Nessus 4.0.1 released :: Hack In The Box

Packet Storm Security Latest

· zinfaudioplayer221_pls.rb.txt
This Metasploit module exploits a stack-based buffer overflow in the Zinf Audio Player 2.2.1. An attacker must send the file to victim and the victim must open the file. Alternatively it may be possible to execute code remotely via an embedded PLS file within a browser, when the PLS extension is registered to Zinf. This functionality has not been tested in this module.
· eiqnetworks_esa.rb.txt
This Metasploit module exploits a stack overflow in eIQnetworks Enterprise Security Analyzer. During the processing of long arguments to the LICMGR_ADDLICENSE command, a stack-based buffer overflow occurs. This Metasploit module has only been tested against ESA v2.1.13.
· ms07_064_sami.rb.txt
This Metasploit module exploits a stack overflow in the DirectShow Synchronized Accessible Media Interchanged (SAMI) parser in quartz.dll. This Metasploit module has only been tested with Windows Media Player (6.4.09.1129) and DirectX 8.0.
· realtek_playlist.rb.txt
This Metasploit module exploits a stack overflow in Realtek Media Player(RtlRack) A4.06. When a Realtek Media Player client opens a specially crafted playlist, an attacker may be able to execute arbitrary code.
· mailenable_auth_header.rb.txt
This Metasploit module exploits a remote buffer overflow in the MailEnable web service. The vulnerability is triggered when a large value is placed into the Authorization header of the web request. MailEnable Enterprise Edition versions prior to 1.0.5 and MailEnable Professional versions prior to 1.55 are affected.
· trendmicro_serverprotect_createbinding.rb.txt
This Metasploit module exploits a buffer overflow in Trend Micro ServerProtect 5.58 Build 1060. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code.
· mdaemon_worldclient_form2raw.rb.txt
This Metasploit module exploits a stack overflow in Alt-N MDaemon SMTP server for versions 6.8.5 and earlier. When WorldClient HTTP server is installed (default), a CGI script is provided to accept html FORM based emails and deliver via MDaemon.exe, by writing the CGI output to the Raw Queue. When X-FromCheck is enabled (also default), the temporary form2raw.cgi data is copied by MDaemon.exe and a stack based overflow occurs when an excessively long From field is specified. The RawQueue is processed every 1 minute by default, to a maximum of 60 minutes. Keep this in mind when choosing payloads or setting WfsDelay... You'll need to wait. Furthermore, this exploit uses a direct memory jump into a nopsled (which isn't very reliable). Once the payload is written into the Raw Queue by Form2Raw, MDaemon will continue to crash/execute the payload until the CGI output is manually deleted from the queue in C:\\MDaemon\\RawFiles\\*.raw.
· ms04_007_killbill.rb.txt
This is an exploit for a previously undisclosed vulnerability in the bit string decoding code in the Microsoft ASN.1 library. This vulnerability is not related to the bit string vulnerability described in eEye advisory AD20040210-2. Both vulnerabilities were fixed in the MS04-007 patch. You are only allowed one attempt with this vulnerability. If the payload fails to execute, the LSASS system service will crash and the target system will automatically reboot itself in 60 seconds. If the payload succeeeds, the system will no longer be able to process authentication requests, denying all attempts to login through SMB or at the console. A reboot is required to restore proper functioning of an exploited system. This exploit has been successfully tested with the win32/*/reverse_tcp payloads, however a few problems were encounted when using the equivalent bind payloads. Your mileage may vary.

Topics

· All topics
· AMD News (Nov 13, 2009)
· Apple News (Nov 24, 2009)
· Articles (Mar 03, 2009)
· Ask Us (Feb 01, 2003)
· Audio/Video (Nov 19, 2009)
· Encryption (Nov 17, 2009)
· Games (Nov 13, 2009)
· Hardware (Nov 23, 2009)
· HITB News (Nov 04, 2009)
· Industry News (Nov 24, 2009)
· Intel News (Nov 23, 2009)
· Law and Order (Nov 23, 2009)
· Linux (Oct 30, 2009)
· Microsoft (Nov 20, 2009)
· Networking (Nov 23, 2009)
· PDAs (Feb 09, 2007)
· Privacy (Nov 24, 2009)
· Red Hat (Nov 18, 2009)
· Science (Nov 19, 2009)
· Security (Nov 24, 2009)
· Software & Programming (Nov 24, 2009)
· Spam (Nov 16, 2009)
· Technology (Nov 24, 2009)
· Transmeta (Jul 07, 2007)
· Viruses & Malware (Nov 24, 2009)
· Wireless (Oct 30, 2009)