Section: .. / 0403-exploits /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 61

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	0403-exploits.tgz
Description:	Packet Storm new exploits for March, 2004.
File Size:	193924
Last Modified:	May 4 07:01:31 2004
MD5 Checksum:	4e97d41068bbd2b4d4ff013e93caa7d6

/// File Name:	isec-0014-mremap-unmap.v2.txt
Description:	A critical security vulnerability has been found in the Linux kernel memory management code inside the mremap(2) system call due to missing function return value check. This bug is completely unrelated to the mremap bug disclosed on 05-01-2004 except concerning the same internal kernel function code. Versions affected: 2.2 up to 2.2.25, 2.4 up to 2.4.24, 2.6 up to 2.6.2.
Author:	Paul Starzetz
Homepage:	http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt
File Size:	19646
Related CVE(s):	CAN-2004-0077
Last Modified:	Mar 2 03:45:00 2004
MD5 Checksum:	34d9a30a4201cb1cd237f1d56c8aed20

/// File Name:	anubisexp.c
Description:	Remote root exploit for GNU Anubis 3.6.2.
Author:	CMN
Related File:	anubisAdv.txt
File Size:	17513
Last Modified:	Mar 11 02:48:33 2004
MD5 Checksum:	b1bb97db6413d3510250b9eed760455f

/// File Name:	wilco.zip
Description:	A testing tool for RogerWilco versions 1.4.1.6 and below and RogerWilco Base Station versions 0.30a that suffer from multiple bugs.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	rogerwilco2.txt
File Size:	17405
Last Modified:	Mar 31 20:12:00 2004
MD5 Checksum:	597c92720fd3a472c793309702812662

/// File Name:	xinebug.txt
Description:	xine-bugreport suffers from insecure file creation in /tmp that can lead to a symlink attack.
Author:	Shaun Colley aka shaun2k2
File Size:	15624
Last Modified:	Mar 20 17:48:00 2004
MD5 Checksum:	941f872c645d67313e9f207028e0bc2a

/// File Name:	systrace.txt
Description:	Full detailed analysis and explanation of a systrace vulnerability that exists in various kernels. This problem was silently fixed in the Linux 2.4.24 kernel release without any real acknowledgment to the security community. Full exploit included.
Author:	Brad
Homepage:	http://www.grsecurity.net
File Size:	13946
Last Modified:	Mar 27 16:01:00 2004
MD5 Checksum:	3ee4b2c23da5f70220f4d222dfec56c8

/// File Name:	mdaemon-exploit.c
Description:	Remote exploit for MDaemon Mail Server versions 6.52 to 6.85 that makes use of a buffer overflow in its raw message handler. This exploit has only been tested on Windows XP Home and Pro Edition (Dutch) SP1.
Author:	Angelo Rosiello
Homepage:	http://www.rosiello.org
Related File:	mdaemon-raw.txt
File Size:	12476
Last Modified:	Mar 16 04:31:17 2004
MD5 Checksum:	fff65d681162d5d7b7043edf21a4173e

/// File Name:	ethereal.igap.c
Description:	Ethereal IGAP Dissector Message overflow remote root exploit that spawns a shell on port 31337. Makes use of the vulnerability that exists between versions 0.10.0 to 0.10.2. Tested under Gentoo and RedHat 8.
Author:	Nilanjan De, Abhisek Datta
Homepage:	http://www.eos-india.net
File Size:	11753
Last Modified:	Mar 28 07:10:00 2004
MD5 Checksum:	42e9f9dc28e6c773c9816a77b3bff6b0

/// File Name:	oseen_shoutcast.c
Description:	SHOUTcast version 1.9.2 remote exploit with connect back code. Written for Slackware 8.1, 9.0, 9.1, and RedHat 7.2.
Author:	exworm
Homepage:	http://www.oseen.org
File Size:	11501
Last Modified:	Mar 4 23:57:00 2004
MD5 Checksum:	41e90e705c92fbcacf2c7e8d4e80badb

/// File Name:	unrfs-poc.zip
Description:	Remote exploit for the Unreal game engine for Windows, MacOS, and Linux that makes use of a format string bug. This proof-of-concept is a proxy server able to modify the Unreal packets in real-time allowing the insertion of %n into the class names sent by the client to the server causing the remote crash. Games affected: America's Army, DeusEx, Devastation, Magic Battlegrounds, Mobile Forces, Nerf Arena Blast, Postal 2, Rainbow Six: Raven Shield, Rune, Sephiroth: 3rd episode the Crusade, Star Trek: Klingon Honor Guard, Tactical Ops, TNN Pro Hunter, Unreal 1, Unreal II XMP, Unreal Tournament, Unreal Tournament 2003, Wheel of Time, X-com Enforcer, and XIII.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	unrealEngine.txt
File Size:	9404
Last Modified:	Mar 11 10:46:50 2004
MD5 Checksum:	8ae15e07d05998dbfc95996a84ebc3fc

/// File Name:	557iss_pam_exp.c
Description:	RealSecure / BlackICE iss_pam1.dll remote overflow exploit.
Author:	Sam Chen
Related File:	eEye.iss.txt
File Size:	9062
Last Modified:	Mar 28 08:55:00 2004
MD5 Checksum:	0ddc8c39ea4432b2ec4fc6a8f5d6ea4d

