Section:  .. / 0501-exploits  /

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 92
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: 0501-exploits.tgz
Description:
Packet Storm new exploits for January, 2005.
File Size:1102785
Last Modified:Feb 1 07:20:20 2005
MD5 Checksum:37bd4fdc8193b756cddbabeaa2a60f7e

 ///  File Name: WC-ms05002-ani-expl-cb.c
Description:
Microsoft Internet Explorer .ANI file handling exploit. Modified version of the houseofdabus exploit. Universal version of the exploit. Tested on: Windows Server 2003, Windows XP SP0/SP1, Windows 2000 SP2/SP3/SP4.
Author:WhiskyCoders
Homepage:http://bennupg.ath.cx
Related Exploit:HOD-ms05002-ani-expl.c "
File Size:8176
Last Modified:Jan 31 00:06:24 2005
MD5 Checksum:d7655c62bf4f64164f7a24520e057746

 ///  File Name: imd_advisory.txt
Description:
The webmail portion of Infinite Mobile Delivery 2.6 from Captaris, Inc. contains a Cross Site Scripting vulnerability. In addition to the XSS, an even smaller issue exists where a user can determine the installation path of the client and where e-mails are stored.
Author:Steven
Homepage:http://www.lovebug.org/
File Size:1741
Last Modified:Jan 31 00:02:06 2005
MD5 Checksum:73bf8815871d7d252113b66d4b21f75e

 ///  File Name: 26012005-03.txt
Description:
Multiple versions of the Merak Mail Server with Icewarp Web Mail suffer from various flaws. Included are cross site scripting, path disclosure, arbitrary file manipulation/access, and weak password encryption vulnerabilities.
Author:ShineShadow
File Size:5957
Last Modified:Jan 29 09:54:37 2005
MD5 Checksum:22281f06d752d9deb5bb3663a37d1d5c

 ///  File Name: WebAdmin302.txt
Description:
Alt-N WebAdmin, the web application used to administer MDaemon and RelayFax, is susceptible to cross site scripting, html injection, and unauthenticated account modification vulnerabilities. Versions 3.0.2 and below are susceptible.
Author:David Alonso Perez
File Size:2634
Last Modified:Jan 29 09:37:08 2005
MD5 Checksum:b3c073f533c811a3079686b8142631ff

 ///  File Name: WebWasherCONNECT.txt
Description:
WebWasher Classic has a design flaw weakness where the CONNECT method allows remote attackers to connect to any server listening on the localhost interface of the proxy server.
Author:Oliver Karow
Homepage:http://www.oliverkarow.de/
File Size:1406
Last Modified:Jan 29 09:14:25 2005
MD5 Checksum:73ddc497f3ae9999b4e962bbea99a087

 ///  File Name: exploits-winamp.tgz
Description:
Two exploits for Winamp 5.05 and 5.08. They make use of the buffer overflow vulnerability discovered by NSFOCUS.
Author:Rojodos
Related File:SA2005-01.txt
File Size:314
Related CVE(s):CAN-2004-1150
Last Modified:Jan 28 21:01:24 2005
MD5 Checksum:b7230f0d8cc7a676a94142a80a56e9d4

 ///  File Name: OutlookMuteX.txt
Description:
Exploit for Outlook that can press a button to verify it is okay to access protected contact data. Tested against Windows XP SP1. This functionality may be utilized in future worm creation.
Author:Anand Khare
File Size:6688
Last Modified:Jan 28 07:14:47 2005
MD5 Checksum:55f67af1a82aec066bc16a4846d93360

 ///  File Name: antivir.txt
Description:
An unnamed antivirus product can cause a denial of service on Microsoft Windows due to not closing open registry handles.
Author:Vladimir Kraljevic
File Size:7090
Last Modified:Jan 28 07:03:27 2005
MD5 Checksum:177efb9580b2cc67ffc17e1178af9692

 ///  File Name: DMA-2005-0127a.txt
Description:
Apple's OS X batch family of commands make poor use of setuid capabilities allowing for privilege escalation.
Author:Kevin Finisterre
File Size:5575
Related CVE(s):CAN-2005-0125
Last Modified:Jan 28 06:47:20 2005
MD5 Checksum:56dcf81c83031240460012b3ba4d6624

 ///  File Name: ie_attack.htm
Description:
Pocket IE on a Windows Mobile Pocket PC suffers from Unicode URL obfuscation, local file access, and cross site scripting vulnerabilities.
Author:Seth Fogie
Homepage:http://www.airscanner.com
File Size:5613
Last Modified:Jan 27 06:26:01 2005
MD5 Checksum:4a7aa53d0c4f547a8a6702e988be69d5

 ///  File Name: uselib24.c
Description:
Modified uselib() local exploit for the Linux kernel series. This version has been modified to also work on SMP kernels. Linux kernel versions 2.4 up to and including 2.4.29-pre3, 2.6 up to and including 2.6.10 are affected.
Author:timhsu
Homepage:http://www.chroot.org
File Size:18743
Related CVE(s):CAN-2004-1235
Last Modified:Jan 27 05:55:09 2005
MD5 Checksum:7d1888194c26d9c12a40a81c1aa3e184

 ///  File Name: siteman.noam.txt
Description:
Siteman versions 1.1.10 and below remote administrative account addition exploit.
Author:Noam Rathaus
Related Exploit:siteman.txt"
File Size:1375
Last Modified:Jan 27 05:03:14 2005
MD5 Checksum:23d964d6078eb95f5bdac2764881067c

 ///  File Name: trn-test.txt
Description:
Local root exploit for /usr/bin/trn. Tested on Mandrake 9.2, Slackware 9.1.0/10.0.0.
Author:ZzagorR
Homepage:http://www.rootbinbash.com/
File Size:2228
Last Modified:Jan 27 04:58:35 2005
MD5 Checksum:eccb9e46d859b8d7283889195634aa02

 ///  File Name: ex_gpsd.c
Description:
Remote format string exploit for Berlios gpsd, a remake of pygps. On Debian, it achieves uid of gpsd. On Redhat, it achieves root.
Author:Johnh, KF
Homepage:http://www.digitalmunition.com/
Related File:DMA-2005-0125a.txt
File Size:10828
Last Modified:Jan 27 04:56:14 2005
MD5 Checksum:827e4de2273f8b6087f440740e1ddaaf

 ///  File Name: phpEventCalendar.txt
Description:
phpEventCalendar version 0.2 does not check title and event text when the data is inserted in the database, allowing for arbitrary HTML injection.
Author:Madelman
File Size:1957
Last Modified:Jan 27 04:33:50 2005
MD5 Checksum:e9a569c32f80bca6c0ffb8d8af9ac8ff

 ///  File Name: adv010-y3dips-2005.txt
Description:
Exponent CMS version 0.95 is susceptible to full path disclosure and cross site scripting vulnerabilities.
Author:y3dips
Homepage:http://y3dips.echo.or.id/
File Size:3001
Last Modified:Jan 26 18:15:44 2005
MD5 Checksum:724c9736a6bc618a34641f4f77dcfcb6

 ///  File Name: AWStatsVulnAnalysis.pdf
Description:
Detailed analysis of three different vulnerabilities that reside in AWStats which all allow for remote command execution.
Author:newbug
Homepage:http://www.chroot.org
File Size:956729
Last Modified:Jan 26 18:11:29 2005
MD5 Checksum:b80c768c3977749e69e1d763168985e4

 ///  File Name: codebug7.txt
Description:
Codebug Labs Advisory 07 - MercuryBoard version 1.1.1 suffers from full path disclosure, cross site scripting, and SQL injection vulnerabilities.
Homepage:http://www.codebug.org/
File Size:4768
Last Modified:Jan 25 08:59:31 2005
MD5 Checksum:4cd7f78f29b25991daec36c2ccd910d3

 ///  File Name: w32dasmbof.disasm_me
Description:
Local proof of concept exploit for W32Dasm which suffers from a classic buffer overflow vulnerability when analyzing files.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:w32dasmbof.txt
File Size:2560
Last Modified:Jan 25 08:52:16 2005
MD5 Checksum:c47e3a1d1537b77c56f9e8f526960c2f

 ///  File Name: GHCaws.pl
Description:
AwStats exploit that makes use of a remote command execution vulnerability in versions 6.2 and below.
Author:GHC
Homepage:http://www.ghc.ru
File Size:1937
Last Modified:Jan 25 08:38:31 2005
MD5 Checksum:cd4e6e2173c331307cd924b556c45421

 ///  File Name: awexpl.c
Description:
AwStats exploit that makes use of a remote command execution vulnerability in versions 6.2 and below.
Author:Thunder
File Size:6206
Last Modified:Jan 25 08:37:08 2005
MD5 Checksum:ad96eacf2a2869f6c15ae4c2c84b43ee

 ///  File Name: crafted.c
Description:
Funduc search and replace compressed file local buffer overflow exploit.
Author:ATmaCA
Homepage:http://www.atmacasoft.com/
File Size:5567
Last Modified:Jan 25 08:36:13 2005
MD5 Checksum:844f3c4379637e8d9face8f6c77724a7

 ///  File Name: siteman.pl.txt
Description:
Siteman version 1.0.x remote perl exploit that adds an administrative account.
Author:shoaliesefid7
Related Exploit:siteman.txt"
File Size:1655
Last Modified:Jan 25 08:12:37 2005
MD5 Checksum:1b882d55dd0ffddcd81e52c52d19acba

 ///  File Name: fm-iSink.c
Description:
Local root exploit for mRouter installed by iSync on Mac OS X 10.3.
Author:nemo
File Size:2441
Last Modified:Jan 25 08:10:43 2005
MD5 Checksum:9dd5712dae885584c97c7a9575e3d4f6