Thursday, October 14, 2010

The Exploit Database

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.

Remote Exploits


Oracle Virtual Server Agent Command Injection

Oracle Java 6 OBJECT tag "launchjnlp"/"docbase" Param Buffer Overflow Exploit

Disk Pulse Server v2.2.34 Remote Buffer Overflow Exploit

AoA Audio Extractor v2.x ActiveX ROP exploit

Sync Breeze Server v2.2.30 Remote Buffer Overflow Exploit

ASP.NET Padding Oracle Vulnerability (MS10-070)

FileApp < 2.0 for iPhone, iPad and iPod Touch Directory Traversal Vulnerability


Local Exploits

Oracle Solaris CVE-2010-3503 'su' Local Solaris Vulnerability

SnackAmp 3.1.3B Malicious SMP Buffer Overflow Vulnerability (SEH - DEP BYPASS)

FreeBSD 'pseudofs' NULL Pointer Dereference Local Privilege Escalation Vulnerability

AudioTran 1.4.2.4 SafeSEH+SEHOP Exploit 

Quick Player 1.3 Unicode SEH Exploit

XFS Deleted Inode Local Information Disclosure Vulnerability

Linux Kernel < 2.6.36-rc6 pktcdvd Kernel Memory Disclosure

 

Web Applications

Data/File upload and management Arbitrary File Upload Vulnerability

Exponent CMS v0.97 Multiple Vulnerabilities

Collabtive v0.65 Multiple Vulnerabilities 

WikiWebHelp v0.3.3 Cross-Site Request Forgery Vulnerability 

AdaptCMS 2.0.1 Beta Release Remote File Inclusion Vulnerability (msf) 

BaconMap v1.0 Local File Disclosure Vulnerability 

BaconMap v1.0 SQL Injection Vulnerability


DoS/PoC

Ease Jukebox v1.30 Denial of Service Vulnerability 

Multiple Buffer Overflows in Winamp v5.5.8.2985

Oracle Java APPLET Tag Children Property Memory Corruption 

Firefox 3.5.10 & 3.6.6 WMP Memory Corruption Using Popups

FoxPlayer 2.3.0 (.m3u) Buffer Overflow Vulnerability

Multiple Vendors libc/glob(3) Resource Exhaustion (+0day remote ftpd-anon)

HP Data Protector Media Operations NULL Pointer Dereference Remote DoS

 

Shellcode

win32/xp pro sp3 (EN) 32-bit - add new local administrator 113 bytes 

generic win32 - add new local administrator 326 bytes 

Windows Mobile 6.5 TR Phone Call Shellcode 

Windows Mobile 6.5 TR (WinCE 5.2) MessageBox Shellcode (ARM)

win32/xp sp3 (Tr) Add Admin Account Shellcode 127 bytes 

Linux/ARM - execve("/bin/sh", [0], [0 vars]) - 27 bytes 

Shellcode Checksum Routine


Papers

[Portuguese] Desenvolvendo um scanner para Joomla Password Change Admin 

[Portuguese] Criando Scanner para Detectar FTPs vulneráveis ao Metasploit 

[Portuguese] Desenvolvendo um Scanner de SQL Injection 

[Hebrew] Digital Whisper Security Magazine #13

[Arabic] Intro to Metasploit

Smashing the stack in 2010  

Hexinject introduction guide 

more @ http://www.exploit-db.com/

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)