| ASUSTeK (3) |
| Name: | ASUS WL-330gE remote exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Set the password to http admin interface to 'canvas'. |
| Listener: | not necessary |
| Platform: | Linux mipsel |
| Vulndisco: | 8.11 |
| | Name: | ASUS WL-500W exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote buffer overflow exploit for ASUS WL-500W wireless router. |
| Listener: | not necessary, GOFindSockWithShell shellcode is used |
| Platform: | Linux mipsel |
| Vulndisco: | 8.10 |
| | Name: | ASUS WL-500W exploit (II) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote exploit for ASUS WL-500W wireless router. |
| Listener: | not necessary |
| Platform: | Linux mipsel |
| Vulndisco: | 8.10 |
|
| Adobe (1) |
| Name: | Adobe RoboHelp Server 8 exploit |
| CVE: | CVE-2009-3068 |
| Status: | 0day |
| Details: | Post regarding this vulnerability. http |
| Listener: | JAVASERVER |
| Platform: | Windows 2003 Server SP2 |
| Vulndisco: | 8.7 |
|
| Akamai (1) |
| Name: | Akamai Download Manager exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Client-side exploit. Minimal user interaction is required. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 8.8 |
|
| Apache (2) |
| Name: | Apache 2.0.63 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trivial proof of concept exploit for Apache NULL pointer dereference bug.To enable proxy support compile with ./configure --enable-proxy --enable-proxy-ftp. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 7.18 |
| | Name: | Apache mod_proxy_ftp command injection PoC |
| CVE: | not assigned |
| Status: | 0day |
| Details: | In normal scenario, apache mod_proxy_ftp does not allow to send Arbitrary ftp commands to ftp server. Apache sends a limited numer of commands to ftp server- USER, PASS, PWD, etc..There is a bug/feature in mod_proxy_ftp which allows us to encode ANY ftp ommands as a part of "Authorization" header. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 7.18 |
|
| Apple (1) |
| Name: | Darwin Streaming Proxy 5.5.5 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trivial remote DoS exploit. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 6.10 |
|
| AzeoTech (1) |
| Name: | DAQFactory 5.77 overflow trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Module to reproduce buffer overflow in DAQFactory web service (not enabled by default). |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 7.16 |
|
| CA (4) |
| Name: | CA Database Management r11.2.4 rtserver.exe DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Crashes rtserver.exe process. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.5 |
| | Name: | CA Database Management r11.2.4 RTServer.exe overflow |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Proof of concept for rtserver.exe stack overflow. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows 2003 Server SP2 |
| Vulndisco: | 8.5 |
| | Name: | CA CleverPath Portal exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote exploit. |
| Listener: | not necessary |
| Platform: | Windows 2003 Server SP2 |
| Vulndisco: | 8.5 |
| | Name: | CA Personal Firewall exploit |
| CVE: | not assigned |
| Status: | fixed |
| Details: | Proof of concept client-side exploit for trivial CA Personal Firewall ActiveX bug. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 7.8 |
|
| CensorNet (1) |
| Name: | CensorNet Professional exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Stack overflow exploit.Tested with CensorNet Virtual Applicance v4 (1.3.2) (VMWare image). |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 8.2 |
|
| D-Link (1) |
| Name: | D-Link DIR-400 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote buffer overflow exploit for D-Link DIR-400 wireless router. |
| Listener: | not necessary, portbind shellcode is used |
| Platform: | Linux mipsbe |
| Vulndisco: | 8.10 |
|
| EMC (3) |
| Name: | EMC Legato NetWorker Console DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | The exploit crashes 'dbsrv9' process via NULL pointer deref. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 3.2 |
| | Name: | EMC Legato NetWorker 7.3 overflow trigger |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Heap overflow trigger. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 3.2 |
| | Name: | EMC Legato NetWorker 7.3.1 DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | The exploit will crash "nsrd" process via null pointer dereference. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 5.1 |
|
| FRISK Software (2) |
| Name: | F-PROT Antivirus heap overflow |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | The exploit generates a specifally crafted archive file and sends it via email. Tested version - F-PROT 3.16f. Found with ProtoVer testsuite. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows 2000 |
| Vulndisco: | 5.2 |
| | Name: | F-PROT Antivirus for Linux overflow trigger |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Tested version - F-PROT 4.6.6 (engine 3.16.14). Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 5.1 |
|
| Fedora Project (4) |
| Name: | Fedora Directory Server 7.1 remote DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 2.1 |
| | Name: | Fedora Directory Server 1.0.2 double free trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 4.5 |
| | Name: | Fedora Directory Server 1.0.2 DSGW file retrieval |
| CVE: | not assigned |
| Status: | 0day |
| Details: | The bug in Directory Server Gateway (Administration Server) allows to read any file with .html/.htm extension remotely. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 4.7 |
| | Name: | Fedora Directory Server 1.0.2 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 4.8 |
|
| FreeBSD (2) |
| Name: | FreeBSD kernel DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | The exploit crashes *BSD box remotely. Might be exploitable. |
| Listener: | not necessary |
| Platform: | OpenBSD 3.6, FreeBSD 5.2 |
| Vulndisco: | 1.0 |
| | Name: | FreeBSD remote kernel panic (via nfsd) |
| CVE: | CVE-2006-0900 |
| Status: | 0day at the time of publishing, now fixed |
| Details: | Remotely exploitable (via nfsd) kernel panic in FreeBSD. Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | FreeBSD |
| Vulndisco: | 2.1 |
|
| FreeSSHD (2) |
| Name: | FreeSSHD stack overflow |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now fixed |
