Section: .. / 0411-exploits /

Page 2 of 4
<< 1 2 3 4 >> Files 25 - 50 of 77

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	advRX181104.txt
Description:	Cscope 15.5 and possibly earlier versions may suffer from a race condition that allows for local compromise. Proof of concept exploits included.
Author:	Gangstuck, Psirac
File Size:	6051
Last Modified:	Nov 20 22:50:41 2004
MD5 Checksum:	4a0e0ab79fabe9230af9db9e474118cb

/// File Name:	webcalendar.txt
Description:	The PHP application WebCalendar is susceptible to cross site scripting, http response splitting, code execution, path disclosure, and privilege escalation vulnerabilities.
Author:	Joxean Koret
File Size:	6010
Last Modified:	Nov 12 04:39:06 2004
MD5 Checksum:	f852aff719048217be25181fe7b04d22

/// File Name:	waraxe-2004-SA038.txt
Description:	The Event Calendar module for PHP-Nuke suffers from cross site scripting, path disclosure, SQL injection, and script insertion attacks.
Author:	Janek Vind aka waraxe
Homepage:	http://www.waraxe.us/
File Size:	5700
Last Modified:	Nov 20 22:38:21 2004
MD5 Checksum:	39075f33edc60c02047b4706096f6897

/// File Name:	20041119.IESP2Unpatched.html
Description:	Microsoft Internet Explorer (including IE for Windows XP SP2) is reported vulnerable to a file download security warning bypass. This unpatched flaw may be exploited to download a malicious executable file masqueraded as a HTML file. Full exploitation given. Original posted on k-otik.
Author:	cyber flash
Homepage:	http://www.k-otik.com/
Related File:	sa13203.txt
File Size:	5666
Last Modified:	Nov 20 23:50:57 2004
MD5 Checksum:	efd4da6639e3f50e0df00ddbd6efee64

/// File Name:	waraxe-2004-SA037.txt
Description:	A SQL injection bug exists in Phorum versions 5.0.12 and below. Exploitation example given.
Author:	Janek Vind aka waraxe
Homepage:	http://www.waraxe.us/
File Size:	5257
Last Modified:	Nov 13 00:22:44 2004
MD5 Checksum:	126da5f1fe68ed3742dd59eb079def15

/// File Name:	adv08-y3dips-2004.txt
Description:	JAF CMS is susceptible to path disclosure and directory traversal attacks.
Author:	y3dips
Homepage:	http://y3dips.echo.or.id/
File Size:	4582
Last Modified:	Nov 10 08:25:19 2004
MD5 Checksum:	3333ed76a744b568ac89516141226f1c

/// File Name:	phpbugtraq.txt
Description:	PHP Bug Traq 0.9.1 is susceptible to SQL injection attacks.
Author:	How Dark
Homepage:	http://www.howdark.com/
File Size:	4542
Last Modified:	Nov 13 05:10:14 2004
MD5 Checksum:	ac683be3267fd8d8a84233ffd5009310

/// File Name:	101_netn.cpp
Description:	NetNote Server version 2.2 build 230 crafted string vulnerability exploit that crashes the server.
Author:	class101
File Size:	4522
Last Modified:	Nov 13 20:03:40 2004
MD5 Checksum:	2471da94acdd22918c6bdbee201e68f4

/// File Name:	IPSWSFTP-exploit.c
Description:	Remote exploit for IPSwitch WS_FTP version 5.03 that binds a shell to port 4444.
Author:	Noph0bia
Related File:	wsftp503.txt
File Size:	4385
Last Modified:	Dec 12 00:14:41 2004
MD5 Checksum:	bdf3611955ed2ad4e6a80a5a5b0adfa7

/// File Name:	IPSwitch-IMail-8.13-DELETE.pl
Description:	Remote exploit for the IPSwitch-IMail 8.13 stack overflow in the DELETE command. Successful exploitation binds a shell to port 4444.
Author:	Muts, Zatlander
Homepage:	http://www.whitehat.co.il/
File Size:	4239
Last Modified:	Nov 20 19:50:14 2004
MD5 Checksum:	de63548e8c2828dfabc692609516742f

/// File Name:	slmail5x.txt
Description:	SLMail 5.x POP3 remote PASS buffer overflow exploit that binds a shell to port 4444. Tested on Windows 2000 SP4.
Author:	muts
Homepage:	http://www.whitehat.co.il
File Size:	4234
Related CVE(s):	CAN-2004-0942
Last Modified:	Nov 20 23:24:03 2004
MD5 Checksum:	2f39531126d87191b5ceaf073ca81878

/// File Name:	iptablesDoS.c
Description:	Proof of concept denial of service exploit for iptables versions below 2.6.8 that makes use of an integer overflow in the logging functionality.
Author:	Felix Zhou
File Size:	3886
Related CVE(s):	CAN-2004-0816
Last Modified:	Nov 5 05:27:25 2004
MD5 Checksum:	79ef4a5bdf0cc12b669100a8e9a7c411

/// File Name:	technote.pl
Description:	Technote remote command execution that spawns bash style shell with the webserver uid.
Author:	SPABAM
File Size:	3877
Last Modified:	Nov 13 00:24:27 2004
MD5 Checksum:	48c69b4c9a92c741a4d33374e40e9da7

