Section:  .. / 0404-exploits  /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 50
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: 0404-exploits.tgz
Description:
Packet Storm new exploits for April, 2004.
File Size:136096
Last Modified:Jan 2 22:01:29 2005
MD5 Checksum:85f526a8ef74aa7fab235cec0a12d54a

 ///  File Name: tcp_reset.c
Description:
Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson.
Author:eazy
Related File:SlippingInTheWindow_v1.0.doc
File Size:3737
Related CVE(s):CAN-2004-0230
Last Modified:Apr 28 08:03:00 2004
MD5 Checksum:2edd0e1dafca116fdae393cd4f64c383

 ///  File Name: RoseAttackv2.txt
Description:
Another program that demonstrates the Rose Attack eating up CPU processing time on a Windows 2000 box.
Author:Chuck
Related File:Rose_Frag_Attack_Explained.txt
File Size:11786
Last Modified:Apr 28 07:12:15 2004
MD5 Checksum:c71f6be9ef9b5b7e9aaaa903c83d697c

 ///  File Name: RoseAttackv1.txt
Description:
Program that demonstrates the Rose Attack eating up CPU processing time on a Windows 2000 box.
Author:Laurent Constantin
Related File:Rose_Frag_Attack_Explained.txt
File Size:6275
Last Modified:Apr 28 07:11:14 2004
MD5 Checksum:abe79cdc4e802902cbc75e03bd7f4406

 ///  File Name: phpnukeVideo.txt
Description:
PHP-Nuke Video Gallery Module version 0.1 Beta 5 is susceptible to full path disclosure and SQL injection attacks.
Author:DarkBicho
Homepage:http://www.darkbicho.tk
File Size:4374
Last Modified:Apr 28 06:01:47 2004
MD5 Checksum:54acb3d8866b74c2e6d1ec256608e9d9

 ///  File Name: JetRoot_pl.txt
Description:
Linux root and Windows NT/2000 Administrator remote exploit for HP Web JetAdmin 6.5.
Author:FX
Homepage:http://www.phenoelit.de
Related File:HP_Web_Jetadmin_advisory.txt
File Size:5343
Last Modified:Apr 28 05:58:40 2004
MD5 Checksum:5cd19d9db75680df1b4b9a5cd6ca9642

 ///  File Name: disconn.py
Description:
Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson. Python version.
Author:Michael Gschwandtner
Homepage:http://anyplay.tznetz.com/exploits/disconn_py.html
Related File:SlippingInTheWindow_v1.0.doc
File Size:3491
Related CVE(s):CAN-2004-0230
Last Modified:Apr 28 05:49:14 2004
MD5 Checksum:46637e58111353af9ab2dffa5ac6e5a3

 ///  File Name: not_so_smartether.txt
Description:
Samsung SmartEther switches allow a remote attacker to login as admin without having a correct password. All that is required is that all of the characters that can fit in the buffer for the password be filled.
Author:Kyle Duren
File Size:1633
Last Modified:Apr 26 01:07:00 2004
MD5 Checksum:3960756959bce9934971104a4c4533b7

 ///  File Name: Kreset.pl
Description:
Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson. Perl version.
Author:K-sPecial
Homepage:http://xzziroz.freeshell.org
Related File:SlippingInTheWindow_v1.0.doc
File Size:5576
Related CVE(s):CAN-2004-0230
Last Modified:Apr 25 19:05:00 2004
MD5 Checksum:35eafe0e58f3157a7d65afbb26e29c04

 ///  File Name: eXtremail2.c
Description:
Linux eXtremail versions 1.5.9 and below remote root exploit that makes use of a format string vulnerability in its logging mechanism.
Author:Luca Ercoli
Homepage:http://www.seeweb.com
Related File:eXtremail.txt
File Size:3939
Last Modified:Apr 25 17:46:00 2004
MD5 Checksum:eb165abefc04759a78ee48e3da5a316d

 ///  File Name: bgp-dosv2.pl
Description:
BGP proof of concept denial of service utility that sends out a RST flood to BGP connection providing the attacker has already gained knowledge of the source port and sequence number.
Author:Rich Compton
Related File:SlippingInTheWindow_v1.0.doc
File Size:1446
Related CVE(s):CAN-2004-0230
Last Modified:Apr 24 02:05:02 2004
MD5 Checksum:52fe0ea2108771280df6c0b70527aa60

 ///  File Name: reset-tcp_rfc31337-compliant.c
Description:
Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson. Some modifications done by J 'Swoop' Barber.
Author:Paul A. Watson
Homepage:http://www.terrorist.net
Related File:SlippingInTheWindow_v1.0.doc
File Size:4479
Related CVE(s):CAN-2004-0230
Last Modified:Apr 24 01:57:29 2004
MD5 Checksum:b89b0241199fd7937f1cc29a3a32e3af

