Section: .. / 0501-exploits /

Page 3 of 4
<< 1 2 3 4 >> Files 50 - 75 of 92

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	w32dasmbof.disasm_me
Description:	Local proof of concept exploit for W32Dasm which suffers from a classic buffer overflow vulnerability when analyzing files.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	w32dasmbof.txt
File Size:	2560
Last Modified:	Jan 25 08:52:16 2005
MD5 Checksum:	c47e3a1d1537b77c56f9e8f526960c2f

/// File Name:	sugarCRM.txt
Description:	Cross site scripting and possible code execution vulnerabilities exists in SugarCRM versions 1.x.
Author:	Joxean Koret
File Size:	2551
Last Modified:	Jan 2 21:52:22 2005
MD5 Checksum:	4165b81336419e069b3cef37301cc62e

/// File Name:	viewcvs.txt
Description:	ViewCVS 0.9.2 is susceptible to cross site scripting and HTTP-response splitting flaws.
Author:	Joxean Koret
File Size:	2503
Last Modified:	Jan 2 21:53:29 2005
MD5 Checksum:	5a6ee9d029cb6f76d95245fb11eb032c

/// File Name:	netegrity.txt
Description:	The Netegrity SiteMinder smpwservicescgi.exe is susceptible to a remote data inclusion vulnerability that allows for phishing attacks.
Author:	Marc Ruef
Homepage:	http://www.computec.ch/projekte/atk/
File Size:	2490
Last Modified:	Jan 19 07:19:16 2005
MD5 Checksum:	2d8ada3ab66ec8268d82e552fa2e164c

/// File Name:	goldenSploit.pl
Description:	Golden FTP server exploit that binds a shell on port 4444 after making use of a buffer overflow using RNTO.
Author:	Barabas
File Size:	2442
Last Modified:	Jan 25 07:59:58 2005
MD5 Checksum:	b897ef652675f3288b9d4d8be0a7a4b8

/// File Name:	fm-iSink.c
Description:	Local root exploit for mRouter installed by iSync on Mac OS X 10.3.
Author:	nemo
File Size:	2441
Last Modified:	Jan 25 08:10:43 2005
MD5 Checksum:	9dd5712dae885584c97c7a9575e3d4f6

/// File Name:	winaceHKI.txt
Description:	WinAce WinHKI version 1.4d suffers from a directory traversal flaw that allows a compressed archive to overwrite files below the extraction directory.
Author:	Rafel Ivgi
Homepage:	http://theinsider.deep-ice.com
File Size:	2410
Last Modified:	Jan 7 02:32:01 2005
MD5 Checksum:	df3b6d9cc21e72eda8409905d80e03a8

/// File Name:	iWebNegar.c
Description:	iWebNegar version 1.1 remote configuration nullification denial of service exploit.
Author:	c0d3r, hossein asgary
File Size:	2409
Last Modified:	Jan 5 05:37:18 2005
MD5 Checksum:	06b94ca728a3a7b374c2588781694558

/// File Name:	LSS-2005-01-03.txt
Description:	LSS Security Advisory #LSS-2005-01-03 - There is a privilege escalation and arbitrary file read vulnerability in ftpfile, the Squirrelmail Vacation plugin. Version 0.15 is affected. Detailed exploitation provided.
Author:	Leon Juranic
Homepage:	http://security.lss.hr
File Size:	2331
Last Modified:	Jan 12 07:24:46 2005
MD5 Checksum:	0f57d6737f94fd0948cf9ce5f8fb3405

/// File Name:	QWikiwiki.txt
Description:	QWikiwiki 1.4.1 is susceptible to a directory traversal vulnerability. Detailed exploitation provided.
Author:	Madelman
File Size:	2308
Last Modified:	Jan 5 06:05:08 2005
MD5 Checksum:	c3fff0ed07b6980af216deb6169b95d7

/// File Name:	OWL-Intranet.txt
Description:	OWL versions 0.7 and 0.8 suffer from cross site scripting and SQL injection vulnerabilities.
Author:	Joxean Koret
File Size:	2296
Last Modified:	Jan 2 21:51:05 2005
MD5 Checksum:	ccfd6b1bbecbce6fd29bd93463b5a4ff

/// File Name:	phpGiftReq.txt
Description:	phpGiftReq 1.4.0 suffers from multiple SQL injection flaws that allow for manipulation of the database.
Author:	Madelman
File Size:	2259
Last Modified:	Jan 16 20:11:13 2005
MD5 Checksum:	7c0a1e1bb740848737f21d9abdbd4990

/// File Name:	trn-test.txt
Description:	Local root exploit for /usr/bin/trn. Tested on Mandrake 9.2, Slackware 9.1.0/10.0.0.
Author:	ZzagorR
Homepage:	http://www.rootbinbash.com/
File Size:	2228
Last Modified:	Jan 27 04:58:35 2005
MD5 Checksum:	eccb9e46d859b8d7283889195634aa02

