MDaemon
This Metasploit module exploits a stack overflow in Alt-N MDaemon SMTP server for versions 6.8.5 and earlier. When WorldClient HTTP server is installed (default), a CGI script is provided to accept...
View ArticleMDaemon 9.6.4 IMAPD FETCH Buffer Overflow
This Metasploit module exploits a stack overflow in the Alt-N MDaemon IMAP Server version 9.6.4 by sending an overly long FETCH BODY command. Valid IMAP account credentials are required. Credit to...
View ArticleMcAfee ePolicy Orchestrator / ProtectionPilot Overflow
This is an exploit for the McAfee HTTP Server (NAISERV.exe). McAfee ePolicy Orchestrator 2.5.1
View ArticleJuniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow
This Metasploit module exploits a stack overflow in the JuniperSetupDLL.dll library which is called by the JuniperSetup.ocx ActiveX control, as part of the Juniper SSL-VPN (IVE) appliance. By...
View ArticleIBM Lotus Domino Sametime STMux.exe Stack Overflow
This Metasploit module exploits a stack overflow in Lotus Domino's Sametime Server. By sending an overly long POST request to the Multiplexer STMux.exe service we are able to overwrite SEH. Based on...
View ArticleD-Link TFTP 1.0 Long Filename Buffer Overflow
This Metasploit module exploits a stack overflow in D-Link TFTP 1.0. By sending a request for an overly long file name, an attacker could overflow a buffer and execute arbitrary code.
View ArticleCA BrightStor Discovery Service Overflow
This Metasploit module exploits a vulnerability in the CA BrightStor Discovery Service. This vulnerability occurs when a large request is sent to UDP port 41524, triggering a stack overflow.
View ArticleCA BrightStor Discovery Service TCP Overflow
This Metasploit module exploits a vulnerability in the CA BrightStor Discovery Service. This vulnerability occurs when a specific type of request is sent to the TCP listener on port 41523. This...
View ArticleCA iTechnology iGateway Debug Mode Buffer Overflow
This Metasploit module exploits a vulnerability in the Computer Associates iTechnology iGateway component. When True is enabled in igateway.conf (non-default), it is possible to overwrite the stack and...
View ArticleApache module mod_rewrite LDAP protocol Buffer Overflow
This Metasploit module exploits the mod_rewrite LDAP protocol scheme handling flaw discovered by Mark Dowd, which produces an off-by-one overflow. Apache versions 1.3.29-36, 2.0.47-58, and 2.2.1-2 are...
View ArticleAltap Salamander 2.5 PE Viewer Buffer Overflow
This Metasploit module exploits a buffer overflow in Altap Salamander
View ArticleMS03-046 Exchange 2000 XEXCH50 Heap Overflow
This is an exploit for the Exchange 2000 heap overflow. Due to the nature of the vulnerability, this exploit is not very reliable. This Metasploit module has been tested against Exchange 2000 SP0 and...
View ArticleSambar 6 Search Results Buffer Overflow
This Metasploit module exploits a buffer overflow found in the /search/results.stm application that comes with Sambar 6. This code is a direct port of Andrew Griffiths's SMUDGE exploit, the only...
View ArticleRKD Software BarCodeAx.dll v4.9 ActiveX Remote Stack Buffer Overflow
This Metasploit module exploits a stack overflow in RKD Software Barcode Application ActiveX Control 'BarCodeAx.dll'. By sending an overly long string to the BeginPrint method of BarCodeAx.dll v4.9, an...
View ArticleComputer Associates License Server GETCONFIG Overflow
This Metasploit module exploits an vulnerability in the CA License Server network service. By sending an excessively long GETCONFIG packet the stack may be overwritten.
View ArticleComputer Associates License Client GETCONFIG Overflow
This Metasploit module exploits an vulnerability in the CA License Client service. This exploit will only work if your IP address can be resolved from the target system point of view. This can be...
View ArticleRedHat Piranha Virtual Server Package passwd.php3 Arbitrary Command Execution
This Metasploit module abuses two flaws - a meta-character injection vulnerability in the HTTP management server of RedHat 6.2 systems running the Piranha LVS cluster service and GUI (rpm packages:...
View ArticleQbik WinGate WWW Proxy Server URL Processing Overflow
This Metasploit module exploits a stack overflow in Qbik WinGate version 6.1.1.1077 and earlier. By sending malformed HTTP POST URL to the HTTP proxy service on port 80, a remote attacker could...
View ArticleAmlibweb NetOpacs webquery.dll Stack Overflow
This Metasploit module exploits a stack overflow in Amlib's Amlibweb Library Management System (NetOpacs). The webquery.dll API is available through IIS requests. By specifying an overly long string to...
View ArticleNetwork Associates PGP KeyServer 7 LDAP Buffer Overflow
This Metasploit module exploits a stack overflow in the LDAP service that is part of the NAI PGP Enterprise product suite. This Metasploit module was tested against PGP KeyServer v7.0. Due to space...
View ArticleWebster HTTP Server GET Buffer Overflow
This exploits a stack buffer overflow in the Webster HTTP server. The server and source code was released within an article from the Microsoft Systems Journal in February 1996 titled "Write a Simple...
View ArticleMicrosoft IIS MDAC msadcs.dll RDS Arbitrary Remote Command Execution
This Metasploit module can be used to execute arbitrary commands on IIS servers that expose the /msadc/msadcs.dll Microsoft Data Access Components (MDAC) Remote Data Service (RDS) DataFactory service...
View ArticleMicrosoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow
This Metasploit module can be used to execute arbitrary code on IIS servers that expose the /msadc/msadcs.dll Microsoft Data Access Components (MDAC) Remote Data Service (RDS) DataFactory service. The...
View ArticleWordPress plugin Foxypress uploadify.php Arbitrary Code Execution
This Metasploit module exploits an arbitrary PHP code execution flaw in the WordPress blogging software plugin known as Foxypress. The vulnerability allows for arbitrary file upload and remote code...
View ArticleWordPress Foxypress uploadify.php Arbitrary Code Execution
This Metasploit module exploits an arbitrary PHP code execution flaw in the WordPress blogging software plugin known as Foxypress. The vulnerability allows for arbitrary file upload and remote code...
View Article
