Section: .. / 0402-exploits /

Page 2 of 3
<< 1 2 3 >> Files 25 - 50 of 54

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	PalmOShttpd.txt
Description:	A bug exists in the PalmOS httpd that causes a crash with a "Fatal Error". Full exploit included.
Author:	Shaun Colley
File Size:	5395
Last Modified:	Feb 9 01:45:00 2004
MD5 Checksum:	d4107b9c6ccb49a41047c8f89123d551

/// File Name:	phpMyAdmin255pl1.txt
Description:	phpMyAdmin versions 2.5.5-pl1 and below do not properly sanitize variables resulting in them being susceptible to a directory traversal attack.
Author:	Cedric Cochin
Homepage:	http://www.netvigilance.com
File Size:	2272
Last Modified:	Feb 3 20:29:00 2004
MD5 Checksum:	af953ad97ace8eb48e2efad2179553f6

/// File Name:	phpscripts.txt
Description:	PHPscripts suffer from a file include vulnerability.
Homepage:	http://www.security-challenge.com
File Size:	1057
Last Modified:	Feb 3 21:03:00 2004
MD5 Checksum:	34beafa7048ce446de18ca81905b3be0

/// File Name:	PSOProxy-exp.c
Description:	Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91.
Author:	Li0n7
Related File:	PSOProxy091.txt
File Size:	9393
Last Modified:	Feb 21 22:28:00 2004
MD5 Checksum:	e53c88be294dc587edb95c99e12d1794

/// File Name:	psoproxy-exploit.c
Description:	Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91. This version support the following operating systems: Windows XP Home Edtion SP1, Windows XP Pro Edtion SP1, Win2k Pro Edtion.
Author:	rave
Homepage:	http://www.rosiello.org/
Related File:	PSOProxy091.txt
File Size:	7462
Last Modified:	Feb 25 19:34:00 2004
MD5 Checksum:	4320054933d5ea571c771b6234c91d9f

/// File Name:	PSOProxy.c
Description:	Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91.
Author:	kralor
Homepage:	http://www.coromputer.net
Related File:	PSOProxy091.txt
File Size:	5172
Last Modified:	Feb 20 20:03:00 2004
MD5 Checksum:	c85dc711e0b38c316b08320377cb861d

/// File Name:	robotFTP.txt
Description:	Robot FTP server versions 1.0 and 2.0 beta 1 have a buffer overflow vulnerability when taking in a username.
Author:	gsicht
File Size:	3030
Last Modified:	Feb 16 15:02:00 2004
MD5 Checksum:	8d64a89b5d2e27186f5df05a895fa79a

/// File Name:	rsync_local.c
Description:	Local exploit for rsync 2.5.7 and below. Note: This exploit only escalates privileges if rsync is setuid, which it is not by default.
Author:	abhisek
File Size:	4732
Last Modified:	Feb 17 12:12:00 2004
MD5 Checksum:	2ca496c30d884f9a8056a7c610d79704

/// File Name:	SCSA027.txt
Description:	Security Corporation Security Advisory [SCSA-027]: PHP-Nuke versions 6.9 and below are vulnerable to multiple SQL injection attacks.
Author:	Germain Randaxhe aka frog-man
Homepage:	http://www.phpsecure.info
File Size:	23461
Last Modified:	Feb 1 20:18:00 2004
MD5 Checksum:	9ff89c232b48b567a2f69407dca3fe86

/// File Name:	serv-u-mdtm-expl.c
Description:	Remote denial of service exploit that makes use of a command buffer overrun in Serv-U MDTM versions 5.0.0.4 and below.
Author:	shaun2k2
Related File:	servU.MDTM.txt
File Size:	4075
Last Modified:	Feb 26 21:01:00 2004
MD5 Checksum:	0c41ebf259b8390d059a70d948948051

/// File Name:	Servu2.c
Description:	Serv-U FTPD 2.x/3.x/4.x/5.x MDTM remote command buffer overflow exploit. Tested against Windows 2000 and XP en/cn.
Author:	lion
Homepage:	http://www.cnhonker.com
File Size:	21756
Last Modified:	Mar 5 00:01:29 2004
MD5 Checksum:	165ec4a880bb84cadb7b7e5c666a355e

/// File Name:	smbmountDoS.txt
Description:	smbmount can cause a denial of service attack on Microsoft Windows. The attack induces a memory shortage on the Windows system by creating directories in a special way.
Author:	Steve Ladjabi, Daniel Kabs
File Size:	3611
Last Modified:	Feb 3 06:34:00 2004
MD5 Checksum:	9c5738f91362668cea9815d47dcdc194

/// File Name:	sp-advisory-x10.txt
Description:	A specifically crafted HTTP GET request which contains over 4096 bytes of data will cause the KarjaSoft Sami HTTP server to crash. Versions affected: 1.0.4, possibly earlier versions as well.
Author:	badpack3t
Homepage:	http://www.security-protocols.com/
File Size:	7104
Last Modified:	Feb 17 10:41:00 2004
MD5 Checksum:	24ad3e59488c6e1c7b36852ccc7160d5

