Section:  .. / 0406-exploits  /

Page 1 of 2
<< 1 2 >> Files 1 - 25 of 34
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: 0406-exploits.tgz
Description:
Packet Storm new exploits for June, 2004.
File Size:136567
Last Modified:Jul 14 10:48:06 2004
MD5 Checksum:29c7c2674eab4520cd20b7302b9e9301

 ///  File Name: p_atari800.c
Description:
Exploit for the atari800 atari emulator. This exploit is local, and may in some circumstances give local root.
Homepage:http://www.pi3.int.pl
File Size:3008
Related CVE(s):CAN-2003-0630
Last Modified:Jun 29 13:50:00 2004
MD5 Checksum:c80b76a6307ff17e08717de2e6550916

 ///  File Name: memplayer.c
Description:
All versions of MPlayer, the movie player for Linux, are vulnerable to a buffer overflow attack that allows for privilege escalation. Local exploit included. Tested against Redhat Linux with Gnome, FreeBSD and latest cvsup plus ports with Gnome.
Author:c0ntex
File Size:15554
Last Modified:Jun 27 22:58:00 2004
MD5 Checksum:cbe5d9e292378ea65f396eb994717fdb

 ///  File Name: rlprd.py.exploit
Description:
Remote exploit that makes use of a format string vulnerability in rlpr version 2.x.
Author:Andrew Griffiths
Homepage:http://www.felinemenace.org
Related File:rlpr204.txt
File Size:3798
Last Modified:Jun 25 14:18:00 2004
MD5 Checksum:b99e7c2ea67fa9b371ccb64ad4add409

 ///  File Name: argoxp.c
Description:
New UPNP exploit that affects Microsoft Windows XP SP0. Binds a shell on port 1981.
Author:JoCaNoR
File Size:4242
Last Modified:Jun 25 13:14:00 2004
MD5 Checksum:4e4dbfcd6f6f4bdaeb0f815289d6dc24

 ///  File Name: freebsd.local.txt
Description:
It is possible to crash the kernel on FreeBSD/Alpha by passing an unaligned memory address as a 2nd or 3rd argument to execve() syscall. Affected versions: FreeBSD 5.1-RELEASE/Alpha and possibly others. Not affected: FreeBSD 5.1-RELEASE/IA32.
Author:Marceta Milos
File Size:2583
Last Modified:Jun 25 11:59:00 2004
MD5 Checksum:3c696b8a9038e16be09743c489490177

 ///  File Name: tn-linksys.txt
Description:
Linksys Web Camera versions 2.12 and below are vulnerable to a file inclusion vulnerability.
Author:Andrew
File Size:830
Last Modified:Jun 23 02:05:11 2004
MD5 Checksum:8644bec47b491078fb0b317d247134a8

 ///  File Name: unsecure.zip
Description:
Remote proof of concept denial of service exploit that makes use of a flaw in the Unreal game engine where a simple UDP packet with a long value can overwrite important memory zones. Vulnerable games include: DeusEx versions below and equal to 1.112fm, Devastation versions below and equal to 390, Mobile Forces versions below and equal to 20000, Nerf Arena Blast versions below and equal to 1.2, Postal 2 versions below and equal to 1337, Rune versions below and equal to 107, Tactical Ops versions below and equal to 3.4.0, TNN Pro Hunter, Unreal 1 versions below and equal to 226f, Unreal II XMP versions below and equal to 7710, Unreal Tournament versions below and equal to 451b, Unreal Tournament 2003 versions below and equal to 2225, Unreal Tournament 2004 versions below 3236, Wheel of Time versions below and equal to 333b, X-com Enforcer.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:unrealCodeExec.txt
File Size:7765
Last Modified:Jun 23 01:35:04 2004
MD5 Checksum:361204957ff8fe968183581a523bd891

 ///  File Name: dlink614.txt
Description:
The DI-614+ SOHO DLINK router suffers a script injection vulnerability that uses DHCP as a vector of attack.
Author:Gregory Duchemin
File Size:4505
Last Modified:Jun 23 00:52:26 2004
MD5 Checksum:bb1d151b3ef002c744a87226efe46e37

 ///  File Name: code.zip
Description:
Some bits of code that show how modified URL encoding can easily bypass restricted zones via Microsoft Internet Explorer.
Author:Jelmer
Homepage:http://jelmer.homedns.org/code.zip
File Size:1073
Last Modified:Jun 22 09:44:18 2004
MD5 Checksum:5b1945a52edc14026d5441544d608175

 ///  File Name: ircd-hybrid.txt
Description:
Due to faulty logic in the socket dequeuing mechanism used in hybrid 7 and the derivate ircd-ratbox, it is possible to severely lag an irc server using a low-bandwidth DoS attack. Affected versions: ircd-hybrid below and equal to 7.0.1, ircd-ratbox below and equal to 1.5.1, ircd-ratbox below and equal to 2.0rc6. Full exploitation included.
Author:Erik Sperling Johansen
File Size:6972
Last Modified:Jun 22 09:38:53 2004
MD5 Checksum:6a0710b14b0f121eb374ed868255d400

 ///  File Name: pivot1.1.0SoundwaveAdv.txt
Description:
Pivot 1.10 Soundwave is susceptible to a remote file inclusion and execution vulnerability that enables a remote attacker to execute anything they want in the context of the user id running the web server.
Author:Alex Buck aka loofus
Homepage:http://www.0x90.org/
File Size:2175
Last Modified:Jun 18 09:11:48 2004
MD5 Checksum:1f673326a66b16d650c42b4c15f179a3

