header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

McAfee ePolicy Orchestrator / ProtectionPilot Overflow

This is an exploit for the McAfee HTTP Server (NAISERV.exe). McAfee ePolicy Orchestrator 2.5.1 <= 3.5.0 and ProtectionPilot 1.1.0 are known to be vulnerable. By sending a large 'Source' header, the stack can be overwritten. This module is based on the exploit by xbxice and muts. Due to size constraints, this module uses the Egghunter technique.

Apache Win32 Chunked Encoding

This module exploits the chunked transfer integer wrap vulnerability in Apache version 1.2.x to 1.3.24. This particular module has been tested with all versions of the official Win32 build between 1.3.9 and 1.3.24. Additionally, it should work against most co-branded and bundled versions of Apache (Oracle 8i, 9i, IBM HTTPD, etc). You will need to use the Check() functionality to determine the exact target version prior to launching the exploit. The version of Apache bundled with Oracle 8.1.7 will not automatically restart, so if you use the wrong target value, the server will crash.

MailEnable Authorization Header Buffer Overflow

This module exploits a remote buffer overflow in the MailEnable web service. The vulnerability is triggered when a large value is placed into the Authorization header of the web request. MailEnable Enterprise Edition versions prior to 1.0.5 and MailEnable Professional versions prior to 1.55 are affected.

HP OpenView Network Node Manager Snmp.exe CGI Buffer Overflow

This module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.50. By sending a specially crafted CGI request to Snmp.exe, an attacker may be able to execute arbitrary code.

Multiple Cross-Site Scripting Vulnerabilities in SAP Web Application Server

The SAP Web Application Server is prone to multiple cross-site scripting vulnerabilities. These vulnerabilities exist due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities by injecting arbitrary script code into the affected site, potentially leading to the execution of malicious scripts in the context of unsuspecting users' browsers. This can enable the theft of authentication credentials and other attacks.

SAP Web Application Server Multiple Cross-Site Scripting Vulnerabilities

The SAP Web Application Server is prone to multiple cross-site scripting vulnerabilities. These issues occur due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user within the affected site's context. This can lead to the theft of cookie-based authentication credentials and other attacks.

Recent Exploits: