VARIoT IoT exploits database
| VAR-E-200906-0699 | No CVE | SAP AG SAPgui 'sapirrfc.dll' ActiveX Control Buffer Overflow Vulnerability | No EDB ID |
SAP AG SAPgui is prone to a remote buffer-overflow vulnerability.
Attackers can exploit this issue to execute arbitrary code within the context of an application that uses the ActiveX control (typically Internet Explorer). Failed exploit attempts will result in a denial-of-service condition.
SAPgui 6.4 is vulnerable; other versions may also be affected.
| VAR-E-200905-0272 | No CVE | SonicWALL SSL-VPN - 'cgi-bin/welcome/VirtualOffice' Remote Format String - Hardware remote Exploit | EDB ID: 33016 |
SonicWALL SSL-VPN - 'cgi-bin/welcome/VirtualOffice' Remote Format String.. remote exploit for Hardware platform
| VAR-E-200905-0101 |
CVE-2009-1729 |
Sun Java System Communications Express 6.3 - 'UWCMain' Cross-Site Scripting - Java webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-200905-0302 | EDB ID: 32864 |
Sun Java System Communications Express 6.3 - 'UWCMain' Cross-Site Scripting. CVE-2009-1729CVE-54609 . webapps exploit for Java platform
| VAR-E-200905-0102 |
CVE-2009-1729 |
Sun Java System Communications Express 6.3 - 'search.xml' Cross-Site Scripting - Java webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-200905-0302 | EDB ID: 32863 |
Sun Java System Communications Express 6.3 - 'search.xml' Cross-Site Scripting. CVE-2009-1729CVE-54610 . webapps exploit for Java platform
| VAR-E-200905-0934 | No CVE | Linksys WAG54G2 Web Management Console Remote Arbitrary Shell Command Injection Vulnerability | No EDB ID |
Linksys WAG54G2 router is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data.
Remote attackers can exploit this issue to execute arbitrary shell commands with superuser privileges. This may facilitate a complete compromise of the affected device.
Linksys WAG54G2 with firmware V1.00.10 is affected; other versions may also be vulnerable.
UPDATE (May 29, 2009): The reporter indicates that this issue may not be remotely exploitable if the administrator credentials have been changed from the default values.
| VAR-E-200905-0328 |
CVE-2009-0714 |
HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Denial of Service - Windows dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-200905-0210 | EDB ID: 9006 |
HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Denial of Service. CVE-2009-0714CVE-54509 . dos exploit for Windows platform
| VAR-E-200905-0329 |
CVE-2009-0714 |
HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Denial of Service (Metasploit) - Windows dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-200905-0210 | EDB ID: 9007 |
HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Denial of Service (Metasploit). CVE-2009-0714 . dos exploit for Windows platform
| VAR-E-200904-0119 | No CVE | Trend Micro OfficeScan Client - DOS | No EDB ID |
| VAR-E-200904-0668 | No CVE | Linksys WRT54GC - Admin Password Change | No EDB ID |
| VAR-E-200904-0252 | No CVE | Pragyan CMS Multiple SQL Injection Vulnerabilities | No EDB ID |
Pragyan CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Pragyan CMS 2.6.4 is vulnerable; other versions may also be affected.
| VAR-E-200904-0796 |
CVE-2009-1632 CVE-2009-1574 |
IPsec-Tools < 0.7.2 - Multiple Remote Denial of Service Vulnerabilities
Related entries in the VARIoT vulnerabilities database: VAR-200905-0155, VAR-200905-0196 | EDB ID: 10014 |
| VAR-E-200904-0795 |
CVE-2009-1574 CVE-2009-1632 |
IPsec-Tools < 0.7.2 (racoon frag-isakmp) - Multiple Remote Denial of Service Vulnerabilities (PoC) - Multiple dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-200905-0155, VAR-200905-0196 | EDB ID: 8669 |
IPsec-Tools < 0.7.2 (racoon frag-isakmp) - Multiple Remote Denial of Service Vulnerabilities (PoC). CVE-2009-1574CVE-54286 . dos exploit for Multiple platform
| VAR-E-200904-0806 | No CVE | Trend Micro OfficeScan Client Denial Of Service | No EDB ID |
Trend Micro OfficeScan Client for Windows 8.0 SP1 suffers from a denial of service vulnerability. Proof of concept is in the zip file.
| VAR-E-200904-0672 |
CVE-2009-1435 | Trend Micro OfficeScan 8.0 Client - Denial of Service - Windows dos Exploit | EDB ID: 32939 |
Trend Micro OfficeScan 8.0 Client - Denial of Service. CVE-2009-1435CVE-53890 . dos exploit for Windows platform
| VAR-E-200904-0719 | No CVE | Linksys WRT54GC Password Changer | No EDB ID |
Linksys WRT54GC administration password changing exploit.