/// File Name:	pop_exp2.py
Description:	YPOPS version 0.6 exploit that binds a shell to port 4444.
Author:	varun uppal
File Size:	3790
Last Modified:	Nov 12 04:52:28 2004
MD5 Checksum:	2a84533c53d3d8b230e5c6e7730d7610

/// File Name:	04WebServer.txt
Description:	Documentation on three vulnerabilities that were found in version 1.42 of 04WebServer. It includes a XSS vulnerability, lack of character filtering when writing to log file, and potential server restart problems after requesting a DOS device in the URL.
Author:	Tan Chew Keong
Homepage:	http://www.security.org.sg/
File Size:	3784
Last Modified:	Nov 12 05:17:17 2004
MD5 Checksum:	b8f33c4f3e82717870f0a4047e3f19dc

/// File Name:	phpbb2011.txt
Description:	phpBB versions below 2.0.11 suffer from addition SQL injection and directory traversal flaws.
Author:	Zeelock
File Size:	3717
Last Modified:	Dec 11 23:15:27 2004
MD5 Checksum:	3db6cdf08707e750aade88f2b48d5986

/// File Name:	GFHost.pl
Description:	GFHost PHP GMail remote command execution exploit that achieves webserver id privileges.
Author:	spabam
File Size:	3592
Last Modified:	Nov 20 20:56:16 2004
MD5 Checksum:	6cc47ad984586b88bfcd9274b36a902e

/// File Name:	winampm3u.c
Description:	Exploit for the Winamp vulnerability existing in versions 5.06 and below making use of the IN_CDDA.dll remote buffer overflow.
Related File:	winamp505.txt
File Size:	3318
Last Modified:	Dec 11 20:20:03 2004
MD5 Checksum:	b39f45ee690142f7e8e9e75f7fd5da0f

/// File Name:	OpenDcHub-poc.zip
Description:	Proof of concept exploit for a buffer overflow vulnerability that exists in Open Dc Hub version 0.7.14.
Author:	Donato Ferrante
Homepage:	http://www.autistici.org/fdonato
Related File:	opendchub0714.txt
File Size:	3255
Last Modified:	Dec 11 20:25:30 2004
MD5 Checksum:	e3de5e9b0a3845f37783964004b88ef8

/// File Name:	msieLocalFile.txt
Description:	Microsoft Internet Explorer permits an attacker the ability to verify the existence of local files via Active Scripting.
Author:	Benjamin Tobias Franz
File Size:	3117
Last Modified:	Nov 10 07:29:32 2004
MD5 Checksum:	57f08cd8371ea7a5d9868b89d23e26df

/// File Name:	mailtraq-update.txt
Description:	Mailtraq Version 2.6.1.1677 remote exploit which allows SYSTEM level access while using the Mailtraq administration console. Requires a Mailtraq admin account.
Author:	Travis Schack
File Size:	2841
Last Modified:	Nov 24 05:42:17 2004
MD5 Checksum:	427df7d3b6fffda815a1a52caea03bb8

/// File Name:	SSA-20041122-10.txt
Description:	STG Security Advisory: KorWeblog suffers from a directory traversal vulnerability that malicious attackers can get file lists of arbitrary directories.
Author:	Jeremy Bae
Homepage:	http://stgsecurity.com/
File Size:	2642
Last Modified:	Dec 11 20:05:22 2004
MD5 Checksum:	bf3673a09ff52d676ea067fb60869653

/// File Name:	apache-squ1rt.c
Description:	Apache v2.0.52 remote denial of service exploit (version two) which sends a lot of spaces, consuming CPU and RAM. More information available here. Versions between 2.0.35 and 2.0.52 may be vulnerable, but only v2.0.50 through 2.0.52 was tested.
Author:	Daniel Guido
File Size:	2522
Related CVE(s):	CAN-2004-0942
Last Modified:	Nov 18 06:38:03 2004
MD5 Checksum:	a38bce43fe615d961245f570ff5817f4

/// File Name:	InternetExploiter.html.gz
Description:	InternetExploiter.html is a remote exploit for the IE IFRAME html tag buffer overflow vulnerability which binds a shell to tcp port 28876. Tested against IE 6.0 on Win XP SP1 and IE 6.0 on Win2k.
Author:	Berend-Jan Wever
File Size:	2444
Last Modified:	Nov 4 03:12:23 2004
MD5 Checksum:	bf16e05027e12afc00e3f08f4cc13f9b

/// File Name:	ecl-channel.adv
Description:	Local user input handling vulnerabilities exist in WCI's TC-IDE Embedded Linux prior to v1.54 which allow local users with access to the tools provided with the system to spawn a root console, gaining full control over the running Linux operating system. In corporate environments where this product is being used, such vulnerabilities could cause disastrous effects, all users are encouraged to update to the latest firmware ASAP.
Author:	ECL Team
File Size:	2192
Last Modified:	Nov 24 06:14:14 2004
MD5 Checksum:	2eb22b307cc833cd042d1b49d8b116c4