| Details: | Remote exploit for pre-authentication stack overflow bug in FreeSSHD 1.0.9. Found with ProtoVer testsuite. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 3.8 |
| | Name: | FreeSSHD 1.0.9 preauth DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now fixed |
| Details: | The exploit crashes FreeSSHD daemon via NULL pointer dereference. Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 4.0 |
|
| FreeSSHD (1) |
| Name: | FreeSSHD 1.2.4 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote preauthentication Denial of Service exploit |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.11 |
|
| Freeradius (1) |
| Name: | FreeRADIUS 1.1.7 DoS |
| CVE: | CVE-2009-3111 |
| Status: | 0day at the time of publishing, now fixed - CVE-2009-3111 |
| Details: | The exploit crashes 'radiusd' daemon.Found with ProtoVer testsuite. Fixed in 1.1.8 |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 7.6 |
|
| GNU Project (1) |
| Name: | GnuTLS 1.2.9 overflow trigger |
| CVE: | not assigned |
| Status: | fixed |
| Details: | The module has been tested agains gnutls-serv. |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 3.1 |
|
| HAURI (1) |
| Name: | HAURI ViRobot Desktop 5.5 overflow |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now fixed |
| Details: | Client-side exploit for HAURI ViRobot Desktop (www.globalhauri.com/) stack overflow. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 7.15 |
|
| HP (11) |
| Name: | HP Perfomance Insight 5.3 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote exploit. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.6 |
| | Name: | HP Perfomance Insight 5.3 exploit (II) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Use to obtain interesting information. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.6 |
| | Name: | HP Perfomance Insight 5.3 exploit (III) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote preauthentication exploit. |
| Listener: | JAVASERVER |
| Platform: | Windows 2003 Server SP2 |
| Vulndisco: | 8.6 |
| | Name: | HP Perfomance Insight 5.3 exploit (IV) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Use to obtain interesting information. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.6 |
| | Name: | HP Operations Dashboard 2.1 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote exploit against HP Operations Dashboard Portal. |
| Listener: | JAVASERVER |
| Platform: | Windows 2003 Server SP2 |
| Vulndisco: | 8.6 |
| | Name: | HP Operations Manager 8.1 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote exploit. |
| Listener: | JAVASERVER |
| Platform: | Windows 2003 SP2 |
| Vulndisco: | 8.5 |
| | Name: | HP OpenView Network Node Manager 7.53 exploit |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Exploit for HP OpenView NNM cgi command injection vulnerability. |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 8.0 |
| | Name: | HP OpenView Network Node Manager 7.53 exploit (II) |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Exploit for HP OpenView NNM cgi stack overflow. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 7.16 |
| | Name: | HP OpenView Network Node Manager 7.53 directory traversal |
| CVE: | not assigned |
| Status: | fixed |
| Details: | Trivial exploit for public directory traversal vulnerability. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 7.16 |
| | Name: | HP OpenView Network Node Manager 7.53 exploit (III) |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | The module allows you to copy arbitrary file to arbitrary location on a system. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 7.15 |
| | Name: | HP OpenView Network Node Manager 7.53 exploit (IV) |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Remote exploit. |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 7.15 |
|
| IBM (13) |
| Name: | Lotus Domino Server 8.0 nserver.exe DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | The exploit crashes nserver.exe process. |
| Listener: | not necessary |
| Platform: | Windows 2003 Server |
| Vulndisco: | 8.3 |
| | Name: | IBM Tivoli Directory 6.0 heap corruption trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trigger for "ibmdiradm" heap overflow vulnerability. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 8.1 |
| | Name: | Lotus Domino Server 6.5.4 NRPC remote DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | The exploit crashes all Lotus Domino Server processes. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 1.6 |
| | Name: | Lotus Domino Server 6.5.4 nIMAP.exe stack overflow |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Post-auth stack overflow bug in Lotus Domino IMAP service. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 1.6 |
| | Name: | IBM Tivoli Directory Server V6.0 DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now fixed |
| Details: | Remote Denial of Service exploit. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 1.9 |
| | Name: | Lotus Domino Server 7.0 overflow trigger |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Heap overflow trigger. Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 3.5 |
| | Name: | IBM Lotus Domino 6.5.4 DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 3.9 |
| | Name: | Lotus Domino Server 6.5.4 overflow trigger |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 3.9 |
| | Name: | IBM Tivoli Directory Server 6.0 DoS (II) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | The exploit crashes ibmslapd.exe daemon via NULL pointer dereference.Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 4.5 |
| | Name: | IBM Tivoli Directory Admin Server 6.0 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | The exploit crashes "ibmdiradm" daemon via NULL pointer dereference. Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 4.7 |
| | Name: | IBM Lotus Domino Server 7.0.2 overflow trigger |
| CVE: | not assigned |
| Status: | fixed |
| Details: | Heap overflow trigger for public vulnerability. Fixed in 7.0.2 Fix Pack 1. |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 6.7 |
| | Name: | IBM Tivoli Provisioning Manager for OS Deployment stack overflow |
| CVE: | not assigned |
| Status: | fixed |
