Section: .. / 0501-exploits /

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 92

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	0501-exploits.tgz
Description:	Packet Storm new exploits for January, 2005.
File Size:	1102785
Last Modified:	Feb 1 07:20:20 2005
MD5 Checksum:	37bd4fdc8193b756cddbabeaa2a60f7e

/// File Name:	26012005-03.txt
Description:	Multiple versions of the Merak Mail Server with Icewarp Web Mail suffer from various flaws. Included are cross site scripting, path disclosure, arbitrary file manipulation/access, and weak password encryption vulnerabilities.
Author:	ShineShadow
File Size:	5957
Last Modified:	Jan 29 09:54:37 2005
MD5 Checksum:	22281f06d752d9deb5bb3663a37d1d5c

/// File Name:	ad20041011.txt
Description:	3Com's 3CDaemon 2.0 revision 10 is susceptible to multiple vulnerabilities ranging from various format string and denial of service flaws.
Author:	Sowhat
Homepage:	http://secway.org/
File Size:	3536
Last Modified:	Jan 5 05:42:45 2005
MD5 Checksum:	70f67f8c67fad4e6be72a2ea54c68c6f

/// File Name:	adv010-y3dips-2005.txt
Description:	Exponent CMS version 0.95 is susceptible to full path disclosure and cross site scripting vulnerabilities.
Author:	y3dips
Homepage:	http://y3dips.echo.or.id/
File Size:	3001
Last Modified:	Jan 26 18:15:44 2005
MD5 Checksum:	724c9736a6bc618a34641f4f77dcfcb6

/// File Name:	amp2zero.zip
Description:	Proof of concept denial of service exploit for the Amp II 3D game engine that is susceptible to attack when receiving UDP datagrams of zero bytes.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	amp2zero.txt
File Size:	7757
Last Modified:	Jan 7 02:46:37 2005
MD5 Checksum:	e0f740ad12e3040bbf0fbbd29c3adecc

/// File Name:	antivir.txt
Description:	An unnamed antivirus product can cause a denial of service on Microsoft Windows due to not closing open registry handles.
Author:	Vladimir Kraljevic
File Size:	7090
Last Modified:	Jan 28 07:03:27 2005
MD5 Checksum:	177efb9580b2cc67ffc17e1178af9692

/// File Name:	arkeia.txt
Description:	Arkeia versions 4.2.x, 5.2.x, and 5.3.x all have blank default root passwords and various other flaws.
Author:	Maciej Bogucki
File Size:	1226
Last Modified:	Jan 16 00:02:26 2005
MD5 Checksum:	a0a10201f97f5a8301a7f09985145596

/// File Name:	auth_radius.c
Description:	Apache mod_auth_radius denial of service exploit that makes use of an integer overflow. All versions up to 1.5.4/1.5.7 are affected.
Author:	Leon Juranic
Homepage:	http://security.lss.hr
Related File:	LSS-2005-01-02.txt
File Size:	3430
Last Modified:	Jan 18 06:32:19 2005
MD5 Checksum:	bc6de626e823ef2cea445857d58fa6fc

/// File Name:	awexpl.c
Description:	AwStats exploit that makes use of a remote command execution vulnerability in versions 6.2 and below.
Author:	Thunder
File Size:	6206
Last Modified:	Jan 25 08:37:08 2005
MD5 Checksum:	ad96eacf2a2869f6c15ae4c2c84b43ee

/// File Name:	AWStatsVulnAnalysis.pdf
Description:	Detailed analysis of three different vulnerabilities that reside in AWStats which all allow for remote command execution.
Author:	newbug
Homepage:	http://www.chroot.org
File Size:	956729
Last Modified:	Jan 26 18:11:29 2005
MD5 Checksum:	b80c768c3977749e69e1d763168985e4

/// File Name:	breedzero.zip
Description:	Remote denial of service proof of concept exploit for the Breed game server that crashes upon accepting an empty UDP packet.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	breedzero.txt
File Size:	7885
Last Modified:	Jan 16 06:51:16 2005
MD5 Checksum:	c0dd92ea735fe111ca2981664912df71

/// File Name:	codebug7.txt
Description:	Codebug Labs Advisory 07 - MercuryBoard version 1.1.1 suffers from full path disclosure, cross site scripting, and SQL injection vulnerabilities.
Homepage:	http://www.codebug.org/
File Size:	4768
Last Modified:	Jan 25 08:59:31 2005
MD5 Checksum:	4cd7f78f29b25991daec36c2ccd910d3

/// File Name:	crafted.c
Description:	Funduc search and replace compressed file local buffer overflow exploit.
Author:	ATmaCA
Homepage:	http://www.atmacasoft.com/
File Size:	5567
Last Modified:	Jan 25 08:36:13 2005
MD5 Checksum:	844f3c4379637e8d9face8f6c77724a7

