port 4444.
e9b123d40e159e6c6bc9b86b574b0dfedd1571e2c5995f6097bba18fa544d814
This exploits a stack overflow in the BigAnt Messaging Service, part of the BigAnt Server product suite. This Metasploit module was tested successfully against version 2.52. NOTE: The AntServer service does not restart, you only get one shot.
dd69ef386f696d716346934cec43c21dfd0dbc94932dacb7f54813b7d02a26ca
This exploits a stack overflow in NetTransport Download Manager, part of the NetXfer suite. This Metasploit module was tested successfully against version 2.90.510.
bf6500a66ae079ee9bf77addffc2d579c17c8d0c7c04d2cb70fdae113cbc6cd9