Section: .. / 0309-exploits /

Page 2 of 2
<< 1 2 >> Files 25 - 47 of 47

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	easyfile.txt
Description:	Easy File Sharing Web Server 1.2 is vulnerable to directory traversal bugs, cross site scripting, HTML injection, and password snatching due to them being left in the clear.
Author:	Dr_insane
Homepage:	Http://members.lycos.co.uk/r34ct/
File Size:	3960
Last Modified:	Sep 16 20:52:52 2003
MD5 Checksum:	10386b500c650364176e96a1890fc114

/// File Name:	gyan_pine.c
Description:	Remote Pine exploit for versions 4.56 and below. Makes use of a vulnerability discussed here. Binds a shell to port 10000. Tested against RedHat Linux 7.0.
Author:	Gyan Chawdhary
File Size:	3944
Last Modified:	Sep 18 23:09:48 2003
MD5 Checksum:	2b5be512d212c9827dc8c6867ec28473

/// File Name:	chat-Xploit.c
Description:	Proof of concept exploit for /usr/sbin/chat on RedHat Linux 7.3. Note: chat is not setuid by default on most installations.
Author:	polygrithm
File Size:	3697
Last Modified:	Sep 25 04:45:03 2003
MD5 Checksum:	824304839459bd776fac887b83886e13

/// File Name:	guppy.txt
Description:	GuppY versions 2.4p1 and below are susceptible to cross site scripting attacks.
Homepage:	http://www.echu.org
File Size:	3207
Last Modified:	Sep 30 00:47:06 2003
MD5 Checksum:	d9b975da70fae430922d7527eeb5c876

/// File Name:	minihttp.txt
Description:	Minihttpserver 1.x Host Engine is susceptible to a directory traversal attack and has a login parsing flaw that allows a remote attacker to gain administrative privileges.
Author:	Peter Winter-Smith
File Size:	3162
Last Modified:	Sep 16 20:57:25 2003
MD5 Checksum:	52c72989566b10fad57a9d48c623658b

/// File Name:	leak-sploit.c
Description:	Stunnel v3.25 and below exploit which makes use of the file descriptor leak discussed in this Conectiva Security Advisory. Allows local attackers to hijack the stunnel server.
File Size:	3100
Related CVE(s):	CAN-2002-1563, CAN-2003-0740
Last Modified:	Sep 9 05:47:54 2003
MD5 Checksum:	a2b33220a6e0cb0535781760d121f2ce

/// File Name:	myPHPNuke.txt
Description:	myPHPNuke version 1.8.8_7 performs improper variable sanitizing that will inadvertently allow a remote attacker to upload files from another site to the current site.
Author:	Frog Man
Homepage:	http://www.phpsecure.info
File Size:	2845
Last Modified:	Sep 13 08:25:35 2003
MD5 Checksum:	82ce1f957a210e93e078256ee2002d53

/// File Name:	lansuite2003.txt
Description:	602PRO LanSuite 2003 for Windows is vulnerable to sensitive information disclosure, logs freely being accessible to any remote attacker, the ability to read any file on the server, and directory traversal attacks.
Author:	Phuong Nguyen
File Size:	2777
Last Modified:	Sep 25 04:13:56 2003
MD5 Checksum:	3f7b94da5c8b74ee04a3d3dcc11918d5

/// File Name:	BRSwebweaver.txt
Description:	WebWeaver version 1.06 and below allows for anonymous surfing of the server if the Host field is set excessively long. It is also susceptible to various denial of services attacks.
Author:	euronymous
File Size:	2421
Last Modified:	Sep 25 04:27:51 2003
MD5 Checksum:	7ab029ca9b5cfba5799d80bcd08c6871

/// File Name:	IBM-DB2-db2licm.c
Description:	Local root exploit for IBM DB2 Universal Database version 7.2 for Linux/s390 which makes use of the db2licm binary that is setuid by default.
Author:	Juan Manuel Pascual Escriba
Homepage:	http://concepcion.upv.es/~pask
Related File:	core.db2.txt
File Size:	2234
Related CVE(s):	CAN-2003-0758, CAN-2003-0759
Last Modified:	Sep 27 01:24:08 2003
MD5 Checksum:	66f6d20f27d150e451308763e3f84b2f

/// File Name:	tellurian.txt
Description:	Tellurian TFTPDNT server version 1.8 for Windows NT and Windows 9x suffers from a buffer overflow that allows remote attackers to execute arbitrary code.
Author:	Storm
Homepage:	http://www.securiteam.com/windowsntfocus/5RP0M1PAUM.html
File Size:	2090
Last Modified:	Sep 4 05:06:02 2003
MD5 Checksum:	59926ee18abe7c877c439b49e109a025