| Details: | Remote exploit for public vulnerability.Tested with IBM Tivoli Provisioning Manager for OS Deployment v.5.1.0.2 (008.12). |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 6.9 |
| | Name: | IBM Tivoli Directory Server 6.0 DoS (III) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 5.6 |
|
| InterSystems (2) |
| Name: | InterSystems Cache' stack overflow exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote exploit. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 6.6 |
| | Name: | InterSystems Cache' overflow trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trigger for remote heap overflow vulnerability. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 6.6 |
|
| Ipswitch (8) |
| Name: | Ipswitch WhatsUp Gold v12 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | The exploit crashes Ipswitch WhatsUp web server process NMWebService.exe |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.1 |
| | Name: | Ipswitch IMail Server 10 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Use to obtain interesting information. Tested with Ipswitch IMail 10.01 on Windows XP. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.0 |
| | Name: | Ipswitch IMail Server 10 exploit (II) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Use to obtain interesting information. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.0 |
| | Name: | Ipswitch IMail Server 10 exploit (III) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trivial proof of concept exploit. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.0 |
| | Name: | Ipswitch IMail 10 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trivial Denial of Service vulnerability in iWebCal.exe service. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.0 |
| | Name: | Ipswitch Instant Messaging Server DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trivial NULL pointer dereference exploit for IMServer.exe |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.0 |
| | Name: | Ipswitch IMail stack overflow |
| CVE: | not assigned |
| Status: | unknown |
| Details: | Ipswitch IMail 8.13 IMAP stack overflow. The exploit requires valid username and password. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 1.0 |
| | Name: | Ipswitch IMail imap4d32.exe DoS |
| CVE: | not assigned |
| Status: | unknown |
| Details: | Remote DoS exploit for Ipswitch IMail IMAP service. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 1.0 |
|
| Isode (2) |
| Name: | Isode M-Vault 11.3 DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now fixed |
| Details: | Remote DoS exploit. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 3.4 |
| | Name: | Isode M-Vault 12.0v3 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | The exploit will crash "isode.eddy" process. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 6.8 |
|
| Kaspersky (2) |
| Name: | Kaspersky Online Antivirus Scanner 7.0 exploit (Linux) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Client-side exploit. |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 8.8 |
| | Name: | Kaspersky Online Antivirus Scanner 7.0 exploit (Windows) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Client-side exploit. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 8.8 |
|
| Kerio (6) |
| Name: | Kerio MailServer remote DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Preauth DoS in Kerio MailServer IMAP service. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 1.0 |
| | Name: | Kerio MailServer remote DoS (postauth) |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | The exploit requires valid username and password. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 1.4 |
| | Name: | Kerio MailServer heap overflow trigger |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | The exploit requires valid username and password. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 1.4 |
| | Name: | Kerio MailServer 6.x preauth DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | The exploit sends malformed LDAP packet and crashes Kerio MailServer. Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 2.3 |
| | Name: | Kerio MailServer 6.1.3 remote exploit |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Exploit for Kerio MailServer pre-authentication format string bug. |
| Listener: | not necessary, portbind shellcode is used |
| Platform: | Linux x86 |
| Vulndisco: | 4.1 |
| | Name: | Kerio MailServer 6.2.2 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 5.5 |
|
| LANDesk (4) |
| Name: | LANDesk Management Gateway exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trivial post-authentication exploit. Tested with LANDesk Management Gateway 4.0-1.48 (vmware image demo) |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 8.2 |
| | Name: | LANDesk Management Agent |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Use to obtain interesting information. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.2 |
| | Name: | LANDesk Management Suite 8.8 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote preauthentication exploit. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 8.2 |
| | Name: | LANDesk Management Suite 8.8 exploit (II) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote preauthentication exploit. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 8.2 |
|
| Linksys (1) |
| Name: | Linksys WRT54GL exploit |
| CVE: | not assigned |
| Status: | 0day, vendor informed |
| Details: | Remote buffer overflow for Linksys WRT54GL wireless router. |
| Listener: | not necessary, GOFindSockWithShel shellcode is used |
| Platform: | Linux mipsel |
| Vulndisco: | 8.10 |
|
| LiteSpeed Tech (2) |
| Name: | LiteSpeed WebServer 3.3.19 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Lshttpd process enters in an infinite loop. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 8.2 |
| | Name: | LiteSpeed WebServer 3.3.19 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote postauthentication exploit. |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 8.2 |
|
| LogMeIn (1) |
| Name: | RemotelyAnywhere exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Client-side exploit. |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 8.4 |
|
| MailSite (3) |
| Name: | MailSite 8.0.4 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | The exploit crashes LDAP3A.exe process. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 7.13 |