 ///  File Name: reset-tcp.c
Description:
Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson.
Author:Paul A. Watson
Homepage:http://www.terrorist.net
Related File:SlippingInTheWindow_v1.0.doc
File Size:3373
Related CVE(s):CAN-2004-0230
Last Modified:Apr 24 01:56:17 2004
MD5 Checksum:109c83b293fa1cd19507c8d844936b19

 ///  File Name: THCIISSLame.c
Description:
THCIISSLame version 0.2 IIS 5 SSL remote root exploit. Uses a connect back shell.
Author:Johnny Cyberpunk
Homepage:http://www.thc.org/
File Size:6725
Last Modified:Apr 22 18:04:00 2004
MD5 Checksum:b10bb6ba9138a6d29c48e148b7207004

 ///  File Name: umodpoc.zip
Description:
Proof of concept exploit for the Unreal engine developed by EpicGames which has a flaw with UMOD where it handles information from files without properly filtering for dangerous characters.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:unrealEngine2.txt
File Size:8523
Last Modified:Apr 22 18:03:00 2004
MD5 Checksum:babab0ce107edf023e98cb9facc781f6

 ///  File Name: waraxe-2004-SA022.txt
Description:
PostNuke 0.726 Phoenix is susceptible to multiple path disclosure and cross site scripting vulnerabilities.
Author:Janek Vind aka waraxe
Homepage:http://www.waraxe.us/
File Size:4922
Last Modified:Apr 22 11:37:00 2004
MD5 Checksum:26c15fd38d1d3b31e7aacd5170f5c586

 ///  File Name: waraxe-2004-SA021.txt
Description:
The phprofession 2.5 module for PostNuke is susceptible to path disclose, cross site scripting, and possible SQL injection attacks.
Author:Janek Vind aka waraxe
Homepage:http://www.waraxe.us/
File Size:3955
Last Modified:Apr 22 10:16:00 2004
MD5 Checksum:60a7eb530f31c704d7281ef37d66a91a

 ///  File Name: eaea.class.php.txt
Description:
Mambo OS versions 4.5 and 4.6 exploit written in PHP that insets an administrator user into the database.
Author:Yo_Soy
Homepage:http://www.raza-mexicana.org
Related File:mambo.txt
File Size:1647
Last Modified:Apr 22 05:06:00 2004
MD5 Checksum:4ecba7a08a0a8efe0a8826d3deec68e8

 ///  File Name: reset.zip
Description:
This program will reset a TCP connection by guessing a valid sequence number.
Author:Aphex
Homepage:http://www.iamaphex.cjb.net
Related File:246929.html
File Size:14181
Related CVE(s):CAN-2004-0230
Last Modified:Apr 22 04:45:00 2004
MD5 Checksum:f4ab099f779083bfa1ce46e3cdfdea5d

 ///  File Name: 0x3142-sq-chpasswd.c
Description:
Local root exploit for Squirrelmail's chpasswd utility. Tested on Suse 9. Original bug found by Matias Neiff.
Author:x314
Related File:chpasswd.txt
File Size:1154
Last Modified:Apr 20 12:36:00 2004
MD5 Checksum:19cd768af23b86e42a4d1f020bd43aeb

 ///  File Name: p_xfree.c
Description:
XFree version 4.3.x local root exploit that makes use of the vulnerability that exists in the use of the CopyISOLatin1Lowered() function with the 'font_name' buffer.
Author:pi3
Homepage:http://www.pi3.int.pl
Related File:02.11.04.txt
File Size:11670
Last Modified:Apr 20 12:17:00 2004
MD5 Checksum:02f09f93f2adb9197f86c2140e23e6ee

 ///  File Name: eudora61.pl
Description:
Eudora 6.1 still has attachment spoofing flaws along with a Nested MIME DoS vulnerability.
Author:Paul Szabo
File Size:2834
Last Modified:Apr 20 07:57:00 2004
MD5 Checksum:aee6853e3fb6b331288d903a8813c2da

 ///  File Name: Exch.pl
Description:
Kinesphere Corporation Exchange POP3 e-mail gateway remote exploit that makes use of a buffer overflow.
Author:securma massine
File Size:4629
Last Modified:Apr 19 17:45:00 2004
MD5 Checksum:6ab8a0b89d6c06af47d8d320cc7ab4ae

 ///  File Name: phpBBmod.txt
Description:
phpBB modified by PRzemo version 1.8 allows for arbitrary code execution due to improper filtering allowing for remote script inclusion.
Author:Officerrr
File Size:1871
Last Modified:Apr 19 16:30:00 2004
MD5 Checksum:56451f2f2af87fa042870c5de4688379

 ///  File Name: kphone.stun.txt
Description:
KPhone versions 4.0.1 and below are vulnerable to a denial of service attack when receiving a malformed STUN response packet.
Author:Storm
File Size:3430
Last Modified:Apr 19 15:24:00 2004
MD5 Checksum:dad1d1036001f137bef211a08445b7ac