FreeNAS exec_raw.php Arbitrary Command Execution
This Metasploit module exploits an arbitrary command execution flaw in FreeNAS 0.7.2
View ArticleDATAC RealWin SCADA Server Buffer Overflow
This Metasploit module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.0 (Build 6.1.8.10). By sending a specially crafted packet, an attacker may be able to...
View ArticleDATAC RealWin SCADA Server SCPC_TXTEVENT Buffer Overflow
This Metasploit module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.0 (Build 6.1.8.10). By sending a specially crafted packet, an attacker may be able to...
View ArticleProFTPD-1.3.3c Backdoor Command Execution
This Metasploit module exploits a malicious backdoor that was added to the ProFTPD download archive. This backdoor was present in the proftpd-1.3.3c.tar.[bz2|gz] archive between November 28th 2010 and...
View ArticleEnjoySAP SAP GUI ActiveX Control Arbitrary File Download
This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "Comp_Download" method in the SAP KWEdit ActiveX Control (kwedit.dll 6400.1.1.41).
View ArticleMicrosoft WMI Administration Tools ActiveX Buffer Overflow
This Metasploit module exploits a memory trust issue in the Microsoft WMI Administration tools ActiveX control. When processing a specially crafted HTML page, the WEBSingleView.ocx ActiveX Control...
View ArticleHP OpenView Performance Insight Server Backdoor Account Code Execution
This Metasploit module exploits a hidden account in the com.trinagy.security.XMLUserManager Java class. When using this account, an attacker can abuse the com.trinagy.servlet.HelpManagerServlet class...
View ArticleHP OpenView Network Node Manager getnnmdata.exe (MaxAge) CGI Buffer Overflow
This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted MaxAge parameter to the getnnmdata.exe CGI, an attacker may be able to...
View ArticleHP OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow
This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted ICount parameter to the getnnmdata.exe CGI, an attacker may be able to...
View ArticleHP OpenView Network Node Manager getnnmdata.exe (Hostname) CGI Buffer Overflow
This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted Hostname parameter to the getnnmdata.exe CGI, an attacker may be able to...
View ArticleMicrosoft Word Record Parsing Buffer Overflow
This Metasploit module exploits a record parsing vulnerability in Microsoft Word. The Microsoft advisory detailing this issue is MS-09-027.
View ArticleEMC HomeBase Server Directory Traversal Remote Code Execution
This Metasploit module exploits a directory traversal and remote code execution flaw in EMC HomeBase Server 6.3.0. Note: This Metasploit module has only been tested against Windows XP SP3 and Windows...
View ArticleDATAC RealWin SCADA Server 2 On_FC_CONNECT_FCS_a_FILE Buffer Overflow
This Metasploit module exploits a vulnerability found in DATAC Control International RealWin SCADA Server 2.1 and below. By supplying a specially crafted On_FC_BINFILE_FCS_*FILE packet via port 910,...
View ArticleSielco Sistemi Winlog Buffer Overflow
This Metasploit module exploits a buffer overflow in Sielco Sistem Winlog
View ArticleRealWin SCADA Server DATAC Login Buffer Overflow
This Metasploit module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.1 (Build 6.0.10.10) or earlier. By sending a specially crafted On_FC_CONNECT_FCS_LOGIN...
View ArticleHP OmniInet.exe Opcode 27 Buffer Overflow
This Metasploit module exploits a buffer overflow in the Hewlett-Packard OmniInet NT Service. By sending a specially crafted opcode 27 packet, a remote attacker may be able to execute arbitrary code.
View ArticleHP OpenView Network Node Manager Toolbar.exe CGI Buffer Overflow
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.50. By sending a specially crafted CGI request to Toolbar.exe, an attacker may be able to execute arbitrary...
View ArticleSymantec System Center Alert Management System (hndlrsvc.exe) Arbitrary...
Symantec System Center Alert Management System is prone to a remote command-injection vulnerability because the application fails to properly sanitize user-supplied input.
View ArticleSymantec System Center Alert Management System (xfr.exe) Arbitrary Command...
Symantec System Center Alert Management System is prone to a remote command-injection vulnerability because the application fails to properly sanitize user-supplied input.
View ArticleOracle Secure Backup Authentication Bypass/Command Injection Vulnerability
This Metasploit module exploits an authentication bypass vulnerability in login.php. In conjunction with the authentication bypass issue, the 'jlist' parameter in property_box.php can be used to...
View Article
