Section: .. / 0404-exploits /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 50

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	0404-exploits.tgz
Description:	Packet Storm new exploits for April, 2004.
File Size:	136096
Last Modified:	Jan 2 22:01:29 2005
MD5 Checksum:	85f526a8ef74aa7fab235cec0a12d54a

/// File Name:	0x3142-sq-chpasswd.c
Description:	Local root exploit for Squirrelmail's chpasswd utility. Tested on Suse 9. Original bug found by Matias Neiff.
Author:	x314
Related File:	chpasswd.txt
File Size:	1154
Last Modified:	Apr 20 12:36:00 2004
MD5 Checksum:	19cd768af23b86e42a4d1f020bd43aeb

/// File Name:	305monit.c
Description:	Monit versions 4.2 and below remote exploit that makes use of a buffer overflow in the handling of basic authentication. Binds a shell to port 31337.
Author:	Nilanjan De, Abhisek Datta
Homepage:	http://www.eos-india.net/
Related File:	monit.txt
File Size:	9183
Last Modified:	Apr 12 06:55:00 2004
MD5 Checksum:	ad1d48f1fac2fb76a281eade6259171e

/// File Name:	Abrior.txt
Description:	A lack of proper input validation on Abrior's Encore WebForum allows for remote command execution via Display.cgi.
Author:	Schizoprenic, k159
Homepage:	http://g-security.tk
File Size:	3003
Last Modified:	Apr 3 13:47:00 2004
MD5 Checksum:	b729c60b75ed3166fd73e47cdd65d70e

/// File Name:	ADA.image.txt
Description:	ADA Image Server (ImgSvr) 0.4 suffers from a buffer overflow via GET requests, directory traversal vulnerabilities, and a denial of service flaw.
Author:	Dr. Insane
Homepage:	Http://members.lycos.co.uk/r34ct/
File Size:	2642
Last Modified:	Apr 14 16:10:00 2004
MD5 Checksum:	c9af293363595a0fcc1e638e861dfdfd

/// File Name:	bgp-dosv2.pl
Description:	BGP proof of concept denial of service utility that sends out a RST flood to BGP connection providing the attacker has already gained knowledge of the source port and sequence number.
Author:	Rich Compton
Related File:	SlippingInTheWindow_v1.0.doc
File Size:	1446
Related CVE(s):	CAN-2004-0230
Last Modified:	Apr 24 02:05:02 2004
MD5 Checksum:	52fe0ea2108771280df6c0b70527aa60

/// File Name:	billybastard.c
Description:	Local exploit that makes use of the flaw in lsass.exe. Binds a shell to port 31337.
Author:	Hi_Tech_Assassin
File Size:	5271
Last Modified:	Apr 17 14:11:00 2004
MD5 Checksum:	1f9222b74b939049559dc3333d823b31

/// File Name:	cdpexpl.tgz
Description:	Proof of concept demonstration exploit for cdp versions 0.4 and below.
Author:	priestmaster
Homepage:	http://www.priestmaster.org
File Size:	1164
Last Modified:	Apr 14 17:52:00 2004
MD5 Checksum:	b7e4101c43e6efa314dee08047dee947

/// File Name:	cobain-monit.pl
Description:	Monit versions 4.1 and below remote denial of service exploit. Tested on Mandrake 9.1.
Author:	gsicht
Related File:	monit.txt
File Size:	1528
Last Modified:	Apr 9 11:11:00 2004
MD5 Checksum:	f0cc271a17471fcd8555602dc84764d5

/// File Name:	disconn.py
Description:	Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson. Python version.
Author:	Michael Gschwandtner
Homepage:	http://anyplay.tznetz.com/exploits/disconn_py.html
Related File:	SlippingInTheWindow_v1.0.doc
File Size:	3491
Related CVE(s):	CAN-2004-0230
Last Modified:	Apr 28 05:49:14 2004
MD5 Checksum:	46637e58111353af9ab2dffa5ac6e5a3

/// File Name:	eaea.class.php.txt
Description:	Mambo OS versions 4.5 and 4.6 exploit written in PHP that insets an administrator user into the database.
Author:	Yo_Soy
Homepage:	http://www.raza-mexicana.org
Related File:	mambo.txt
File Size:	1647
Last Modified:	Apr 22 05:06:00 2004
MD5 Checksum:	4ecba7a08a0a8efe0a8826d3deec68e8

/// File Name:	emptyconn.zip
Description:	Proof of concept exploit that causes a denial of service condition in RSniff.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	rsniff.txt
File Size:	5802
Last Modified:	Apr 9 14:23:00 2004
MD5 Checksum:	5d496cff7e0fa3a67f0e145da67e0182

/// File Name:	emule4x.pl
Description:	eMule versions 0.42d and below remote exploit that makes use of the buffer overflow in the DecodeBase16() function. Tested against Windows XP SP1 and Windows 2000 SP4.
Author:	kcope
Related File:	emule-0.42d.txt
File Size:	8196
Last Modified:	Apr 11 20:25:00 2004
MD5 Checksum:	1ce6c958dd2930cdd1a5efdc4ab262cb

