Section: .. / 0501-exploits /

Page 4 of 4
<< 1 2 3 4 >> Files 75 - 92 of 92

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	jakarta556_xss.txt
Description:	Apache Jakarta Tomcat version 5.5.6 is susceptible to cross site scripting attacks.
Author:	Oliver Karow
Homepage:	http://www.oliverkarow.de/
File Size:	910
Last Modified:	Jan 7 02:42:07 2005
MD5 Checksum:	8d2da4e59e74ea24a42efaf5451139f6

/// File Name:	phpbb.ssh.D.txt
Description:	New version of the phpBB worm with bot install that makes use of Altavista.
Author:	priv8crew
File Size:	2084
Last Modified:	Jan 7 02:35:35 2005
MD5 Checksum:	a85a8594d27153953b6a73ffdef9fac0

/// File Name:	winaceHKI.txt
Description:	WinAce WinHKI version 1.4d suffers from a directory traversal flaw that allows a compressed archive to overwrite files below the extraction directory.
Author:	Rafel Ivgi
Homepage:	http://theinsider.deep-ice.com
File Size:	2410
Last Modified:	Jan 7 02:32:01 2005
MD5 Checksum:	df3b6d9cc21e72eda8409905d80e03a8

/// File Name:	un-htget_0.9x.txt
Description:	Local root exploit for htget versions 0.9.x and below.
Author:	nekd0
Homepage:	http://unl0ck.void.ru/
File Size:	994
Last Modified:	Jan 6 03:56:25 2005
MD5 Checksum:	adf05b016c2b23bded09c401ec9f22c5

/// File Name:	mybbSQL.txt
Description:	MyBB is prone to a SQL injection attack within the uid parameter of member.php. The flaw allows for retrieval of the admin password hash. Sample exploit provided.
Author:	scottm
File Size:	1724
Last Modified:	Jan 5 06:09:51 2005
MD5 Checksum:	e6d1d80285c702f9aef7e683bff126fb

/// File Name:	QWikiwiki.txt
Description:	QWikiwiki 1.4.1 is susceptible to a directory traversal vulnerability. Detailed exploitation provided.
Author:	Madelman
File Size:	2308
Last Modified:	Jan 5 06:05:08 2005
MD5 Checksum:	c3fff0ed07b6980af216deb6169b95d7

/// File Name:	soldnersock.zip
Description:	Remote proof of concept exploit for Soldner that demonstrates a socket termination when an oversized UDP packet is sent to the server.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	soldersock.txt
File Size:	7920
Last Modified:	Jan 5 05:59:52 2005
MD5 Checksum:	97f85864195a95985c845b23f9848a3d

/// File Name:	scanner_ndde.c
Description:	Microsoft Windows NetDDE scanner that makes use of a remote code execution vulnerability due to an unchecked buffer.
Author:	Gogu Gigi
File Size:	7286
Last Modified:	Jan 5 05:46:04 2005
MD5 Checksum:	e35e458299ec6ed53336864a059dc467

/// File Name:	ad20041011.txt
Description:	3Com's 3CDaemon 2.0 revision 10 is susceptible to multiple vulnerabilities ranging from various format string and denial of service flaws.
Author:	Sowhat
Homepage:	http://secway.org/
File Size:	3536
Last Modified:	Jan 5 05:42:45 2005
MD5 Checksum:	70f67f8c67fad4e6be72a2ea54c68c6f

/// File Name:	iWebNegar.c
Description:	iWebNegar version 1.1 remote configuration nullification denial of service exploit.
Author:	c0d3r, hossein asgary
File Size:	2409
Last Modified:	Jan 5 05:37:18 2005
MD5 Checksum:	06b94ca728a3a7b374c2588781694558

/// File Name:	top_ex.pl
Description:	Proof of concept exploit for an old format string vulnerability in setuid versions of top. This vulnerability has popped back up in the Solaris 10 Companion CD.
Author:	Kevin Finisterre
Related File:	DMA-2005-0103a.txt
File Size:	2931
Last Modified:	Jan 5 05:22:21 2005
MD5 Checksum:	30e63e8e67f59c652ec55c5f2f5cfc66

/// File Name:	PhotoPost.txt
Description:	GulfTech Security Research - PhotoPost PHP versions 4.8.6 and below suffer from cross site scripting and SQL injection flaws. Sample exploitation given.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
File Size:	3096
Last Modified:	Jan 5 05:08:39 2005
MD5 Checksum:	a8252c4a7a9a930d42220a299a3a2a0f

/// File Name:	ReviewPost.txt
Description:	GulfTech Security Research - ReviewPost PHP Pro versions below 2.84 suffer from cross site scripting and SQL injection attacks. Sample exploitation given.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
File Size:	3097
Last Modified:	Jan 5 05:06:29 2005
MD5 Checksum:	cc9424064ae6b740688d1fdf641acd1d

/// File Name:	firewallbypass.tgz
Description:	A generic problem of common personal firewall products is the allowance of shortcuts or interfaces for controlling traffic. Manipulation of these functions can allow for firewall bypass altogether. Various proof of concepts are included for products such as Zone Alarm, Kerio, Agnitium Outpost firewall, Kaspersky Anti-Hacker, Symantec's Norton Personal Firewall, and more.
Author:	Ferruh Mavituna
Homepage:	http://ferruh.mavituna.com/
File Size:	5415
Last Modified:	Jan 5 04:59:33 2005
MD5 Checksum:	683f4f847425dcd4616eab03d0c8f4ee

/// File Name:	viewcvs.txt
Description:	ViewCVS 0.9.2 is susceptible to cross site scripting and HTTP-response splitting flaws.
Author:	Joxean Koret
File Size:	2503
Last Modified:	Jan 2 21:53:29 2005
MD5 Checksum:	5a6ee9d029cb6f76d95245fb11eb032c

/// File Name:	sugarCRM.txt
Description:	Cross site scripting and possible code execution vulnerabilities exists in SugarCRM versions 1.x.
Author:	Joxean Koret
File Size:	2551
Last Modified:	Jan 2 21:52:22 2005
MD5 Checksum:	4165b81336419e069b3cef37301cc62e

/// File Name:	OWL-Intranet.txt
Description:	OWL versions 0.7 and 0.8 suffer from cross site scripting and SQL injection vulnerabilities.
Author:	Joxean Koret
File Size:	2296
Last Modified:	Jan 2 21:51:05 2005
MD5 Checksum:	ccfd6b1bbecbce6fd29bd93463b5a4ff