Section:  .. / 0305-exploits  /

Page 2 of 2
<< 1 2 >> Files 25 - 41 of 41
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: maelst0x00.c.gz
Description:
Local root exploit for the game Maelstrom with is sometimes setuid to root for the purpose of faster frame rates.
Author:r-code
File Size:1289
Last Modified:May 23 11:13:18 2003
MD5 Checksum:bfd34d743e37c8ee7b7f8490438cadb2

 ///  File Name: MaelstromX.c
Description:
Maelstrom local exploit that gives gid of games and makes use of the overflows found in the -player and -server switch.
Author:Knight420
File Size:1834
Last Modified:Jul 9 17:45:34 2003
MD5 Checksum:8b3420c452404597f9baf138d0ce82c3

 ///  File Name: maelx.pl
Description:
Maelstrom local exploit that gives gid of user games which makes use of an overflow in the -player switch.
Author:akcess
File Size:995
Last Modified:May 23 20:11:20 2003
MD5 Checksum:4f7903d9b1f6bc6aca7417e2c825c448

 ///  File Name: ne0.c
Description:
Microsoft IIS versions 5.0 and 5.1 remote denial of service exploit that makes use of the vulnerability recently published by SPI dynamics. Full advisory located here.
Author:Shash
File Size:4859
Last Modified:May 31 05:14:21 2003
MD5 Checksum:d78db11ab87227da9b8cfab3f0c3f213

 ///  File Name: Owl_Intranet_Engine.txt
Description:
Owl v0.71, the multi user document repository, fails to actually authenticate a login name given. If a completely fake login name is passed, an attacker can get in without any valid session id.
Author:Christopher M Downs
Homepage:http://www.angrypacket.com
File Size:3149
Last Modified:May 15 04:20:03 2003
MD5 Checksum:77ea64312fa5085245a0e207ac560633

 ///  File Name: PFExploit.c
Description:
Kerio Personal Firewall <= 2.1.4 and Tiny Personal Firewall <= 2.0.15 remote exploit that makes use of a buffer overflow condition discovered in the PFEngine used for both products.
Author:ThreaT
Homepage:http://s0h.cc/~threat
File Size:5500
Last Modified:May 9 02:50:00 2003
MD5 Checksum:c99e149fa6534d096f0bf1946334d73e

 ///  File Name: Pi3web-DoS.c
Description:
A simple denial of service exists in the Pi3 webserver that allows a remote attacker to crash the daemon by feeding it a GET request with 354+ forward slashes after it.
Author:Angelo Rosiello
Homepage:http://www.rosiello.org
File Size:2287
Last Modified:May 23 09:53:49 2003
MD5 Checksum:e627c9f9fd6b442a7aeffec686744f3a

 ///  File Name: pnews.txt
Description:
P-News versions 1.6 is vulnerable to a privilege escalation attack by allowing a remote attacker to populate strings with the | used for delimiting data stored about the account.
Author:Peter Winter-Smith
File Size:1833
Last Modified:May 28 09:15:39 2003
MD5 Checksum:369a8bfaa9af899f10559745c738d09b

 ///  File Name: posterv2.txt
Description:
Poster version.two, the PHP news posting system, suffers from a vulnerability in the index.php file that allows a user to edit their account. Since the user is allowed to change the embedded information in the code, they can achieve privilege escalation to an administrative level.
Author:Peter Winter-Smith
File Size:2603
Last Modified:May 15 04:14:25 2003
MD5 Checksum:914c5f7dce23e127f627fad40eaca90f

 ///  File Name: priv8cdr.pl
Description:
Local root exploit for Cdrecord versions 2.0 and below under Linux. Version 1.10 is not vulnerable.
Author:wsxz
Homepage:http://www.priv8security.com
File Size:3448
Last Modified:May 14 00:19:43 2003
MD5 Checksum:c95424f34a72c67b6e9626c83e17528f

 ///  File Name: priv8gbn.pl
Description:
Remote exploit for a buffer overflow in the Gnome Batalla Naval Game Server version 1.0.4. Gives user id of the account running the game server. Tested against Mandrake 9.0.
Author:wsxz
Homepage:http://Priv8security.com
File Size:2926
Last Modified:May 28 10:13:26 2003
MD5 Checksum:d975b9a72eb72639c21c11ad67d727b2

 ///  File Name: rk.zip
Description:
A vulnerability exists in the TFTP protocol implementation of the Polycom 6100-4 NetEngine 3.4.8 ADSL router that allows a specially crafted packet to cause a denial of service.
Author:Lorenzo Cerulli, Fabio Annunziato
File Size:3148
Last Modified:May 7 23:41:42 2003
MD5 Checksum:5c2fae63a7418ad6e85bbba769f75539

 ///  File Name: shoutbox.txt
Description:
Webfroot Shoutbox v2.32 and below suffers from a directory traversal and code injection vulnerability that allows a remote attacker to view any file on the system and the ability to commit remote command execution.
Author:pokleyzz
Homepage:http://www.scan-associates.net
File Size:5339
Last Modified:May 29 07:18:11 2003
MD5 Checksum:c7ef81a32642aa53a38a48220ff5a153

 ///  File Name: snitz_exec.txt
Description:
Snitz Forums v3.3.3 has an SQL injection vulnerability in its register.asp page with its Email variable. Because register.asp does not check user input, remote users can execute stored procedures, such as xp_cmdshell, to arbitrarily run non-interactive commands on the system.
Author:sharpiemarker
File Size:3240
Last Modified:May 13 03:29:07 2003
MD5 Checksum:e42ffa559af965cebbaf2148bf04a648

 ///  File Name: sunone.txt
Description:
The SunONE application server on Windows 2000 suffers from multiple vulnerabilities. The server allows a remote attacker to view the source code of JSPs, only logs the first 4042 characters of a request URI which allows an attacker to hide their attempts in the last 54 characters, has a cross site scripting issue, and has the username and password to the administrative server kept in clear text in a world readable file.
Author:SPI Labs
Homepage:http://www.spidynamics.com
File Size:5782
Last Modified:May 28 11:42:12 2003
MD5 Checksum:5695d1e0f86bf5009e22b5b2c09ac452

 ///  File Name: unhappycgi.txt
Description:
Happymall E-Commerce software versions 4.3 and 4.4 are vulnerable to remote command execution due to a lack of input validation in the normal_html.cgi script.
Author:revin aldi
File Size:3924
Last Modified:May 9 02:06:22 2003
MD5 Checksum:eea4bf616681ba3ff211c469fb4e6771