| | Name: | MailSite 8.0.4 heap corruption trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | The exploit crashes LDAP3A.exe process. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 7.13 |
| | Name: | MailSite IMAP4A.EXE heap overflow |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | MailSite IMAP4A.EXE SEARCH command remote heap overflow trigger. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 1.4 |
|
| McAfee (3) |
| Name: | McAfee Email and Web Security Appliance (VMtrial) 5.1 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Read arbitrary files remotely. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 8.9 |
| | Name: | McAfee E-Business Server 8.1.0 overflow trigger |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Trigger for McAfee E-Business server heap overflow. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 2.3 |
| | Name: | McAfee E-Business Server 8.0 remote DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | The exploit crashes EBSAdmin.exe process. |
| Listener: | not necessary |
| Platform: | Windows 2000 |
| Vulndisco: | 1.7 |
|
| Microsoft (2) |
| Name: | LSASS.EXE remote DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now fixed |
| Details: | LSASS.EXE exploit which puts it in an infinite loop |
| Listener: | not necessary |
| Platform: | Windows 2000, XP |
| Vulndisco: | 1.0 |
| | Name: | Microsoft Active Directory DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now fixed |
| Details: | Remote DoS exploit. |
| Listener: | not necessary |
| Platform: | Windows 2000 Advanced Server SP4 |
| Vulndisco: | 1.8 |
|
| MySQL (5) |
| Name: | MySQL 5.x exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote buffer overflow exploit. Tested on Debian Linux 5.0 with mysql-server 5.0.51a-24+lenny1 |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 8.11 |
| | Name: | MySQL 5.0.x stack overflow |
| CVE: | CVE-2008-0226 |
| Status: | 0day at the time of publishing, now fixed |
| Details: | Exploit for stack overflow bug in MySQL's built-in yaSSL library. |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 3.0 |
| | Name: | MySQL heap overflow trigger |
| CVE: | CVE-2008-0226 |
| Status: | 0day at the time of publishing, now fixed |
| Details: | Trigger for the heap overflow bug in MySQL's built-in yaSSL library. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 3.0 |
| | Name: | MySQL 4.1.x DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now fixed |
| Details: | Exploits the bug in processing of 'geometry' functions and crashes mysqld. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 1.1 |
| | Name: | MySQL 5.0.21 lpad() DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Tested on MySQL 5.0.21 compiled from source with option --with-extra-charsets=all |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 4.7 |
|
| Novell (14) |
| Name: | Novell ZENworks Asset Management 7.5 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Use to obtain interesting information. |
| Listener: | not necessary |
| Platform: | Windows 2003 |
| Vulndisco: | 8.4 |
| | Name: | Novell ZENworks Asset Management 7.5 exploit (II) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Use to obtain interesting information. |
| Listener: | not necessary |
| Platform: | Windows 2003 |
| Vulndisco: | 8.4 |
| | Name: | Novell ZENworks Asset Management 7.5 exploit (III) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote exploit for ZENworks Asset Management 7.5 (standalone install). |
| Listener: | JAVASERVER |
| Platform: | Windows 2003 |
| Vulndisco: | 8.4 |
| | Name: | Novell ZENworks Configuration Management 10.1 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Use to obtain interesting information. |
| Listener: | not necessary |
| Platform: | Windows 2003 |
| Vulndisco: | 8.4 |
| | Name: | Novell ZENworks Configuration Management 10 exploit (II) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote exploit for ZCM 10.1.2 (with ZCM 10.1.2a update applied). |
| Listener: | JAVASERVER |
| Platform: | Windows 2003 Server |
| Vulndisco: | 8.4 |
| | Name: | Novell ZENworks Configuration Management overflow trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Heap overflow trigger.Tested with ZCM 10.1.2 (with ZCM 10.1.2a update applied). |
| Listener: | not necessary |
| Platform: | Windows 2003 Server |
| Vulndisco: | 8.4 |
| | Name: | Novell eDirectory 8.7.3 SP10b DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | The exploit will crash ndsd daemon. |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 8.1 |
| | Name: | Novell eDirectory 8.7.3 SP10b overflow trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trigger for "ndsd" stack overflow. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 8.1 |
| | Name: | Novell eDirectory 8.7.3 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Denial of Service exploit against "ndsd". |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 8.1 |
| | Name: | Novell iPrint Client 4.38 ActiveX exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Client-side Novell iPrint Client 4.38 ActiveX overflow exploit. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 8.1 |
| | Name: | Novell eDirectory 8.7.3 SP10b DoS (II) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | The exploit will crash ndsd daemon. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 7.18 |
| | Name: | Novell eDirectory 8.8 stack overflow |
| CVE: | not assigned |
| Status: | fixed |
| Details: | Remotely exploitable stack overflow in Novell eDirectory Server 8.8. Found with ProtoVer testsuite. |
| Listener: | not necessary, portbind shellcode is used |
| Platform: | Linux x86 |
| Vulndisco: | 2.3 |
| | Name: | Novell eDirectory 8.8 double free trigger |
| CVE: | not assigned |
| Status: | unknown |
| Details: | Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 4.7 |
| | Name: | Novell eDirectory 8.8 DoS |
| CVE: | not assigned |
| Status: | unknown |
| Details: | Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 4.9 |
|
| OpenLDAP (1) |
| Name: | OpenLDAP 2.2.23 DoS |
| CVE: | not assigned |
| Status: | fixed |
| Details: | Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 3.5 |
|
| OpenOffice (3) |
| Name: | OpenOffice exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Client-side exploit. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.9 |
| | Name: | OpenOffice overflow |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Client-side stack overflow exploit. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 8.8 |
| | Name: | OpenOffice exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Client-side exploit. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.8 |
|
| OpenSSL (3) |
| Name: | OpenSSL heap overflow |
| CVE: | not assigned |
| Status: | fixed |
| Details: | Trigger for crypto/comp/c_zlib@zlib_expand_block() heap overflow. The bug was silently fixed in OpenSSL 0.9.8a. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 2.4 |
| | Name: | OpenSSL 0.9.6m DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | OpenSSL 0.9.6m NULL pointer dereference. Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 1.2 |
| | Name: | OpenSSL heap overflow exploit |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Remote exploit for some version of OpenSSL library used by well-known vendor. |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 4.5 |
|
| Oracle (17) |
| Name: | Oracle Enterprise Manager 11gR1 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trivial Denial of Service vulnerability. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.5 |
| | Name: | Oracle WebLogic Server 10.3 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote preauthentication exploit. |
| Listener: | not necessary |
| Platform: | Linux, Windows |
| Vulndisco: | 8.1 |
| | Name: | Oracle WebLogic Server 10.3 exploit (II) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Use to obtain interesting information. |
| Listener: | not necessary |
| Platform: | Linux, Windows |
| Vulndisco: | 8.1 |
| | Name: | Oracle WebLogic Server 10.3 Apache plugin overflow |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now fixed |
| Details: | Trigger for "Transfer-encoding" stack overflow. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.1 |
| | Name: | Oracle WebLogic Server 10.3 overflow trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trigger for WebLogic Apache plugin overflow. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.1 |
| | Name: | Oracle TimesTen In-Memory Database 7.0.5 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Use to obtain interesting information. |
| Listener: | not necessary |
| Platform: | Linux, Windows |
| Vulndisco: | 7.16 |
| | Name: | Oracle TimesTen In-Memory Database 7.0.5 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trivial DoS exploit. |
| Listener: | not necessary |
| Platform: | Linux, Windows |
| Vulndisco: | 7.16 |
| | Name: | Oracle TimesTen In-Memory Database 7.0.5 exploit (II) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Exploit for "TimesTen Cache Connect to Oracle" product. |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 7.16 |
| | Name: | Oracle Siebel SimBuilder exploit |
| CVE: | not assigned |
| Status: | fixed |
| Details: | Client-side exploit for Oracle Siebel SimBuilder ActiveX stack overflow |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 7.9 |
| | Name: | Oracle Application Server 10g R2 overflow trigger |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Trigger for Oracle Internet Directory heap overflow. Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 5.7 |
| | Name: | Oracle Application Server 10g R2 heap corruption trigger |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Oracle Internet Directory heap corruption. Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 5.7 |
| | Name: | Oracle Application Server 10g R2 stack overflow |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Remote exploit for Oracle Internet Directory stack overflow. Found with ProtoVer testsuite. |
| Listener: | not necessary, portbind shellcode is used |
| Platform: | Linux x86 |
| Vulndisco: | 5.7 |
| | Name: | Oracle Application Server 10g R2 DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Oracle Internet Directory NULL pointer dereference. Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 5.9 |
| | Name: | Oracle Application Server 10g R2 DoS (II) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Oracle Application Server 'opmn' (Oracle Notification Service) NULL pointer dereference. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 5.10 |
| | Name: | Oracle TimesTen 7.0.2 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | The exploit will crash "timestend" daemon. |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 7.1 |
| | Name: | Oracle TimesTen 7.0.2 overflow trigger |
| CVE: | not assigned |
| Status: | unknown |
| Details: | Trigger for buffer overflow in "timestend". |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 7.3 |
| | Name: | Oracle Secure Backup DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Trivial exploit which crashes obndmpd process. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 6.1 |
|
| PHP (1) |
| Name: | PHP 5.0.3 unserialize() DoS |
| CVE: | not assigned |
| Status: | fixed |
| Details: | PHP 5.0.3 unserialize() remote DoS (infinite loop). A lot of PHP applications may be affected by this bug, but we use phpBB2 forum as the attack vector. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 1.2 |
|
| PeerCast (1) |
| Name: | PeerCast stack overflow |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | PeerCast v0.1217 stack overflow exploit. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 4.4 |
|
| Perforce (4) |
| Name: | Perforce Server DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Tested with Perforce Server 2008.1/160022 on Windows.The exploit will crash P4S.EXE process. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.0 |
| | Name: | Perforce Server DoS (II) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Tested with Perforce Server 2008.1/160022 on Windows. The exploit will trigger infinite loop in P4S.EXE process. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.0 |
| | Name: | Perforce Server DoS (III) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Tested with Perforce Server 2008.1/160022 on Windows.The exploit will crash "P4S.exe" process. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.0 |
| | Name: | Perforce Server exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Tested with Perforce Server 2008.1/160022 on Linux.