/// File Name:	The_First_Cut_Is_The_Deepest.txt
Description:	PHPNuke versions 6.x and greater remote php-based exploit that extracts the administrator hash using a SQL injection attack.
Author:	pokleyzz
File Size:	3326
Last Modified:	Feb 10 18:44:00 2004
MD5 Checksum:	d62a34fdab965abc3bc27b9267c19f23

/// File Name:	trackmania.c
Description:	The TrackMania game server that listens on TCP port 2350 can be crashed when garbage data is sent resulting in a denial of service.
Author:	Scrap
Homepage:	http://www.securiteinfo.com/attaques/hacking/trackmaniados.shtml
File Size:	1931
Last Modified:	Feb 9 20:50:00 2004
MD5 Checksum:	32e8ae18945f7de6328e2ed67e2921d6

/// File Name:	vserver_chroot.txt
Description:	Local exploit that breaks out of a vserver, even if it is secured with chmod 000 /vservers. Modified version of the chroot-again exploit. Tested with linux 2.4.24 and vserver 1.24. Fixed in release 1.25.
Author:	Markus M�ller
File Size:	1248
Last Modified:	Feb 6 01:12:00 2004
MD5 Checksum:	3530f2c36b671a09984f6ce206a590aa

/// File Name:	waraxe-2004-SA004.txt
Description:	Extreme Messageboard aka XMB version 1.8 Partagium Final SP2 is vulnerable to multiple SQL injection and cross site scripting attacks.
Author:	Janek Vind aka waraxe
File Size:	5807
Last Modified:	Feb 24 03:04:00 2004
MD5 Checksum:	5381c5e782a35b2bee530ecab38cd3d0

/// File Name:	webxdos.txt
Description:	Web Crossing versions 4.x and 5.x have a denial of service vulnerability. When an HTTP POST request is made to the built-in server, if the 'Content-Length' header supplied with the request is an extremely large or negative number, the server will encounter a set of instructions which lead to an integer-divide-by-zero problem, immediately crashing the server and denying any further service.
Author:	Peter Winter-Smith
Homepage:	http://www.elitehaven.net/webxdos.txt
File Size:	3787
Last Modified:	Feb 4 00:35:00 2004
MD5 Checksum:	3a89a2b8bd018e1a6cac5560739325b1

/// File Name:	X11.fontalias.c
Description:	Local root exploit for the XFree86 font.alias vulnerability discussed in the advisory here. Tested on various versions of RedHat Linux.
Author:	Bender
File Size:	2607
Last Modified:	Feb 11 20:09:00 2004
MD5 Checksum:	1297f29ea0b01d3d2104738c5cd0af7b

/// File Name:	xcart343.txt
Description:	X-Cart version 3.4.3 fails to sanitize various input variables leaving itself open to directory traversal and remote command execution attacks.
Author:	Philip
File Size:	1069
Last Modified:	Feb 3 18:19:00 2004
MD5 Checksum:	ba33c6d401a269fae6cfa6d329bb1726

/// File Name:	xp_wftpd.zip
Description:	Exploit for WFTPD server versions 3.1 through 3.21 and Pro server versions 3.2x that makes use of a stack based buffer overflow.
Author:	axl
Related File:	wftpdBO.txt
File Size:	4659
Last Modified:	Feb 29 03:27:00 2004
MD5 Checksum:	bc94e7e71e7b442584f9675f5e32d3db

/// File Name:	xploit_dbg.cpp.txt
Description:	Exploit that tests for several vulnerabilities in one of Windows XP kernel's native API functions.
Author:	randnut
Related File:	XPkern.txt
File Size:	21345
Last Modified:	Feb 19 05:53:00 2004
MD5 Checksum:	079419668499d82b300edc4f4676390a

/// File Name:	ZH2004-03SA.txt
Description:	Photopost PHP Pro versions 4.6 and below suffer from a SQL injection vulnerability due to a lack of variable sanitization with the photo variable.
Author:	G00db0y
Homepage:	http://www.zone-h.org/en/advisories/read/id=3844/
File Size:	1716
Last Modified:	Feb 3 02:09:00 2004
MD5 Checksum:	00d5f0cd35641866af74bde03d9615fd

/// File Name:	ZH2004-04SA.txt
Description:	Multiple SQL Injection vulnerabilities live in ReviewPost PHP Pro due to insufficient sanitization of user-supplied data.
Author:	G00db0y
Homepage:	http://www.zone-h.org
File Size:	1591
Last Modified:	Feb 4 17:33:00 2004
MD5 Checksum:	43b9ac1af0b8f4aff0c261d3335e2233

/// File Name:	ZH2004-05SA.txt
Description:	BosDates lacks sufficient sanitization of user-supplied data. Inadvertantly, it allows a remote attacker to influence SQL query logic to disclose sensitive information that can be used to gain unauthorized access.
Author:	G00db0y
Homepage:	http://www.zone-h.org/
File Size:	1397
Last Modified:	Feb 11 16:50:00 2004
MD5 Checksum:	5ab76710a75ee4dfac8d76cb3960fd59