/// File Name:	siteman.txt
Description:	Siteman version 1.0.x is susceptible to administrative account injection due to a lack of variable sanitization.
Author:	amironline452
Homepage:	http://www.PersianHacker.NET
File Size:	2214
Last Modified:	Jan 25 06:57:48 2005
MD5 Checksum:	e7f1d769b91cd789605ad132f89bee9c

/// File Name:	phpbb.ssh.D.txt
Description:	New version of the phpBB worm with bot install that makes use of Altavista.
Author:	priv8crew
File Size:	2084
Last Modified:	Jan 7 02:35:35 2005
MD5 Checksum:	a85a8594d27153953b6a73ffdef9fac0

/// File Name:	phpEventCalendar.txt
Description:	phpEventCalendar version 0.2 does not check title and event text when the data is inserted in the database, allowing for arbitrary HTML injection.
Author:	Madelman
File Size:	1957
Last Modified:	Jan 27 04:33:50 2005
MD5 Checksum:	e9a569c32f80bca6c0ffb8d8af9ac8ff

/// File Name:	exim.pl.txt
Description:	Proof of concept exploit for the locally exploitable buffer overflow in Exim version 4.41.
Author:	Rafael San Miguel Carrasco
Homepage:	http://www.dvc.es
Related File:	01.14.05.txt
File Size:	1938
Last Modified:	Jan 16 07:25:56 2005
MD5 Checksum:	aa9545a6aeb06b9e4cd8c085f6770585

/// File Name:	GHCaws.pl
Description:	AwStats exploit that makes use of a remote command execution vulnerability in versions 6.2 and below.
Author:	GHC
Homepage:	http://www.ghc.ru
File Size:	1937
Last Modified:	Jan 25 08:38:31 2005
MD5 Checksum:	cd4e6e2173c331307cd924b556c45421

/// File Name:	sphpBlog037.txt
Description:	SPHPBlog 0.3.7c is susceptible to a directory traversal attack. Fixed in release 0.3.7r2.
Author:	Madelman
File Size:	1876
Last Modified:	Jan 11 02:13:50 2005
MD5 Checksum:	d3805dea18227681095923838e0572c2

/// File Name:	H2005-01.txt
Description:	Horde 3.0 contains two XSS attacks that can be exploited through GET requests. Once exploited, these requests could be used to execute any javascript commands in the context of that user, potentially including but not limited to reading and deleting email, and stealing authentication tokens.
Author:	Robert Fly
Homepage:	http://www.hyperdose.com
File Size:	1838
Last Modified:	Jan 16 05:48:06 2005
MD5 Checksum:	5c88d3c50f6a156434891b0d602d4bf0

/// File Name:	froogleCookie.txt
Description:	A cross site scripting vulnerability in Froogle allows for theft of the Google GMail cookie.
Author:	Nir Goldshlager
File Size:	1776
Last Modified:	Jan 16 10:27:10 2005
MD5 Checksum:	47c5c30fb8e4ac424d9837135fe87121

/// File Name:	winToken.c
Description:	Local privilege escalation exploit for the improper token validation vulnerability discovered in Microsoft Windows 2000/2003/XP.
Related File:	AppSecInc.token.txt
File Size:	1763
Last Modified:	Jan 12 06:36:42 2005
MD5 Checksum:	980d2fbbed6fa3361e5e14aa4fbf0a1a

/// File Name:	imd_advisory.txt
Description:	The webmail portion of Infinite Mobile Delivery 2.6 from Captaris, Inc. contains a Cross Site Scripting vulnerability. In addition to the XSS, an even smaller issue exists where a user can determine the installation path of the client and where e-mails are stored.
Author:	Steven
Homepage:	http://www.lovebug.org/
File Size:	1741
Last Modified:	Jan 31 00:02:06 2005
MD5 Checksum:	73bf8815871d7d252113b66d4b21f75e

/// File Name:	mybbSQL.txt
Description:	MyBB is prone to a SQL injection attack within the uid parameter of member.php. The flaw allows for retrieval of the admin password hash. Sample exploit provided.
Author:	scottm
File Size:	1724
Last Modified:	Jan 5 06:09:51 2005
MD5 Checksum:	e6d1d80285c702f9aef7e683bff126fb

/// File Name:	siteman.pl.txt
Description:	Siteman version 1.0.x remote perl exploit that adds an administrative account.
Author:	shoaliesefid7
Related Exploit:	siteman.txt"
File Size:	1655
Last Modified:	Jan 25 08:12:37 2005
MD5 Checksum:	1b882d55dd0ffddcd81e52c52d19acba