|
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 8.0 |
|
| PowerArchiver (1) |
| Name: | PowerArchiver Command Line (PACL) v4.01 stack overflow |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Client-side exploit for PACL stack overflow |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 7.13 |
|
| ProFTPD (2) |
| Name: | ProFTPD stack overflow |
| CVE: | CVE-2006-5815 |
| Status: | 0day at the time of publishing, now fixed |
| Details: | Exploit for src/support.c/sreplace stack overflow. |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 2.4 |
| | Name: | ProFTPD 1.2.10 overflow trigger |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now fixed |
| Details: | The module can be used to reproduce ProFTPD mod_tls preauth heap overflow bug. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 3.1 |
|
| QUALCOMM (4) |
| Name: | Eudora Worldmail 3.0 overflow |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Exploit for preauthentication stack overflow vulnerability. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 2.1 |
| | Name: | Eudora WorldMail 3.x heap overflow |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Exploit for preauthentication heap overflow bug in Qualcomm's Worldmail LDAP service. Found with ProtoVer testsuite. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 3.2 |
| | Name: | Eudora WorldMail 3.1.2 DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 4.8 |
| | Name: | Eudora WorldMail 4.0 DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 4.10 |
|
| Quick Heal (2) |
| Name: | Quick Heal AntiVirus overflow exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Client-side Quick Heal AntiVirus stack overflow exploit.Tested on Windows XP SP2 with Quick Heal AntiVirus 2008 (version 9.50). |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 7.14 |
| | Name: | Quick Heal AntiVirus heap overflow trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trigger for Quick Heal AntiVirus heap overflow.Tested on Fedora Core with Quick Heal AntiVirus 9.50. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 7.14 |
|
| RealNetworks (12) |
| Name: | RealPlayer 11 exploit |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Client-side stack overflow exploit. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 7.12 |
| | Name: | Helix Server 12.0 heap overflow |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now fixed |
| Details: | Trigger for "Proxy-Require" heap overflow vulnerability. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 8.1 |
| | Name: | RealPlayer 10.0.9 stack overflow |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Client-side exploit for RealPlayer 10.0.9 stack overflow vulnerability |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 7.12 |
| | Name: | RealPlayer 10.0.9 heap overflow trigger |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Heap overflow trigger. User interaction is required. |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 7.11 |
| | Name: | Helix Server heap overflow |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now fixed |
| Details: | Proof of concept for remotely exploitable heap overflow in Helix Server/RealServer. Target- Helix Server 11.0.1.1884 on Fedora Core. |
| Listener: | not necessary, portbind shellcode is used |
| Platform: | Linux x86 |
| Vulndisco: | 3.6 |
| | Name: | RealServer DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | RealServer null pointer dereference bug. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 2.2 |
| | Name: | RealServer DoS (2) |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | RealServer null pointer dereference bug. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 2.2 |
| | Name: | RealServer 9.08 heap overflow trigger |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | The module can be used to reproduce RealServer heap overflow. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 2.2 |
| | Name: | Helix Server DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Helix Server DoS (NULL pointer dereference).
|
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 6.0 |
| | Name: | Helix Server 11.1 overflow |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote exploit. Tested on Helix Server 11.1.1 (11.1.1.1099). |
| Listener: | not necessary, portbind shellcode is used |
| Platform: | Linux x86 |
| Vulndisco: | 6.1 |
| | Name: | Helix Server overflow trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trigger for Helix Server heap overflow. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 6.4 |
| | Name: | Helix Server 11.1.5 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Proof of concept for Helix Server Denial of Service vulnerability. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 7.6 |
|
| SAP (16) |
| Name: | Crystal Reports Server 2008 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Vulnerable Crystal Reports Server service will enter in a infinite loop. |
| Listener: | not necessary |
| Platform: | Windows XP |
| Vulndisco: | 8.3 |
| | Name: | Crystal Reports Server 2008 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote exploit.Tested on Fedora Core 6 and Windows 2003 Server. |
| Listener: | JAVASERVER |
| Platform: | Linux, Windows |
| Vulndisco: | 8.3 |
| | Name: | Crystal Reports Server 2008 overflow trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Heap overflow trigger. |
| Listener: | not necessary |
| Platform: | Linux, Windows |
| Vulndisco: | 8.3 |
| | Name: | SAP NetWeaver 7.01 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Use to obtain interesting information. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.2 |
| | Name: | SAP NetWeaver 7.01 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Exploit for null pointer dereference vulnerability. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.2 |
| | Name: | SAP NetWeaver 7.01 overflow trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Heap overflow trigger. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.2 |
| | Name: | SAP NetWeaver 7.0 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | SAP Message Server (part of SAP NetWeaver) DoS exploit. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 7.16 |
| | Name: | SAP NetWeaver 7.0 exploit (II) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Use to obtain interesting information. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 7.16 |
| | Name: | SAP NetWeaver 7.0 overflow trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Heap overflow trigger. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 7.16 |
| | Name: | SAP DB/MaxDB remote exploit |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now fixed |
| Details: | MAXDB exec_sdbinfo remote command injection exploit. |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 7.10 |
| | Name: | SAP GUI 6.40 stack overflow |
| CVE: | not assigned |
| Status: | fixed |
| Details: | Client-side exploit for PrepareToPostHTML() ActiveX stack overflow. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 7.9 |
| | Name: | MaxDB WebAgent stack overflow |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Remote exploit. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 1.0 |
| | Name: | MaxDB WAHTTP DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | The exploit crashes 'wahttp' process. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 7.4 |
| | Name: | SAP GUI 7.10 exploit |
| CVE: | not assigned |
| Status: | fixed |
| Details: | SAP GUI 7.10 ActiveX proof of concept exploit.