| VAR-E-200904-0438 |
CVE-2009-1561 |
Linksys WRT54GC 1.5.7 Firmware - 'administration.cgi' Access Validation - Hardware remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-200905-0193 | EDB ID: 32931 |
Linksys WRT54GC 1.5.7 Firmware - 'administration.cgi' Access Validation. CVE-2009-1561CVE-54092 . remote exploit for Hardware platform
| VAR-E-200904-0440 | No CVE | MiniWeb 0.8.19 - Remote Buffer Overflow - Windows remote Exploit | EDB ID: 32923 |
MiniWeb 0.8.19 - Remote Buffer Overflow.. remote exploit for Windows platform
| VAR-E-200904-0472 |
CVE-2008-4830 |
EnjoySAP SAP GUI - ActiveX Control Arbitrary File Download (Metasploit) - Windows remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-200904-0224 | EDB ID: 16493 |
EnjoySAP SAP GUI - ActiveX Control Arbitrary File Download (Metasploit). CVE-2008-4830CVE-53680 . remote exploit for Windows platform
| VAR-E-200904-0197 |
CVE-2009-0981 CVE-2009-0991 CVE-2009-0992 CVE-2009-0973 CVE-2009-1016 CVE-2009-1011 CVE-2009-0994 CVE-2009-1000 CVE-2009-1017 CVE-2009-0997 CVE-2009-1005 CVE-2009-0999 CVE-2009-0993 CVE-2009-1013 CVE-2009-0975 CVE-2009-0989 CVE-2009-1006 CVE-2009-0984 CVE-2009-0986 CVE-2009-0190 CVE-2009-0977 CVE-2009-0995 CVE-2009-0980 CVE-2009-1010 CVE-2009-1012 CVE-2009-0998 CVE-2009-0978 CVE-2009-1003 CVE-2009-0976 CVE-2009-0988 CVE-2009-0974 CVE-2009-1002 CVE-2009-0979 CVE-2009-1004 CVE-2009-1008 CVE-2009-0972 CVE-2009-0982 CVE-2009-0996 CVE-2009-1014 CVE-2009-0189 CVE-2009-1009 CVE-2009-1001 CVE-2009-0990 CVE-2009-0983 CVE-2009-0985 |
Oracle APEX 3.2 - Unprivileged DB users can see APEX Password hashes - Multiple local Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201102-0003, VAR-200904-0435, VAR-200904-0436, VAR-200904-0432, VAR-200904-0434, VAR-200904-0427, VAR-200904-0425, VAR-200904-0426, VAR-200904-0423, VAR-200904-0422, VAR-200904-0433, VAR-200904-0428, VAR-200904-0421, VAR-200904-0419, VAR-200904-0420, VAR-200904-0417, VAR-200904-0416, VAR-200904-0418, VAR-200904-0415, VAR-200904-0430, VAR-200904-0431, VAR-200904-0277, VAR-200904-0276, VAR-200904-0278, VAR-200904-0275, VAR-200904-0274, VAR-200904-0272, VAR-200904-0271, VAR-200904-0270, VAR-200904-0269, VAR-200904-0267, VAR-200904-0266, VAR-200904-0273, VAR-200904-0268, VAR-200904-0429, VAR-200904-0262, VAR-200904-0261, VAR-200904-0265, VAR-200904-0260, VAR-200904-0263, VAR-200904-0259, VAR-200904-0264, VAR-200904-0258, VAR-201102-0002, VAR-200904-0424 | EDB ID: 8456 |
Oracle APEX 3.2 - Unprivileged DB users can see APEX Password hashes. CVE-53738CVE-2009-0981 . local exploit for Multiple platform
| VAR-E-200904-0196 |
CVE-2009-0991 CVE-2009-0981 CVE-2009-0992 CVE-2009-0973 CVE-2009-1016 CVE-2009-1011 CVE-2009-0994 CVE-2009-1000 CVE-2009-1017 CVE-2009-0997 CVE-2009-1005 CVE-2009-0999 CVE-2009-0993 CVE-2009-1013 CVE-2009-0975 CVE-2009-0989 CVE-2009-1006 CVE-2009-0984 CVE-2009-0986 CVE-2009-0190 CVE-2009-0977 CVE-2009-0995 CVE-2009-0980 CVE-2009-1010 CVE-2009-1012 CVE-2009-0998 CVE-2009-0978 CVE-2009-1003 CVE-2009-0976 CVE-2009-0988 CVE-2009-0974 CVE-2009-1002 CVE-2009-0979 CVE-2009-1004 CVE-2009-1008 CVE-2009-0972 CVE-2009-0982 CVE-2009-0996 CVE-2009-1014 CVE-2009-0189 CVE-2009-1009 CVE-2009-1001 CVE-2009-0990 CVE-2009-0983 CVE-2009-0985 |
Oracle RDBms 10.2.0.3/11.1.0.6 - TNS Listener (PoC) - Windows dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201102-0003, VAR-200904-0435, VAR-200904-0436, VAR-200904-0432, VAR-200904-0434, VAR-200904-0427, VAR-200904-0425, VAR-200904-0426, VAR-200904-0423, VAR-200904-0422, VAR-200904-0433, VAR-200904-0428, VAR-200904-0421, VAR-200904-0419, VAR-200904-0420, VAR-200904-0417, VAR-200904-0416, VAR-200904-0418, VAR-200904-0415, VAR-200904-0430, VAR-200904-0431, VAR-200904-0277, VAR-200904-0276, VAR-200904-0278, VAR-200904-0275, VAR-200904-0274, VAR-200904-0272, VAR-200904-0271, VAR-200904-0270, VAR-200904-0269, VAR-200904-0267, VAR-200904-0266, VAR-200904-0273, VAR-200904-0268, VAR-200904-0429, VAR-200904-0262, VAR-200904-0261, VAR-200904-0265, VAR-200904-0260, VAR-200904-0263, VAR-200904-0259, VAR-200904-0264, VAR-200904-0258, VAR-201102-0002, VAR-200904-0424 | EDB ID: 8507 |
Oracle RDBms 10.2.0.3/11.1.0.6 - TNS Listener (PoC). CVE-53737CVE-2009-0991 . dos exploit for Windows platform