Section: .. / 0402-exploits /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 54

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	Servu2.c
Description:	Serv-U FTPD 2.x/3.x/4.x/5.x MDTM remote command buffer overflow exploit. Tested against Windows 2000 and XP en/cn.
Author:	lion
Homepage:	http://www.cnhonker.com
File Size:	21756
Last Modified:	Mar 5 00:01:29 2004
MD5 Checksum:	165ec4a880bb84cadb7b7e5c666a355e

/// File Name:	0402-exploits.tgz
Description:	Packet Storm new exploits for February, 2004.
File Size:	118379
Last Modified:	Mar 4 06:32:17 2004
MD5 Checksum:	5a6ec2112ecac27ef985e10b59d352b6

/// File Name:	xp_wftpd.zip
Description:	Exploit for WFTPD server versions 3.1 through 3.21 and Pro server versions 3.2x that makes use of a stack based buffer overflow.
Author:	axl
Related File:	wftpdBO.txt
File Size:	4659
Last Modified:	Feb 29 03:27:00 2004
MD5 Checksum:	bc94e7e71e7b442584f9675f5e32d3db

/// File Name:	invisionPB.txt
Description:	Invision Power Board is susceptible to a SQL injection vulnerability in its search.php script.
Author:	Knight Commander
Homepage:	http://security.com.vn
File Size:	2548
Last Modified:	Feb 28 20:44:00 2004
MD5 Checksum:	4bf0e8ed50f64846844b14d3696ada14

/// File Name:	ex_servu.c
Description:	Serv-U FTPD 3.x/4.x/5.x MDTM remote command buffer overflow exploit. Tested on Windows 2000 and XP.
Author:	Sam Chen
Homepage:	http://0x557.org
File Size:	18147
Last Modified:	Feb 27 22:56:00 2004
MD5 Checksum:	7903957bc2d05d99715a806c19f459b6

/// File Name:	serv-u-mdtm-expl.c
Description:	Remote denial of service exploit that makes use of a command buffer overrun in Serv-U MDTM versions 5.0.0.4 and below.
Author:	shaun2k2
Related File:	servU.MDTM.txt
File Size:	4075
Last Modified:	Feb 26 21:01:00 2004
MD5 Checksum:	0c41ebf259b8390d059a70d948948051

/// File Name:	psoproxy-exploit.c
Description:	Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91. This version support the following operating systems: Windows XP Home Edtion SP1, Windows XP Pro Edtion SP1, Win2k Pro Edtion.
Author:	rave
Homepage:	http://www.rosiello.org/
Related File:	PSOProxy091.txt
File Size:	7462
Last Modified:	Feb 25 19:34:00 2004
MD5 Checksum:	4320054933d5ea571c771b6234c91d9f

/// File Name:	Flexwatch22.txt
Description:	FlexWATCH-Webs versions 2.2 (NTSC) and below suffer from an authorization bypass via double slashes and also a cross site scripting attack.
Author:	Rafel Ivgi aka The-Insider
Homepage:	http://theinsider.deep-ice.com
File Size:	5366
Last Modified:	Feb 24 22:08:00 2004
MD5 Checksum:	6619638cf6bb4c0a7ea46a68935cd11c

/// File Name:	waraxe-2004-SA004.txt
Description:	Extreme Messageboard aka XMB version 1.8 Partagium Final SP2 is vulnerable to multiple SQL injection and cross site scripting attacks.
Author:	Janek Vind aka waraxe
File Size:	5807
Last Modified:	Feb 24 03:04:00 2004
MD5 Checksum:	5381c5e782a35b2bee530ecab38cd3d0

/// File Name:	ZH2004-09SA.txt
Description:	PhpNewsManager version 1.46 allows for arbitrary file reading due to being susceptible to a directory traversal attack.
Author:	G00db0y
Homepage:	http://www.zone-h.org/en/advisories/read/id=4024/
File Size:	1235
Last Modified:	Feb 24 00:18:00 2004
MD5 Checksum:	1c9dcfa245a6cbb280746ba1ea8a730a

/// File Name:	GateKeeper.c
Description:	GateKeeper Pro 4.7 on the win32 platform has a buffer overflow vulnerability when processing GET requests. Full remote exploit included. Tested against Microsoft Windows 2000 Pro and Microsoft Windows XP.
Author:	kralor
Homepage:	http://www.coromputer.net
File Size:	8276
Last Modified:	Feb 23 10:42:00 2004
MD5 Checksum:	836f01f1e1277e6d256d54485d8c881d

/// File Name:	3com-DoS.c
Description:	Proof of concept DoS exploit for 3Com OfficeConnect DSL Routers. Successful exploitation of the vulnerability should cause the router to reboot.
Author:	shaun2k2
File Size:	1667
Last Modified:	Feb 23 03:48:00 2004
MD5 Checksum:	94069a9c5530f90d4d23aa6a0ef27899

/// File Name:	lbreakout2-exp.c
Description:	lbreakout2 versions 2.4beta-2 and below local exploit.
Author:	Li0n7
File Size:	3944
Last Modified:	Feb 21 23:04:00 2004
MD5 Checksum:	e96f9ecfd1f97869642ab94d72b864c9