|
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 8.1 |
| | Name: | MaxDB 7.6 information leak |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Use to obtain interesting information about remote system. |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 8.14 |
| | Name: | MaxDB 7.6.06 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Not necessary. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 8.14 |
|
| Samba (9) |
| Name: | Samba 3.x heap overflow trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trigger for "smbd" heap overflow. |
| Listener: | not necessary |
| Platform: | FreeBSD x86 |
| Vulndisco: | 7.18 |
| | Name: | Samba 3.x heap overflow trigger (II) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | The module works only if samba has been compiled with --enable-developer option. |
| Listener: | not necessary |
| Platform: | FreeBSD x86 |
| Vulndisco: | 7.18 |
| | Name: | Samba 3.x heap overflow exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Exploit for Samba 3.2.0 heap overflow, tested on FreeBSD 7.0. |
| Listener: | FREEBSDMOSDEF |
| Platform: | FreeBSD x86 |
| Vulndisco: | 7.18 |
| | Name: | Samba stack overflow |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote exploit for Samba 2.2.12 stack overflow. |
| Listener: | FREEBSDMOSDEF |
| Platform: | FreeBSD |
| Vulndisco: | 6.8 |
| | Name: | Samba 3.0.24 remote command injection exploit |
| CVE: | not assigned |
| Status: | fixed |
| Details: | Samba 3.0.24 post-auth exploit. |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 6.10 |
| | Name: | Samba 3.0.24 remote command execution (II) |
| CVE: | not assigned |
| Status: | fixed |
| Details: | The exploit works for non-default configurations of Samba. |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 7.1 |
| | Name: | Samba 4.0.0tp5 heap overflow trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trigger for Samba 4.0.0tp5 heap overflow. |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 7.2 |
| | Name: | Samba 3.x stack overflow |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Valid username and password from admin group must be used. |
| Listener: | not necessary, findsock shellcode is used |
| Platform: | Linux x86 |
| Vulndisco: | 1.0 |
| | Name: | Samba 2.2.x heap overflow |
| CVE: | not assigned |
| Status: | fixed |
| Details: | Samba prs_unistr2() heap overflow.
|
| Listener: | not necessary, findsock shellcode is used |
| Platform: | Linux x86 |
| Vulndisco: | 1.3 |
|
| Sun (20) |
| Name: | Sun Java System Directory Server 6.x DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Denial of exploit exploit against "ns-slapd". |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 8.1 |
| | Name: | Sun Java System Active Server Pages 4.0.3 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote postauthentication stack overflow exploit. |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 8.0 |
| | Name: | Sun Java System Active Server Pages 4.0.3 exploit (II) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Proof of concept exploit for Sun Active Server Pages stack overflow. |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 8.0 |
| | Name: | Sun Java System Active Server Pages 4.0.3 exploit (III) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote preauthentication exploit. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 8.0 |
| | Name: | Sun Java System Active Server Pages 4.0.3 overflow trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trigger for Sun Java System Active Server stack overflow. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 8.0 |
| | Name: | Sun Java System Active Server Pages 4.0.2 exploit |
| CVE: | not assigned |
| Status: | fixed |
| Details: | Allows to read any file remotely without authentication. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 7.17 |
| | Name: | Sun Java System Active Server Pages 4.0.2 exploit (II) |
| CVE: | not assigned |
| Status: | fixed |
| Details: | Exploit for one of these vulnerabilities - sunsolve.sun.com/search/document.do?assetkey=1-66-238184-1 |
| Listener: | LINUXMOSDEF |
| Platform: | Linux x86 |
| Vulndisco: | 7.17 |
| | Name: | Sun ONE Directory Server 5.2 remote DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now fixed |
| Details: | Tested on Sun Java(TM) System Directory Server 2005Q4. Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 2.0 |
| | Name: | Sun Directory Server 5.2 format string trigger |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 4.0 |
| | Name: | Sun Java System Web Proxy Server 4.0.3 exploit |
| CVE: | not assigned |
| Status: | fixed |
| Details: | Proof of concept exploit for Sun Java System Web Proxy Server 4.0.3 'sockd' stack overflow. |
| Listener: | not necessary, findsock shellcode is used |
| Platform: | Linux x86 |
| Vulndisco: | 6.11 |
| | Name: | Sun Java System Web Proxy Server 4.0.5 overflow trigger |
| CVE: | not assigned |
| Status: | unknown |
| Details: | Most probably it is not exploitable at all.
