Смотрите также связанные темы
18.08.2018 CVE-2008-3703
The management console in the Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation for Windows (SFW) 5.0, 5.0 RP1a, and 5.1 accepts NULL NTLMSSP authentication, which allows remote attackers to execute arbitrary code via requests to the service socket that create"snapshots schedules"registry values specifying future command execution. NOTE: this issue exists because of an incomplete fix for CVE-2007-2279.
23.10.2018 CVE-2008-4728
Multiple insecure method vulnerabilities in the DeployRun.DeploymentSetup.1 (DeployRun.dll) ActiveX control 10.0.0.44 in Hummingbird Deployment Wizard 2008 allow remote attackers to execute arbitrary programs via the (1) Run and (2) PerformUpdateAsync methods, and (3) modify arbitrary registry values via the SetRegistryValueAsString method. NOTE: the SetRegistryValueAsString method could be leveraged for code execution by specifying executable file values to Startup folders.
27.01.2018 CVE-2009-0282
Integer overflow in Ralink Technology USB wireless adapter (RT73) 3.08 for Windows, and other wireless card drivers including rt2400, rt2500, rt2570, and rt61, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Probe Request packet with a long SSID, possibly related to an integer signedness error.
12.12.2018 Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability (0day)
# wwww.abysssec.com # Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability (0day) # CVE-2012-4959 # @abysssec # well just one more of our 0day got published after ~2 year # here is info : https://community.rapid7.com/community/metasploit/blog/2012/11/16/nfr-agent-buffer-vulnerabilites-cve-2012-4959 # and here is our exploit import httplib, md5, sys def message_MD5(arg): v = "SRS" + arg + "SERVER" m = md5.new(v) return m.hexdigest() def g...
26.03.2018 HP Intelligent Management Center Arbitrary File Upload Exploit
## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # web site for more information on licensing and terms of use. # http://metasploit.com/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = GreatRanking HttpFingerprint = { :pattern => [ /Apache-Coyote/ ] } include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper def initialize(info = {}) super&...
12.03.2018 Microsoft Windows 2000/XP CHM Notepad Remote Code Execution PoC
Цель: Microsoft Windows 2000/XP Воздействие: Отказ в обслуживании
19.07.2018 Microsoft Windows Shortcut Remote Code Execution Exploit
Цель: Microsoft Windows XP, 2003, Vista, 2008, 7 Воздействие: Выполнение произвольного кода
15.09.2018 CVE-2010-0820
Heap-based buffer overflow in the Local Security Authority Subsystem Service (LSASS), as used in Active Directory in Microsoft Windows Server 2003 SP2 and Windows Server 2008 Gold, SP2, and R2; Active Directory Application Mode (ADAM) in Windows XP SP2 and SP3 and Windows Server 2003 SP2; and Active Directory Lightweight Directory Service (AD LDS) in Windows Vista SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, allows remote authenticated users to execute arbitrary code via malformed LDAP messages, aka "LSASS Heap Overflow Vulnerability."
15.03.2018 Microsoft Windows RDP Remote Code Execution PoC (CVE-2012-0002)
Цель: Microsoft Windows XP, 2003, Vista, 7, 2008 Воздействие: Выполнение произвольного кода
31.01.2018 CVE-2016-1930
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
|