/// File Name:	PSOProxy-exp.c
Description:	Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91.
Author:	Li0n7
Related File:	PSOProxy091.txt
File Size:	9393
Last Modified:	Feb 21 22:28:00 2004
MD5 Checksum:	e53c88be294dc587edb95c99e12d1794

/// File Name:	PSOProxy.c
Description:	Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91.
Author:	kralor
Homepage:	http://www.coromputer.net
Related File:	PSOProxy091.txt
File Size:	5172
Last Modified:	Feb 20 20:03:00 2004
MD5 Checksum:	c85dc711e0b38c316b08320377cb861d

/// File Name:	ldaped.c
Description:	iMail 8.05 LDAP service remote exploit.
Author:	kralor
Homepage:	http://www.coromputer.net
Related File:	02.17.04.txt
File Size:	7579
Last Modified:	Feb 19 22:03:00 2004
MD5 Checksum:	35da4d13438508743c37c87b99f0105a

/// File Name:	xploit_dbg.cpp.txt
Description:	Exploit that tests for several vulnerabilities in one of Windows XP kernel's native API functions.
Author:	randnut
Related File:	XPkern.txt
File Size:	21345
Last Modified:	Feb 19 05:53:00 2004
MD5 Checksum:	079419668499d82b300edc4f4676390a

/// File Name:	Adv-20040218.txt
Description:	S-Quadra Advisory #2004-02-18 - WebCortex Webstores2000 version 6.0 has a SQL injection vulnerability that allows a remote attacker to add an administrative account and it also has a cross site scripting flaw.
Author:	Nick Gudov
Homepage:	http://www.s-quadra.com/advisories/Adv-20040218.txt
File Size:	4017
Last Modified:	Feb 18 22:08:00 2004
MD5 Checksum:	09cc5ad6ab60c00eb917ba1e2d21b989

/// File Name:	ZH2004-08SA.txt
Description:	OWLS version 1.0 allows for remote file retrieval via directory traversal attacks.
Author:	G00db0y
Homepage:	http://www.zone-h.org/en/advisories/read/id=3973/
File Size:	1862
Last Modified:	Feb 18 20:17:00 2004
MD5 Checksum:	a983097b8815f2812d8606dccac9f316

/// File Name:	Adv-20040216.txt
Description:	S-Quadra Advisory #2004-02-16 - EarlyImpact ProductCart shopping cart software incorrectly makes use of cryptography, is susceptible to a cross site scripting attack, and allows for SQL injection attacks as well.
Author:	Nick Gudov
Homepage:	http://www.s-quadra.com/advisories/Adv-20040216.txt
File Size:	5213
Last Modified:	Feb 18 20:15:00 2004
MD5 Checksum:	90a560aa4703caff2202e2ae473c2775

/// File Name:	ZH2004-07SA.txt
Description:	In the Online Store Kit 3.0 Products, problems exist where user-supplied data is not properly sanitized, allowing for a remote attacker to influence SQL queries and gain sensitive information.
Author:	G00db0y
Homepage:	http://www.zone-h.org/
File Size:	3004
Last Modified:	Feb 18 16:04:00 2004
MD5 Checksum:	a6f40a401ff90bfc811f2b99eb364f02

/// File Name:	brokerFTP.txt
Description:	Two security vulnerabilities in Broker FTP server version 6.1.0.0 cause the server to crash and utilize 100 percent of the systems CPU cycles.
Author:	Aviram Jenik
Homepage:	http://www.securiteam.com/windowsntfocus/5IP0B0AC1I.html
File Size:	2501
Last Modified:	Feb 18 02:50:00 2004
MD5 Checksum:	45feef2ea56922c811759339ed7e8f3a

/// File Name:	ZH2004-06SA.txt
Description:	ShopCartCGI version 2.3 has multiple directory traversal vulnerabilities that allow for remote attackers to gain access to files outside of the webroot.
Author:	G00db0y
Homepage:	http://www.zone-h.org/en/advisories/read/id=3962/
File Size:	1502
Last Modified:	Feb 17 18:56:00 2004
MD5 Checksum:	5407a211abd46c6d0fbaf61b1d4467c7

/// File Name:	rsync_local.c
Description:	Local exploit for rsync 2.5.7 and below. Note: This exploit only escalates privileges if rsync is setuid, which it is not by default.
Author:	abhisek
File Size:	4732
Last Modified:	Feb 17 12:12:00 2004
MD5 Checksum:	2ca496c30d884f9a8056a7c610d79704

/// File Name:	sp-advisory-x10.txt
Description:	A specifically crafted HTTP GET request which contains over 4096 bytes of data will cause the KarjaSoft Sami HTTP server to crash. Versions affected: 1.0.4, possibly earlier versions as well.
Author:	badpack3t
Homepage:	http://www.security-protocols.com/
File Size:	7104
Last Modified:	Feb 17 10:41:00 2004
MD5 Checksum:	24ad3e59488c6e1c7b36852ccc7160d5