/// File Name:	eudora61.pl
Description:	Eudora 6.1 still has attachment spoofing flaws along with a Nested MIME DoS vulnerability.
Author:	Paul Szabo
File Size:	2834
Last Modified:	Apr 20 07:57:00 2004
MD5 Checksum:	aee6853e3fb6b331288d903a8813c2da

/// File Name:	Exch.pl
Description:	Kinesphere Corporation Exchange POP3 e-mail gateway remote exploit that makes use of a buffer overflow.
Author:	securma massine
File Size:	4629
Last Modified:	Apr 19 17:45:00 2004
MD5 Checksum:	6ab8a0b89d6c06af47d8d320cc7ab4ae

/// File Name:	eXtremail2.c
Description:	Linux eXtremail versions 1.5.9 and below remote root exploit that makes use of a format string vulnerability in its logging mechanism.
Author:	Luca Ercoli
Homepage:	http://www.seeweb.com
Related File:	eXtremail.txt
File Size:	3939
Last Modified:	Apr 25 17:46:00 2004
MD5 Checksum:	eb165abefc04759a78ee48e3da5a316d

/// File Name:	gemitelv3.txt
Description:	Gemitel versions 3.5 and below allow for malicious file inclusion in its affich.php script. This vulnerability allows an attacker to forcibly execute arbitrary scripts from remote resources on the server.
Author:	jaguar
Homepage:	http://www.wulab.com
File Size:	1492
Last Modified:	Apr 17 14:52:00 2004
MD5 Checksum:	0dfcf9d72eb05a0ab1ce7f892fe712ff

/// File Name:	gvexpl.tgz
Description:	Remote root proof of concept exploit for gv versions 3.5.8 and below. Binds a shell to port 65535. Makes use of an old vulnerability that does not have an exploit circulating for it.
Author:	priestmaster
Homepage:	http://www.priestmaster.org
Related File:	gv-exploit.pdf
File Size:	3090
Last Modified:	Apr 18 12:33:00 2004
MD5 Checksum:	41cdb7aa6c873e01ffd225c7bb8c3355

/// File Name:	igi2fs.zip
Description:	Proof of concept exploit that makes use of a format string bug in IGI 2: Covert Strike. Affected versions are 1.3 and below.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	igi2.txt
File Size:	5998
Last Modified:	Apr 5 20:24:00 2004
MD5 Checksum:	1c431b4877d8f8c8a450e93962d8f0a5

/// File Name:	imgSvr.txt
Description:	Under its default, imgSvr version 0.4 allows some security checks to be bypassed allowing an attacker to see the contents of a web directory and see or download the files of a web directory.
Author:	Donato Ferrante
Homepage:	http://www.autistici.org/fdonato
File Size:	1774
Last Modified:	Apr 1 11:39:00 2004
MD5 Checksum:	84b29a02de69b2b54da296623e927287

/// File Name:	JetRoot_pl.txt
Description:	Linux root and Windows NT/2000 Administrator remote exploit for HP Web JetAdmin 6.5.
Author:	FX
Homepage:	http://www.phenoelit.de
Related File:	HP_Web_Jetadmin_advisory.txt
File Size:	5343
Last Modified:	Apr 28 05:58:40 2004
MD5 Checksum:	5cd19d9db75680df1b4b9a5cd6ca9642

/// File Name:	kphone.stun.txt
Description:	KPhone versions 4.0.1 and below are vulnerable to a denial of service attack when receiving a malformed STUN response packet.
Author:	Storm
File Size:	3430
Last Modified:	Apr 19 15:24:00 2004
MD5 Checksum:	dad1d1036001f137bef211a08445b7ac

/// File Name:	Kreset.pl
Description:	Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson. Perl version.
Author:	K-sPecial
Homepage:	http://xzziroz.freeshell.org
Related File:	SlippingInTheWindow_v1.0.doc
File Size:	5576
Related CVE(s):	CAN-2004-0230
Last Modified:	Apr 25 19:05:00 2004
MD5 Checksum:	35eafe0e58f3157a7d65afbb26e29c04

/// File Name:	MSIE.printer.txt
Description:	Microsoft Internet Explorer 6.0 allows malicious Javascript to send documents to the printer without notifying the end user.
Author:	Ben Garvey
Homepage:	http://www.bengarvey.com
File Size:	3042
Last Modified:	Apr 13 00:45:00 2004
MD5 Checksum:	4c4e790d243752c616023e9903017ffb

/// File Name:	not_so_smartether.txt
Description:	Samsung SmartEther switches allow a remote attacker to login as admin without having a correct password. All that is required is that all of the characters that can fit in the buffer for the password be filled.
Author:	Kyle Duren
File Size:	1633
Last Modified:	Apr 26 01:07:00 2004
MD5 Checksum:	3960756959bce9934971104a4c4533b7