/// File Name:	WebX.txt
Description:	WebX 1.1 and WebX Lite 1.1 web servers are vulnerable to a directory traversal attack that allows a remote attacker to access any files outside of the web root.
Author:	dr_insane
Homepage:	http://members.lycos.co.uk/r34ct/
File Size:	1962
Last Modified:	Sep 10 02:23:36 2003
MD5 Checksum:	156de465b5dc858d41dabb4a2546a5d6

/// File Name:	savant31.txt
Description:	The Savant Web Server version 3.1 for Windows 95, 98, ME, NT, and 2000 is remotely vulnerable to a denial of service condition when various malformed GET requests are passed to the server.
Author:	Phuong Nguyen
File Size:	1836
Last Modified:	Sep 25 04:10:48 2003
MD5 Checksum:	1b6abe30608b8908694266f9448c5acf

/// File Name:	ftgatepro.txt
Description:	Secunia Research Advisory - Two vulnerabilities have been identified in FTGatePro mail server version 1.x that allow malicious users to access sensitive information. One lies in the file ftgatedump.fts allowing an attacker to see the system configuration while another lies in exportmbx.fts that holds all the usernames and passwords for the system.
Author:	Phuong Nguyen
Homepage:	http://www.secunia.com/advisories/
File Size:	1779
Last Modified:	Sep 14 00:33:23 2003
MD5 Checksum:	92c1ea9ed17988649d4fcb386b69df54

/// File Name:	0x333hztty.c
Description:	Local root exploit for hztty 2.0 that makes use of the buffer overflows discovered by Jens Steube.
Author:	c0wboy
Homepage:	http://www.0x333.org
File Size:	1688
Related CVE(s):	CAN-2003-0783TestedonRedHat90
Last Modified:	Sep 21 20:36:57 2003
MD5 Checksum:	1d319b945284869c7bd86d5af02d4d0e

/// File Name:	DSR-cfengine.pl
Description:	Remote exploit for Cfengine versions 2.-2.0.3 that makes use of a stack overflow discussed here. Tested against FreeBSD 4.8-RELEASE. Binds a shell to port 45295.
Author:	kokanin
Homepage:	http://www.dtors.net
File Size:	1679
Last Modified:	Sep 26 15:39:32 2003
MD5 Checksum:	bec7a5ae73b4eb63bb76d5151e18f80b

/// File Name:	smc2404WBR.txt
Description:	Exploit that causes a denial of service against the SMC2404WBR BarricadeT Turbo 11/22 Mbps wireless cable/dsl broadband router by sending random UDP packets to multiple ports.
Author:	_6mO_HaCk
File Size:	1557
Last Modified:	Sep 26 20:46:46 2003
MD5 Checksum:	cd13536a95ff8f037417abe72891e053

/// File Name:	liquidwar-exploit.c
Description:	Liquidwar 5.4.5 local exploit that has been tested on Slackware Linux 9.0.0 and Gentoo Linux 1.4.
Author:	Angelo Rosiello
Homepage:	http://www.rosiello.org
File Size:	1552
Last Modified:	Sep 18 20:16:48 2003
MD5 Checksum:	e19fe2d76a0e5359b37326a9f8ffec8c

/// File Name:	bandwebsite.txt
Description:	Bandsite portal system version 1.5 lacks authentication validation in its admin.php code when an administrator is added, thus allowing a remote attacker to gain administrative privileges.
Author:	Nasser.M.Sh
File Size:	1516
Last Modified:	Sep 13 09:34:11 2003
MD5 Checksum:	f7c0dc27a28dfa690190754c5b69973c

/// File Name:	myserver043.txt
Description:	MyServer 0.4.3 is susceptible to a directory traversal attack that allows access to files and directories outside of the web root.
Author:	Arnaud Jacques aka scrap
Homepage:	http://www.securiteinfo.com
File Size:	1380
Last Modified:	Sep 25 23:05:57 2003
MD5 Checksum:	b0cc267b208678ec8492add73805049f

/// File Name:	pandpdt.txt
Description:	The Plug and Play Web Server version 1.0002c is susceptible to multiple directory traversal attacks allowing a remote attacker to gain access to internal system files.
Author:	Bahaa Naamneh
Homepage:	http://www.bsecurity.tk
File Size:	1258
Last Modified:	Sep 18 23:15:33 2003
MD5 Checksum:	0aa35da7a4f31656a6ae8a61cb6f88ae

/// File Name:	wzftpdos.c
Description:	Remote denial of service exploit for wzdftpd FTP server version 0.1rc5 that sends a single CRLF sequence at login causing an Unhandled exception.
Author:	r3b00t
File Size:	1250
Last Modified:	Nov 4 07:42:37 2003
MD5 Checksum:	e7efd476b7117d05c238ecce4243452e