Section: .. / 0501-exploits /

Page 3 of 4
<< 1 2 3 4 >> Files 50 - 75 of 92

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	exim.pl.txt
Description:	Proof of concept exploit for the locally exploitable buffer overflow in Exim version 4.41.
Author:	Rafael San Miguel Carrasco
Homepage:	http://www.dvc.es
Related File:	01.14.05.txt
File Size:	1938
Last Modified:	Jan 16 07:25:56 2005
MD5 Checksum:	aa9545a6aeb06b9e4cd8c085f6770585

/// File Name:	siteman119.txt
Description:	Siteman version 1.1.9 is susceptible to cross site scripting attacks.
Author:	Pi3ch
Homepage:	http://www.persianhacker.net
File Size:	913
Last Modified:	Jan 16 07:19:52 2005
MD5 Checksum:	dfbac9435848a88522bc7e07e3e2fcb1

/// File Name:	ss11012005.txt
Description:	MPM Guestbook Pro 1.05 is susceptible to file inclusion and directory traversal attacks.
Author:	SmOk3
File Size:	1465
Last Modified:	Jan 16 06:57:33 2005
MD5 Checksum:	ad15ccd53989598e026abe7b2a496c88

/// File Name:	breedzero.zip
Description:	Remote denial of service proof of concept exploit for the Breed game server that crashes upon accepting an empty UDP packet.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	breedzero.txt
File Size:	7885
Last Modified:	Jan 16 06:51:16 2005
MD5 Checksum:	c0dd92ea735fe111ca2981664912df71

/// File Name:	r57ita.pl.txt
Description:	ITA Forum 1.49 SQL injection exploit with one character bruteforce.
Author:	1dt.w0lf
Homepage:	http://www.rst.void.ru
File Size:	3059
Last Modified:	Jan 16 06:47:08 2005
MD5 Checksum:	3ab14d20f51df4e0eadc1c0611e59d23

/// File Name:	ieBarBypass.txt
Description:	Microsoft Internet Explorer 6 is susceptible to a flaw that allows for malicious file download via manipulation of the File Download Information bar functionality.
Author:	Rafel Ivgi
Homepage:	http://theinsider.deep-ice.com
File Size:	3258
Last Modified:	Jan 16 06:03:56 2005
MD5 Checksum:	c11f180df66f4b95df52ac55789a90f1

/// File Name:	forumKIT.txt
Description:	forumKIT 1.0 suffers from a cross site scripting vulnerability.
Author:	ne0
File Size:	331
Last Modified:	Jan 16 05:52:57 2005
MD5 Checksum:	071b23c75779e0cb3a1f58618583b544

/// File Name:	SSA-20050113-25.txt
Description:	STG Security Advisory: An input validation flaw in ZeroBoard can allow malicious attackers the ability to run arbitrary commands with the privilege of the HTTPD process, which is typically run as the nobody user.
Author:	Jeremy Bae
Homepage:	http://stgsecurity.com/
File Size:	4657
Last Modified:	Jan 16 05:50:00 2005
MD5 Checksum:	60037566ae608048fb38bbba03815d95

/// File Name:	H2005-01.txt
Description:	Horde 3.0 contains two XSS attacks that can be exploited through GET requests. Once exploited, these requests could be used to execute any javascript commands in the context of that user, potentially including but not limited to reading and deleting email, and stealing authentication tokens.
Author:	Robert Fly
Homepage:	http://www.hyperdose.com
File Size:	1838
Last Modified:	Jan 16 05:48:06 2005
MD5 Checksum:	5c88d3c50f6a156434891b0d602d4bf0

/// File Name:	vanisher.tgz
Description:	Proof of concept exploit for the Windows ANI File Parsing vulnerability along with a complete detailed paper describing the process of creating it.
Author:	Assaf Reshef
Homepage:	http://underwar.livedns.co.il/projects/ani/
Related Exploit:	InternetExploiter3.2.zip"
File Size:	2950
Last Modified:	Jan 16 00:30:29 2005
MD5 Checksum:	2d66477114e19c1583d4f4b6fa68194d

/// File Name:	waraxe-2005-SA039.txt
Description:	SGallery version 1.01 suffers from path disclosure, file inclusion, and SQL injection bugs.
Author:	Janek Vind
Homepage:	http://www.waraxe.us/advisory-39.html
File Size:	5338
Last Modified:	Jan 16 00:25:34 2005
MD5 Checksum:	feecc216969ec510ec6b27d4066ce481

/// File Name:	arkeia.txt
Description:	Arkeia versions 4.2.x, 5.2.x, and 5.3.x all have blank default root passwords and various other flaws.
Author:	Maciej Bogucki
File Size:	1226
Last Modified:	Jan 16 00:02:26 2005
MD5 Checksum:	a0a10201f97f5a8301a7f09985145596

/// File Name:	InternetExploiter3.2.zip
Description:	InternetExploiter 3, .ANI-file Animation header length stack based buffer overflow exploit for Internet Explorer. Uses Cascading Style Sheets to load a malicious animated cursor. Runs a bindshell on port 28876.
Author:	Berend-Jan Wever
Homepage:	http://www.edup.tudelft.nl/~bjwever/
Related File:	AD_LAB-04005.txt
File Size:	2565
Last Modified:	Jan 15 23:53:42 2005
MD5 Checksum:	466f587227c9ddbf8f3e34710b089c84