 ///  File Name: dnsPoison.cpp.txt
Description:
Symantec Enterprise Firewall dnsd proxy, versions 8 and later, is vulnerable to cache poisoning attacks when acting as a caching nameserver. Full proof of concept exploit included.
Author:fryxar
File Size:5814
Last Modified:Jun 18 02:32:34 2004
MD5 Checksum:ff4e422f5bdf7ce95c8bbba21561cd14

 ///  File Name: vpasp5x.txt
Description:
VP-ASP Shopping Cart version 5.x is remote susceptible to cross site scripting and SQL injection attacks.
Author:Thomas Ryan
Homepage:http://www.providesecurity.com/research/advisories/06142004-01.asp
File Size:4507
Last Modified:Jun 18 02:12:41 2004
MD5 Checksum:83b28a51651383ae29607899b22eac1c

 ///  File Name: 2004-06-11_kernel_crash.t2t.tar.bz2
Description:
A very simple bug in the Linux kernel allows a small program to cause a denial of service. This flaw affects both the 2.4.2x and 2.6.x kernels on the x86 architecture.
Author:stian
Homepage:http://gcc.gnu.org/bugzilla/show_bug.cgi?id=15905
File Size:24523
Last Modified:Jun 14 22:01:50 2004
MD5 Checksum:2ab47694f55382d6c53256a0fabfb2ef

 ///  File Name: WinAgentsTFTP.txt
Description:
When an overly long filename is requested via the WinAgents TFTP server, a denial of service occurs due to an error in the handling of the request. Tested against version 3.0, other versions may be susceptible. Exploitation included.
Author:Ziv Kamir
File Size:1224
Last Modified:Jun 14 11:03:37 2004
MD5 Checksum:e9030ba21e5ba0c96dbfd3e2f3056239

 ///  File Name: waraxe-2004-SA032.txt
Description:
PHP-Nuke versions 6.x - 7.3 suffer from multiple cross site scripting flaws and one SQL injection attack.
Author:Janek Vind aka waraxe
Homepage:http://www.waraxe.us/
File Size:8260
Last Modified:Jun 14 09:56:20 2004
MD5 Checksum:29a12d03061abc3f21207ac954c01902

 ///  File Name: blackboardLS.txt
Description:
A bug in Blackboard Learning System release 6 allows users to steal documents out of the digital dropbox of other users. Remote perl exploit included.
Author:killer
Homepage:http://www.mostly-harmless.nl/
File Size:6326
Last Modified:Jun 14 09:07:12 2004
MD5 Checksum:24664bee21865c591e5ebeacf907e0f8

 ///  File Name: edimaxBackdoor.txt
Description:
Edimax 7205APL with a firmware of 2.40a-00 has a huge flaw where a guest account is hard-coded into the firmware allowing anyone to perform a backup with the same privileges of the administrator.
Author:msl
File Size:899
Last Modified:Jun 14 08:57:47 2004
MD5 Checksum:920cbf76ffc52c5242a7de9605b4317b

 ///  File Name: roundUP.txt
Description:
Roundup is susceptible to a directory traversal attack that will permit an attacker to view files outside of the web root.
Author:Vickenty Fesunov
File Size:1796
Last Modified:Jun 10 10:09:25 2004
MD5 Checksum:751d0c8016c146f80cc191a6fe075334

 ///  File Name: cpanelInject.txt
Description:
Reseller accounts used with Cpanel are able to change all passwords without verification.
Author:verb0s
File Size:569
Last Modified:Jun 10 09:08:06 2004
MD5 Checksum:f1426a10b54aadf67391f001ffad1b4b

 ///  File Name: rdboom.zip
Description:
Remote denial of service proof of concept exploit that makes use of a flaw in the Race Driver server versions 1.20 and below.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:tocaracedriver120.txt
File Size:18049
Last Modified:Jun 9 08:14:14 2004
MD5 Checksum:d5fd2a22cd6cf8be1a8f6bf9e9461613

 ///  File Name: imperva.crystal2.txt
Description:
Imperva's Application Defense Center has announced that several vulnerabilities exist in BusinessObject's Crystal Reports' Web Interface. These vulnerabilities allow a potential hacker to retrieve and delete any file from the file system of the server on which it runs, as well as causing a complete denial of service to the server. Affected versions: Crystal Reports version 9 and 10, Crystal Enterprise version 9 and 10. Exploitation details included.
Author:Moran Surf, Amichai Shulman
Homepage:http://www.imperva.com/adc/
File Size:5379
Last Modified:Jun 9 08:08:58 2004
MD5 Checksum:f8951acf73da7282b9b8a4924fe4e0a8

 ///  File Name: usr8003.txt
Description:
USR Robotics Broadband Router 8003 has a flawed password checking functionality where the password is first verified by a javascript function that has the real administrator password embedded and easily viewable in the source code, allowing any malicious remote attacker to take full control of the device. Tested against firmware v1.04 08. USR Robotics has claimed the problem is not that serious and has not taken any steps to remedy the situation.
Author:Fernando Sanchez
File Size:1464
Last Modified:Jun 9 08:04:44 2004
MD5 Checksum:c4938d18d1cff57950f3c87e7661cd54

 ///  File Name: priv8ibserver.pl
Description:
Remote exploit for Borland Interbase 7.1 SP2 and below that spawns a shell under the uid running the database. Targets included for Linux Interbase 7.1 SP 2 and Linux Interbase 6.01 InterBaseSS_LI-V6.0-1.i386.rpm.
Author:Priv8 Security Research
Homepage:http://Priv8security.com
Related File:firebirdDB.txt
File Size:4823
Last Modified:Jun 9 07:52:29 2004
MD5 Checksum:64cc7abc7e92b0bb8f0e92b931e73d99