/// File Name:	divxplayerbug.dps
Description:	Proof of concept exploit for DivX player versions 2.6 and below that allow for arbitrary file overwriting via a flaw in handling skins.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org/
Related File:	divxplayerbug.txt
File Size:	390
Last Modified:	Jan 25 07:31:15 2005
MD5 Checksum:	9cf43a1b2697117eee6f044731ad48e9

/// File Name:	DMA-2005-0127a.txt
Description:	Apple's OS X batch family of commands make poor use of setuid capabilities allowing for privilege escalation.
Author:	Kevin Finisterre
File Size:	5575
Related CVE(s):	CAN-2005-0125
Last Modified:	Jan 28 06:47:20 2005
MD5 Checksum:	56dcf81c83031240460012b3ba4d6624

/// File Name:	ex_gpsd.c
Description:	Remote format string exploit for Berlios gpsd, a remake of pygps. On Debian, it achieves uid of gpsd. On Redhat, it achieves root.
Author:	Johnh, KF
Homepage:	http://www.digitalmunition.com/
Related File:	DMA-2005-0125a.txt
File Size:	10828
Last Modified:	Jan 27 04:56:14 2005
MD5 Checksum:	827e4de2273f8b6087f440740e1ddaaf

/// File Name:	exim-exploit.c
Description:	Proof of concept local exploit for Exim version 4.41.
Related File:	01.14.05.txt
File Size:	1475
Last Modified:	Jan 19 07:06:41 2005
MD5 Checksum:	a710a65db5bce4ca9cedd2b3d59cc373

/// File Name:	exim.pl.txt
Description:	Proof of concept exploit for the locally exploitable buffer overflow in Exim version 4.41.
Author:	Rafael San Miguel Carrasco
Homepage:	http://www.dvc.es
Related File:	01.14.05.txt
File Size:	1938
Last Modified:	Jan 16 07:25:56 2005
MD5 Checksum:	aa9545a6aeb06b9e4cd8c085f6770585

/// File Name:	exploits-winamp.tgz
Description:	Two exploits for Winamp 5.05 and 5.08. They make use of the buffer overflow vulnerability discovered by NSFOCUS.
Author:	Rojodos
Related File:	SA2005-01.txt
File Size:	314
Related CVE(s):	CAN-2004-1150
Last Modified:	Jan 28 21:01:24 2005
MD5 Checksum:	b7230f0d8cc7a676a94142a80a56e9d4

/// File Name:	firewallbypass.tgz
Description:	A generic problem of common personal firewall products is the allowance of shortcuts or interfaces for controlling traffic. Manipulation of these functions can allow for firewall bypass altogether. Various proof of concepts are included for products such as Zone Alarm, Kerio, Agnitium Outpost firewall, Kaspersky Anti-Hacker, Symantec's Norton Personal Firewall, and more.
Author:	Ferruh Mavituna
Homepage:	http://ferruh.mavituna.com/
File Size:	5415
Last Modified:	Jan 5 04:59:33 2005
MD5 Checksum:	683f4f847425dcd4616eab03d0c8f4ee

/// File Name:	fm-iSink.c
Description:	Local root exploit for mRouter installed by iSync on Mac OS X 10.3.
Author:	nemo
File Size:	2441
Last Modified:	Jan 25 08:10:43 2005
MD5 Checksum:	9dd5712dae885584c97c7a9575e3d4f6

/// File Name:	fm-nacho.c
Description:	Mac OSX versions 10.3.x with a Darwin Kernel equal to or below 7.7.0 are susceptible to a denial of service flaw that may allow for possible privilege escalation.
Author:	nemo
File Size:	3090
Last Modified:	Jan 22 20:50:59 2005
MD5 Checksum:	c75586bd9e285adb8bba510e652200ac

/// File Name:	forumKIT.txt
Description:	forumKIT 1.0 suffers from a cross site scripting vulnerability.
Author:	ne0
File Size:	331
Last Modified:	Jan 16 05:52:57 2005
MD5 Checksum:	071b23c75779e0cb3a1f58618583b544

/// File Name:	froogleCookie.txt
Description:	A cross site scripting vulnerability in Froogle allows for theft of the Google GMail cookie.
Author:	Nir Goldshlager
File Size:	1776
Last Modified:	Jan 16 10:27:10 2005
MD5 Checksum:	47c5c30fb8e4ac424d9837135fe87121

/// File Name:	FVS318.txt
Description:	The Netgear FVS318 version 2.4 router is susceptible to filter bypass when the URL is hex encoded and it also have a cross site scripting flaw.
Author:	Paul Kurczaba
Homepage:	http://www.securinews.com/
File Size:	1555
Last Modified:	Jan 18 06:47:40 2005
MD5 Checksum:	06661f61e9927239230a8edbf0e44e0c