/// File Name:	stackgrow.c
Description:	expand_stack SMP race proof of concept exploit that makes use of a locally exploitable flaw in the Linux page fault handler code.
Author:	Christophe Devine
Related File:	isec-0022-pagefault.txt
File Size:	4853
Related CVE(s):	CAN-2005-0001
Last Modified:	Jan 15 23:49:05 2005
MD5 Checksum:	1a0272676e96d9794dcc23e6e345f3de

/// File Name:	iis_w3who_overflow.pm
Description:	Remote buffer overflow exploit for the w3who.dll in Microsoft Windows 2000. Drops to a command shell.
Author:	H.D. Moore
Homepage:	http://www.metasploit.com/
Related File:	esa-2004-1206.txt
File Size:	4564
Related CVE(s):	CAN-2004-1134
Last Modified:	Jan 12 08:19:09 2005
MD5 Checksum:	b5ac5a1122b0563bf7f3907983af3280

/// File Name:	wins_ms04_045.pm
Description:	Remote Microsoft Windows WINS exploit created by the Metasploit Framework.
Author:	H.D. Moore
Homepage:	http://www.metasploit.com/
Related File:	sa13466.txt
File Size:	8275
Last Modified:	Jan 12 08:12:51 2005
MD5 Checksum:	3fbe335508354d4c720f728cfff557f6

/// File Name:	LSS-2005-01-03.txt
Description:	LSS Security Advisory #LSS-2005-01-03 - There is a privilege escalation and arbitrary file read vulnerability in ftpfile, the Squirrelmail Vacation plugin. Version 0.15 is affected. Detailed exploitation provided.
Author:	Leon Juranic
Homepage:	http://security.lss.hr
File Size:	2331
Last Modified:	Jan 12 07:24:46 2005
MD5 Checksum:	0f57d6737f94fd0948cf9ce5f8fb3405

/// File Name:	veritasABS.c
Description:	Remote stack overflow exploit for Veritas Backup Exec. Works for versions 9.1.4691.SP1, 9.1.4691.SP0, and 8.5.3572. Allows for a shell to be bound to port 101 or it spawn a reverse shell as well.
Author:	class101
Related File:	12.16.04-5.txt
File Size:	38588
Related CVE(s):	CAN-2004-1172
Last Modified:	Jan 12 07:00:39 2005
MD5 Checksum:	72015033c9e98600771603805897d0be

/// File Name:	winToken.c
Description:	Local privilege escalation exploit for the improper token validation vulnerability discovered in Microsoft Windows 2000/2003/XP.
Related File:	AppSecInc.token.txt
File Size:	1763
Last Modified:	Jan 12 06:36:42 2005
MD5 Checksum:	980d2fbbed6fa3361e5e14aa4fbf0a1a

/// File Name:	PSA05-010.txt
Description:	Portcullis Security Advisory - The Emotion MediaPartner Web Server version 5.0 suffers from a classic directory traversal attack.
Author:	Paul J Docherty
File Size:	2758
Last Modified:	Jan 12 06:15:11 2005
MD5 Checksum:	59e110b694a46434de374cc8fd97ea9b

/// File Name:	invisionSQL.txt
Description:	The Invision Community Blog system is susceptible to a SQL injection attack on the eid variable.
Author:	darkhawk matrix
Homepage:	http://www.matrix2k.org
File Size:	584
Last Modified:	Jan 11 02:25:30 2005
MD5 Checksum:	eedcc9e119950fc30714bfedd8be408b

/// File Name:	woltlabXSS.txt
Description:	Woltlab Burning Board Lite version 1.0.0 and 1.0.1e are susceptible to a cross site scripting flaw.
Author:	Martin Heistermann
File Size:	968
Last Modified:	Jan 11 02:24:17 2005
MD5 Checksum:	7a9c468289b188eda701354e7ce28e40

/// File Name:	sphpBlog037.txt
Description:	SPHPBlog 0.3.7c is susceptible to a directory traversal attack. Fixed in release 0.3.7r2.
Author:	Madelman
File Size:	1876
Last Modified:	Jan 11 02:13:50 2005
MD5 Checksum:	d3805dea18227681095923838e0572c2

/// File Name:	isec-0021-uselib.txt
Description:	Locally exploitable flaws have been found in the Linux binary format loaders' uselib() functions that allow local users to gain root privileges. Linux kernel versions 2.4 up to and including 2.4.29-pre3, 2.6 up to and including 2.6.10 are affected. Exploit included.
Author:	Paul Starzetz
Homepage:
File Size:	22989
Related CVE(s):	CAN-2004-1235
Last Modified:	Jan 7 17:27:00 2005
MD5 Checksum:	b8c1d99e53c3f8082e449457f5765447

/// File Name:	amp2zero.zip
Description:	Proof of concept denial of service exploit for the Amp II 3D game engine that is susceptible to attack when receiving UDP datagrams of zero bytes.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	amp2zero.txt
File Size:	7757
Last Modified:	Jan 7 02:46:37 2005
MD5 Checksum:	e0f740ad12e3040bbf0fbbd29c3adecc