This Metasploit module exploits a stack overflow in IBM Access Support. When sending an overly long string to the GetXMLValue() method of IbmEgath.dll (3.20.284.0) an attacker may be able to execute arbitrary code.
ae89bc47ce4a110b625d4804e0b474e1977905e651b187e5f6987d00e50e120f
This Metasploit module exploits a stack overflow in IBM Lotus Domino Web Access Upload Module. By sending an overly long string to the "General_ServerName()" property located in the dwa7w.dll and the inotes6w.dll control, an attacker may be able to execute arbitrary code.
db688071a11a57ace62f20772c549782d9dff2fc8a961055995a997b12f772df
This Metasploit module exploits a buffer overflow in the header parsing of icecast, discovered by Luigi Auriemma. Sending 32 HTTP headers will cause a write one past the end of a pointer array.
f52566cdec54b398c8bf936c7c78edca800747f33139bbed5058021572328958
This Metasploit module exploits a stack overflow in Internet Explorer. This bug was patched in Windows 2000 SP4 and Windows XP SP1 according to MSRC.
5033e002a24ff1bb12912fdbd65bf54856f11e553edfa19caf2a0a3e7345e52d
This exploit takes advantage of the "Initialize and script ActiveX controls not marked safe for scripting" setting within Internet Explorer.
9c2c975c9348a733f16be7b8211fcc06609bf9a7375f942bb2e25d42bfa97d2f
This Metasploit module exploits a vulnerability in the data binding feature of Internet Explorer. In order to execute code reliably, this module uses the .NET DLL memory technique pioneered by Alexander Sotirov and Mark Dowd. This method is used to create a fake vtable at a known location with all methods pointing to our payload. Since the .text segment of the .NET DLL is non-writable, a prefixed code stub is used to copy the payload into a new memory segment and continue execution from there.
53c60ed102e30232619000346bbfebeb96526a4e990b06ce6a59725cc16ec53f
This Metasploit module exploits a buffer overflow in the 'DELETE' command of the the IMail IMAP4D service. This vulnerability can only be exploited with a valid username and password. This flaw was patched in version 8.14.
45c28e289d7ca094f36d717ca5ca385e07a8e3e5009cc9c204983f07644fceb0
This exploits a buffer overflow in the LDAP service that is part of the IMail product. This Metasploit module was tested against version 7.10 and 8.5, both running on Windows 2000.
b4f794bccff29a6eb0d734b29a0e9d29ea74b7a89d2253dece12524d1517c0df
This Metasploit module exploits a stack overflow in Ipswitch IMail Server 2006.1 IMAP SEARCH verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution. In order for this module to be successful, the IMAP user must have at least one message.
0757ecb74978f93cacdc4418ef7c38cab531545bd9b32a8f39f8239a920240bf
This Metasploit module exploits a buffer overflow in IPswitch WhatsUp Gold 8.03. By posting a long string for the value of 'instancename' in the _maincfgret.cgi script an attacker can overflow a buffer and execute arbitrary code on the system.
62eb863206132195a6a057fb1d894ec0ce16b0816953299778e3c89dca60d6d1
This Metasploit module exploits a stack overflow in the JuniperSetupDLL.dll library which is called by the JuniperSetup.ocx ActiveX control, as part of the Juniper SSL-VPN (IVE) appliance. By specifying an overly long string to the ProductName object parameter, the stack is overwritten.
26f61dc73b61764daa3a06c44ab90c018a5f7c37d9a49f838a2c3b1e07f7ce49
This Metasploit module exploits a stack overflow in the Altnet Download Manager ActiveX Control (amd4.dll) bundled with Kazaa Media Desktop 3.2.7. By sending a overly long string to the "Install()" method, an attacker may be able to execute arbitrary code.
5d1758e4f31cc274877c0af7ccfe4530b03057a15b64b22f74060f5ae4a1291e
This Metasploit module exploits a stack overflow in Kerio Personal Firewall administration authentication process. This Metasploit module has only been tested against Kerio Personal Firewall 2 (2.1.4).
edc1d978131e3581f43ad5e622fc1cab8073e286badc41b326604e4b3171fa04
This Metasploit module exploits a stack overflow in LANDesk Management Suite 8.7. By sending an overly long string to the Alert Service, a buffer is overwritten and arbitrary code can be executed.
712f990a9059b1a0f0767c92cadba2f532dad000c6b43637db954fb565ef2f99
This Metasploit module exploits a buffer overflow in the LeapWare LeapFTP v2.7.3.600 client that is triggered through an excessively long PASV reply command. This Metasploit module was ported from the original exploit by drG4njubas with minor improvements.
5e8788d89e903af1ee598af2630dba9de9b353c7d92cd67665efa427f0b0368d
This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup for Laptops & Desktops 11.1. By sending a specially crafted request, an attacker could overflow the buffer and execute arbitrary code.
89dcdea6ef96bdeef448d96e7edf4c62c82b7760d1e36f0672ecbef437a5a680
This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup for Laptops & Desktops 11.1. By sending a specially crafted request (rxsUseLicenseIni), an attacker could overflow the buffer and execute arbitrary code.
04d3e370cc91737108c6e8d608ebb3fcf78bcf946260e33678031f2bc2131d3d
This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup for Laptops & Desktops 11.1. By sending a specially crafted request, an attacker could overflow the buffer and execute arbitrary code.
486a807e0edd6cfc7d817fc0b03a32b214d7c2d2f90cbffcbcf4d44c6e14eb11
This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup 11.0. By sending a specially crafted request to the lic98rmtd.exe service, an attacker could overflow the buffer and execute arbitrary code.
f898147c81fee57073362e43dcc4cf5fc962db6fc16bd1958616572dabebacf6
This Metasploit module exploits a stack overflow in the Logitech VideoCall ActiveX Control (wcamxmp.dll 2.0.3470.448). By sending a overly long string to the "Start()" method, an attacker may be able to execute arbitrary code.
0c7b04e1f849ddc4850c9536ff8dd998900875f3fa62c18765a1cd7361e9fabc
This Metasploit module exploits a stack overflow in LPViewer ActiveX control (LPControll.dll 3.2.0.2). When sending an overly long string to the URL() property an attacker may be able to execute arbitrary code.
8b73bbe7717a92850dc76ef0bd0d73c8f530e698a6786eb3f40fa58199fc8aec
This Metasploit module exploits a weak password vulnerability in the Lyris ListManager MSDE install. During installation, the 'sa' account password is set to 'lminstall'. Once the install completes, it is set to 'lyris' followed by the process ID of the installer. This Metasploit module brute forces all possible process IDs that would be used by the installer.
3e9967373a96f54cda01aebbcdc36aa78a953ebe39d847c90b4f728e4986cdd3
This Metasploit module exploits a stack overflow in Macrovision InstallShield Update Service(Isusweb.dll 6.0.100.54472). By passing an overly long ProductCode string to the DownloadAndExecute method, an attacker may be able to execute arbitrary code.
8fd766a299855ccac71b4bf2d08520f11d24d38e7c51849c1037d889c15caf21
This Metasploit module allows attackers to execute code via an unsafe methods in Macrovision InstallShield 2008.
4e580a205fec77ecdd48e346ed17a1dde6d1df5f7df8a18eff7102a08400ad01
This Metasploit module exploits the MailCarrier v2.51 suite SMTP service. The stack is overwritten when sending an overly long EHLO command.
9def8c6bc7afd6b37a54cfbd536ef1dbea1bda259a7ed818e65302d2b275cfe8