/// File Name:	xp_ws_ftp_server.zip
Description:	Remote exploit for Ipswitch WS_FTP server version 4.0.2.EVAL that makes use of a buffer overflow in the STAT command.
Author:	Hugh Mann
Related File:	wsftp402eval.txt
File Size:	8559
Last Modified:	Mar 23 16:38:00 2004
MD5 Checksum:	757ff118a5513e54d7deee4651b08175

/// File Name:	smbprintsymlink.txt
Description:	smbprint insecurely writes to files in /tmp allowing for a symbolic link attack. Full details on exploitation included.
Author:	Shaun Colley aka shaun2k2
File Size:	7843
Last Modified:	Mar 19 20:38:00 2004
MD5 Checksum:	1a280809a3d52ca67bfea0331f678f8c

/// File Name:	waraxe-2004-SA013.txt
Description:	A SQL injection vulnerability in PHPBB versions 2.0.8 and below allows an attacker the ability to extract the administrator password hash.
Author:	Janek Vind aka waraxe
File Size:	7003
Last Modified:	Mar 27 04:08:29 2004
MD5 Checksum:	c316b4db1e73a0dca9df33134cbd779e

/// File Name:	waraxe-2004-SA012.txt
Description:	Multiple SQL injection and cross site scripting vulnerabilities lie in XMB 1.8 Partagium SP3 and 1.9 Nexus Beta. Full exploitation syntax given.
Author:	Janek Vind aka waraxe
File Size:	6863
Last Modified:	Mar 27 04:04:34 2004
MD5 Checksum:	9d1f6f6943811ac0c1887925ea3d441c

/// File Name:	t3cbof.zip
Description:	Remote proof of concept denial of service exploit for Terminator 3 that makes use of a broadcast client buffer overflow.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	terminator3.txt
File Size:	6861
Last Modified:	Mar 24 06:42:00 2004
MD5 Checksum:	a0488bcfc89f8c89bb396b3c7e80cc10

/// File Name:	eudora603.pl
Description:	Exploit that performs an attachment spoofing demo for Eudora versions 6.0.3 and below.
Author:	Paul Szabo
Homepage:	http://www.maths.usyd.edu.au:8000/u/psz/
File Size:	6838
Last Modified:	Mar 19 18:32:00 2004
MD5 Checksum:	96bdd0de3dd57cdfc53b48e97769538e

/// File Name:	phpx324.txt
Description:	PHPX versions 2.x through 3.2.4 fail to create a secure session management engine. A user can obtain a session by simply supplying a uid of the user in which they want to obtain the account from, and as long as their session is in the database, it will allow session hi-jacking to occur. Further-more it is concerning that the session id itself is generated by a simple auto increment field in the MySQL database, making it trivial for an attacker to steal a cookie. Full exploitation included.
Author:	Ryan Wray aka HelloWorld
File Size:	6448
Last Modified:	Mar 17 08:15:34 2004
MD5 Checksum:	09ddcbef76dbf1843ea527f95f6e77ed

/// File Name:	picobof.zip
Description:	Proof of concept exploit for PicoPhone versions 1.63 and below that makes use of a buffer overflow in the logging functionality.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	picophone163.txt
File Size:	6072
Last Modified:	Mar 24 17:32:00 2004
MD5 Checksum:	7b97fc4e9b1b9d51052ae11b7a4d08a8

/// File Name:	netsupport.txt
Description:	Invision NetSupport School Pro stores passwords in a manner that allows their encryption to be easily reversed. Exploit written in Pascal is included.
Author:	spiffomatic 64
File Size:	6012
Last Modified:	Mar 27 04:01:32 2004
MD5 Checksum:	27c12a27a7f8864f85087da894f906ff

/// File Name:	ethboom.zip
Description:	Remote proof of concept exploit for Etherlords I versions 1.07 and below and Etherlords II versions 1.03 and below that causes a crash.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	etherlords.txt
File Size:	5936
Last Modified:	Mar 26 02:57:15 2004
MD5 Checksum:	a9be70bea9c44b71fe18cb74a9439389

/// File Name:	chromeboom.zip
Description:	Remote exploit that causes a server crash in Chrome versions 1.2.0.0 and below.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	chrome1200.txt
File Size:	5882
Last Modified:	Mar 19 17:46:00 2004
MD5 Checksum:	e3db592b13f93de2362dcaac5b365292

/// File Name:	hgmcrash.zip
Description:	Haegemonia version 1.07 and below denial of service exploit. Updated to support the other games from Desert Rats that are not even released yet but hold the same vulnerability.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	haegemonia.txt
File Size:	5773
Last Modified:	Mar 5 22:39:32 2004
MD5 Checksum:	d93635be8f5f91eedf718a6f9f27e8df

/// File Name:	wftpd.c
Description:	Remote exploit for WFTPD server. Tested against WFTPD Pro server version 3.21.1.1 on Windows 2000 CN SP4.
Author:	security team 0seen
Related File:	wftpdBO.txt
File Size:	5557
Last Modified:	Mar 3 17:36:00 2004
MD5 Checksum:	c28b0f1495cb6d344acef83a3cdf5d07

/// File Name:	battlemagy.zip
Description:	Exploit for testing a specific server to see if it is susceptible to a denial of service vulnerability found in Battle Mages versions 1.0 for Windows.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	battlemages-adv.txt
File Size:	5426
Last Modified:	Mar 12 02:44:24 2004
MD5 Checksum:	2779f53ca1344fd9a08b5f551bb0f38c