收集的几个存在漏洞的程序
存在漏洞的一些小软件,适合测试和演示用。
附上漏洞小软件和msf利用模块。这些漏洞都在winXPsp3上面测试通过的。
1、Adobe Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow
CVE-2011-2140
漏洞模块:exploit/windows/browser/adobe_flash_sps
漏洞文件名称:install_flash_player_ax.exe (flash 10.3.185以下版本理论都存在漏洞)
2、Windows Media Player (WMP) Remote Code Execution
CVE2012-0003,MS12-004
漏洞模块:exploit/windows/browser/ms12_004_midi
漏洞影响:vista、XP、win7、winServ 2008
3、CCMPlayer1.5 Buffer Overflow Vulnerability
漏洞模块:exploit/windows/fileformat/ccmplayer_m3u_bof
漏洞文件名称:CCMPlay.exe
4、Free MP3 CD Ripper 1.1 WAV File Stack Buffer Overflow
漏洞模块:exploit/windows/fileformat/free_mp3_ripper_wav
漏洞文件名称:FMCRSetup.exe
漏洞影响:暂测windows XP sp3
5、NJStar Communicator 3.00 MiniSMTP Buffer Overflow
漏洞模块:exploit/windows/smtp/njstar_smtp_bof
漏洞文件名称:njstar-300.exe
漏洞影响:WinXP SP2/SP3 WinServ2003 sp0/sp1/sp2
6、Kolibri HTTP Server HEAD Buffer Overflow
漏洞模块:exploit/windows/http/kolibri_http
漏洞文件名称:Kolibri-2.0-win.zip
漏洞影响:winXP sp3,winServ2003 sp2
7、TugZip 3.5 Zip File Parsing Buffer Overflow Vulnerability
漏洞模块:exploit/windows/fileformat/tugzip
漏洞文件名称:tugzip35.exe
漏洞影响:安装的win系统都影响
8、GoldenFTP PASS Stack Buffer Overflow
漏洞模块:exploit/windows/ftp/goldenftp_pass_bof
漏洞文件名称:golden-ftp-server-v4-70.rar
漏洞影响:winXP Pro sp0/sp1/sp2/sp3
9、Wireshark packet-dect.c Stack Buffer Overflow
漏洞模块:exploit/windows/misc/wireshark_packet_dect
漏洞文件名称:wireshark-win32-1.3.5.exe
漏洞影响:Windows平台,wireshark<1.4.4版本
10、MS11-003 Microsoft Internet Explorer CSS Recursive Import Use After Free
漏洞模块:exploit/windows/browser/ms11_003_ie_css_import
漏洞影响:windows平台,IE6、7、8ß
暂时就先这么多吧,等以后发现新的,再整理。
本文发于:安全大可文章转载请注明出处:http://im404.cnblogs.com
相关事宜请联系:im404@qq.com