blackangels

14 exploits Active since Apr 2000
CVE-2001-0500 EXPLOITDB perl WORKING POC
Microsoft Index Server < 6.0 - Buffer Overflow
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
CVE-2000-1054 EXPLOITDB perl WORKING POC
CiscoSecure ACS Server <2.4.2 - Buffer Overflow
Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet.
CVE-2001-0669 EXPLOITDB perl WORKING POC
IDS - Evade Detection
Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL.
CVE-2000-0945 EXPLOITDB perl WORKING POC
Catalyst 3500 XL - RCE
The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory.
EIP-2026-101191 EXPLOITDB perl WORKING POC
Cisco - Cisco Global er Tool
CVE-2002-1222 EXPLOITDB perl WORKING POC
Cisco Catalyst <7.3 - Buffer Overflow
Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request.
CVE-2000-0380 EXPLOITDB perl WORKING POC
Cisco Ios - Improper Input Validation
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.
CVE-2001-0537 EXPLOITDB perl WORKING POC
Cisco Ios - Authentication Bypass
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.
CVE-2002-0886 EXPLOITDB perl WORKING POC
Cisco Cbos - Denial of Service
Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory.
CVE-2001-0080 EXPLOITDB perl WORKING POC
Cisco Catalyst 4000 - Denial of Service
Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error.
CVE-2001-1097 EXPLOITDB perl WORKING POC
Cisco - DoS
Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets.
CVE-2004-0244 EXPLOITDB perl WORKING POC
Cisco Ios - Improper Input Validation
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet.
CVE-2001-0041 EXPLOITDB perl WORKING POC
Cisco Catalyst - DoS
Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts.
CVE-2003-0511 EXPLOITDB perl WORKING POC
Cisco Aironet AP1x00 - DoS
The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL.