Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying module details 31 - 40 of 2676 in total

D-Link info.cgi POST Request Buffer Overflow Exploit

Disclosed: May 22, 2014

This module exploits an anonymous remote code execution vulnerability on different D-Link devices. The vulnerability is an stack based buffer overflow in the my_cgi.cgi component, when handling specially crafted POST HTTP requests addresses to the /common/info.cgi handler. This module has been successfully tested on D-Lin...

Easy File Management Web Server Stack Buffer Overflow Exploit

Disclosed: May 20, 2014

Easy File Management Web Server v4.0 and v5.3 contains a stack buffer overflow condition that is triggered as user-supplied input is not properly validated when handling the UserID cookie. This may allow a remote attacker to execute arbitrary code.

D-Link HNAP Request Remote Buffer Overflow Exploit

Disclosed: May 15, 2014

This module exploits an anonymous remote code execution vulnerability on different D-Link devices. The vulnerability is due to an stack based buffer overflow while handling malicious HTTP POST requests addressed to the HNAP handler. This module has been successfully tested on D-Link DIR-505 in an emulated environment.

Symantec Workspace Streaming Arbitrary File Upload Exploit

Disclosed: May 12, 2014

This module exploits a code execution flaw in Symantec Workspace Streaming. The vulnerability exists in the ManagementAgentServer.putFile XMLRPC call exposed by the as_agent.exe service, which allows for uploading arbitrary files under the server root. This module abuses the auto deploy feature in the JBoss as_ste.exe ins...

AlienVault OSSIM av-centerd Command Injection Exploit

Disclosed: May 05, 2014

This module exploits a code execution flaw in AlienVault 4.6.1 and prior. The vulnerability exists in the av-centerd SOAP web service, where the update_system_info_debian_package method uses perl backticks in an insecure way, allowing command injection. This module has been tested successfully on AlienVault 4.6.0.

Cogent DataHub Command Injection Exploit

Disclosed: April 29, 2014

This module exploits an injection vulnerability in Cogent DataHub prior to 7.3.5. The vulnerability exists in the GetPermissions.asp page, which makes insecure use of the datahub_command function with user controlled data, allowing execution of arbitrary datahub commands and scripts. This module has been tested su...

Adobe Flash Player Shader Buffer Overflow Exploit

Disclosed: April 28, 2014

This module exploits a buffer overflow vulnerability in Adobe Flash Player. The vulnerability occurs in the flash.Display.Shader class, when setting specially crafted data as its bytecode, as exploited in the wild in April 2014. This module has been tested successfully on IE 6 to IE 11 with Flash 11, Flash 12 and Flash 13...

Wireshark CAPWAP Dissector DoS Exploit

Disclosed: April 28, 2014

This module injects a malformed UDP packet to crash Wireshark and TShark 1.8.0 to 1.8.7, as well as 1.6.0 to 1.6.15. The vulnerability exists in the CAPWAP dissector which fails to handle a packet correctly when an incorrect length is given.

AlienVault OSSIM SQL Injection and Remote Code Execution Exploit

Disclosed: April 24, 2014

This module exploits an unauthenticated SQL injection vulnerability affecting AlienVault OSSIM versions 4.3.1 and lower. The SQL injection issue can be abused in order to retrieve an active admin session ID. If an administrator level user is identified, remote code execution can be gained by creating a high priority poli...