|
| Listener: | not necessary |
| Platform: | Linux |
| Vulndisco: | 6.11 |
| | Name: | Solaris DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Remote kernel panic in Solaris (tested on Solaris 9 SPARC, 10 X86).
|
| Listener: | not necessary |
| Platform: | Solaris |
| Vulndisco: | 2.1 |
| | Name: | Sun ONE ASP engine overflow |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Exploit for Sun ONE ASP engine stack overflow. Tested with Sun ONE ASP 4.0.0.41. |
| Listener: | not necessary, findsock shellcode is used |
| Platform: | Linux x86 |
| Vulndisco: | 1.0 |
| | Name: | Sun ONE ASP file retrieval |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Exploit for Sun ONE ASP file retrieval bug. Tested versions |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 1.0 |
| | Name: | Sun Java System Active Server Pages 4.0.2 testdsn.asp exploit |
| CVE: | not assigned |
| Status: | fixed |
| Details: | Exploit for public vulnerability. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 7.17 |
| | Name: | Sun Java System Web Proxy Server 4.0.3 overflow |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Remote exploit. |
| Listener: | not necessary, portbind shellcode is used |
| Platform: | Windows |
| Vulndisco: | 4.10 |
| | Name: | OpenSolaris remote kernel DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote kernel panic in certain configurations of OpenSolaris. Tested on OpenSolaris 2009.6 |
| Listener: | not necessary |
| Platform: | Solaris |
| Vulndisco: | 8.12 |
| | Name: | Solaris/OpenSolaris local exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Local root exploit. |
| Listener: | not necessary |
| Platform: | Solaris x86 |
| Vulndisco: | 8.12 |
| | Name: | Sun Java System Web Server overflow (trigger) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trigger to SJWS buffer overflow. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 8.12 |
| | Name: | Sun Java System WebServer 7.0U6 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote exploit. Authentication is not necessary. |
| Listener: | LINUXMOSDEF |
| Platform: | Linux |
| Vulndisco: | 8.14 |
|
| Symantec (4) |
| Name: | Symantec Altiris Deployment Solution 6.9 DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Symantec Altiris Deployment Solution 6.9 mm.exe DoS.
|
| Listener: | not necessary |
| Platform: | Windows |
| Vulndisco: | 7.18 |
| | Name: | Symantec Altiris Deployment Solution 6.9 exploit |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Client-side exploit. Tested with Symantec Altiris Deployment Solution 6.9 build 164 on Windows XP SP2. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows XP |
| Vulndisco: | 7.17 |
| | Name: | Symantec Altiris Deployment Solution 6.9 exploit (II) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Client-side exploit. |
| Listener: | not necessary |
| Platform: | Windows XP |
| Vulndisco: | 7.17 |
| | Name: | Symantec Altiris Deployment Solution 6.9 exploit (III) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Client-side exploit. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows XP |
| Vulndisco: | 7.17 |
|
| Symlabs (4) |
| Name: | Symlabs Federated Identity Access Manager DoS |
| CVE: | not assigned |
| Status: | 0day |
| Details: | This trivial exploit will crash 'dsproxy' process. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 7.0 |
| | Name: | Symlabs Federated Identity Access Manager DoS (2) |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trivial exploit which will crash dsproxy. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 7.0 |
| | Name: | Symlabs Directory Extender 3.0 DoS |
| CVE: | not assigned |
| Status: | 0day at the time of publishing, now unknown |
| Details: | Found with ProtoVer testsuite. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 6.2 |
| | Name: | Symlabs Directory Extender stack overflow |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Exploit for stack overflow bug in 'dsproxy'. Found with ProtoVer testsuite. |
| Listener: | not necessary, findsock shellcode is used |
| Platform: | Linux x86 |
| Vulndisco: | 6.3 |
|
| TVersity (1) |
| Name: | TVersity 1.6 overflow |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Remote buffer overflow exploit for MediaServer.exe |
| Listener: | WIN32MOSDEF |
| Platform: | Windows XP SP3 |
| Vulndisco: | 8.11 |
|
| Videolan (1) |
| Name: | VLC player 0.8.6i overflow |
| CVE: | not assigned |
| Status: | fixed |
| Details: | Exploit for VideoLAN VLC media player Win32AddConnection() stack overflow. |
| Listener: | WIN32MOSDEF |
| Platform: | Windows |
| Vulndisco: | 7.14 |
|
| Zeus (1) |
| Name: | Zeus Web Server overflow trigger |
| CVE: | not assigned |
| Status: | 0day |
| Details: | Trigger for remote buffer overflow vulnerability. |
| Listener: | none |
| Platform: | Linux x86 |
| Vulndisco: | 8.14 |
|
| Zmanda (1) |
| Name: | Zmanda Recovery Manager 1.1.4 for MySQL remote root |
| CVE: | CVE-2009-3102 |
| Status: | 0day at the time of publishing, now fixed |
| Details: | Exploit for socket-server.pl remote shell commands execution bug. |
| Listener: | not necessary |
| Platform: | Linux x86 |
| Vulndisco: | 6.5 |
|
