The Exploit Database
The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.
the Exploit Database Presents – MOAUB Day 2
The Abysssec Security Team has started the Month Of Abysssec Undisclosed Bugs. Check out the Exploit-DB Blog for more details. Today featuring: Rainbowportal Multiple Remote Vulnerabilities and Apple QuickTime FlashPix NumberOfTiles Vulnerability Binary Analysis.
Remote Exploits
| Date | D | A | V | Description | Plat. | Author | |
|---|---|---|---|---|---|---|---|
| 2010-09-02 |
|
- |
|
Backdoor password in Accton-based switches (3com, Dell, SMC, Foundry and EdgeCore) | 1018 | multiple | Edwin Eefting |
| 2010-09-01 |
|
|
|
TFTP Desktop 2.5 Directory Traversal Vulnerability | 769 | windows | chr1x |
| 2010-09-01 |
|
|
|
TFTPDWIN v0.4.2 Directory Traversal Vulnerability | 404 | windows | chr1x |
| 2010-09-01 |
|
- |
|
MOAUB #1 - Adobe Acrobat Reader and Flash Player “newclass” invalid pointer | 3455 | windows | Abysssec |
| 2010-08-27 |
|
- |
|
McAfee LinuxShield <= 1.5.1 Local/Remote Root Code Execution | 1876 | linux | Nikolas Sotiriu |
| 2010-08-25 |
|
- |
|
Deepin TFTP Server Directory Traversal Vulnerability Software Version : v1.25 | 1048 | windows | demonalex |
| 2010-08-17 |
|
- |
|
Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference (MS09-050) | 6098 | windows | Piotr Bania |
Local Exploits
| Date | D | A | V | Description | Plat. | Author | |
|---|---|---|---|---|---|---|---|
| 2010-08-29 |
|
|
|
nginx v0.6.38 Heap Corruption Exploit | 2026 | linux | Aaron Conole |
| 2010-08-29 |
|
|
|
SnackAmp 3.1.2 Malicious SMP Buffer Overflow Vulnerability (SEH) | 564 | windows | James Fitts |
| 2010-08-27 |
|
- |
|
Linux Kernel < 2.6.36-rc1 CAN BCM Privilege Escalation Exploit | 3319 | linux | Jon Oberheide |
| 2010-08-25 |
|
- |
|
Autodesk AutoCAD 2007 dll Hijacking exploit (color.dll) | 1065 | windows | xsploited securit. |
| 2010-08-25 |
|
|
|
Daemon tools lite DLL Hijacking Exploit (mfc80loc.dll) | 1491 | windows | Mohamed Clay |
| 2010-08-25 |
|
|
|
Google Earth v5.1.3535.3218 DLL Hijacking Exploit (quserex.dll) | 1590 | windows | LiquidWorm |
| 2010-08-25 |
|
|
|
Nullsoft Winamp 5.581 DLL Hijacking Exploit (wnaspi32.dll) | 1353 | windows | LiquidWorm |
Web Applications
| Date | D | A | V | Description | Plat. | Author | |
|---|---|---|---|---|---|---|---|
| 2010-09-02 |
|
- |
|
Shop a la Cart Multiple Vulnerabilities | 167 | php | Ariko-Security |
| 2010-09-02 |
|
- |
|
MOAUB #2 - Rainbowportal Multiple Remote Vulnerabilities | 803 | asp | Abysssec |
| 2010-09-02 |
|
- |
|
vbShout 5.2.2 Remote/Local File Inlcusion | 466 | php | fred777 |
| 2010-09-01 |
|
- |
|
PHP Joke Site Software (sbjoke_id) SQL Injection Vuln | 947 | php | BorN To K!LL |
| 2010-09-01 |
|
- |
|
MOAUB #1 - Cpanel PHP Restriction Bypass Vulnerability 0day | 1675 | php | Abysssec |
| 2010-09-01 |
|
|
|
dompdf 0.6.0 beta1 Remote File Inclusion Vulnerability | 667 | php | Andre_Corleone |
| 2010-08-31 |
|
|
|
mBlogger v1.0.04 (viewpost.php) SQL Injection Exploit | 730 | php | Ptrace Security |
DoS/PoC
| Date | D | A | V | Description | Plat. | Author | |
|---|---|---|---|---|---|---|---|
| 2010-09-02 |
|
- |
|
MOAUB #2 - Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability | 722 | windows | Abysssec |
| 2010-09-01 |
|
- |
|
Novell Netware v6.5 OpenSSH Remote Stack Overflow | 395 | novell | Francis Provenche. |
| 2010-09-01 |
|
|
|
Autodesk MapGuide Viewer ActiveX Denial of Service Vulnerability | 230 | windows | d3b4g |
| 2010-09-01 |
|
- |
|
Leadtools ActiveX Common Dialogs 16.5 Multiple Remote Vulnerabilities | 268 | windows | LiquidWorm |
| 2010-08-30 |
|
- |
|
Apple QuickTime "_Marshaled_pUnk" Backdoor Param Client-Side Arbitrary Code Execution | 832 | windows | Ruben Santamarta |
| 2010-08-30 |
|
|
|
Mereo v1.9.2 Remote HTTP Server Denial Of Service Vulnerability | 424 | windows | CwG GeNiuS |
| 2010-08-29 |
|
|
|
SnackAmp 3.1.2 Malicious WAV Buffer Overflow Vulnerability (POC) | 364 | windows | James Fitts |
Shellcode
| Date | D | Description | Plat. | Author | |
|---|---|---|---|---|---|
| 2010-09-02 |
|
Shellcode Checksum Routine | 302 | win32 | dijital1 |
| 2010-08-25 |
|
bds/x86-bindshell on port 2525 shellcode 167 bytes | 790 | bsd | beosroot |
| 2010-08-20 |
|
Windows XP SP3 English MessageBoxA Shellcode - 87 bytes | 2227 | windows | Glafkos Charalamb. |
| 2010-08-19 |
|
Linux x86 /bin/sh Null-Free Polymorphic Shellcode - 46 bytes | 868 | lin/x86 | Aodrulez |
| 2010-07-11 |
|
Linux x86 netcat connect back port 8080 - 76 bytes | 4266 | lin/x86 | Blake |
| 2010-07-11 |
|
Linux x86 netcat bindshell port 8080 - 75 bytes | 1967 | linux | Blake |
| 2010-07-09 |
|
Linux/x86-64 - execve("/sbin/iptables", ["/sbin/iptables", "-F"], NULL) - 49 bytes | 1396 | linux | 10n1z3d |