Section:  .. / 0502-exploits  /

Page 1 of 5
<< 1 2 3 4 5 >> Files 1 - 25 of 108
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: 0502-exploits.tgz
Description:
Packet Storm new exploits for February, 2005.
File Size:271917
Last Modified:Mar 1 02:30:08 2005
MD5 Checksum:ab1eb6fa04a25b510796e7b6bf18ac72

 ///  File Name: badblue.cpp
Description:
BadBlue webserver version 2.55 remote buffer overflow exploit. Tested under Windows 2000 Professional SP3/SP4 Spanish, Windows 2000 Server SP4 Spanish, and Windows XP SP1 Spanish.
Author:Andres Tarasco, Miguel
File Size:9136
Last Modified:Feb 28 07:33:03 2005
MD5 Checksum:5529b72cb5a1e55ee5a545eee55e8adc

 ///  File Name: badblue25.c
Description:
BadBlue webserver version 2.5 is susceptible to a remote buffer overflow vulnerability that allows for code execution. Full exploit provided.
Author:Andres Tarasco, class101
Homepage:http://Hat-Squad.com/
File Size:8310
Last Modified:Feb 28 07:29:16 2005
MD5 Checksum:b199afc5574630ee6ece67c8d1c7d8af

 ///  File Name: knetDoS104c.txt
Description:
Knet versions 1.04c and below are susceptible to a remote buffer overflow vulnerability that allows for execution of code. Exploit provided.
Author:CorryL
Homepage:http://x0n3-h4ck.org
File Size:3440
Last Modified:Feb 28 07:25:44 2005
MD5 Checksum:c9d2eb21aeeefd9b8a87f0393fc2cb12

 ///  File Name: CIS3513.txt
Description:
CIS WebServer version 3.5.13 is susceptible to a classic directory traversal attack.
Author:CorryL
File Size:829
Last Modified:Feb 28 07:18:30 2005
MD5 Checksum:8ddb6a4d31dd61f9b9a44f94d44f79fa

 ///  File Name: advisory003.txt
Description:
Improper handling of several arguments in the moderate.php code in punbb version 1.2.1 allows a malicious moderator to inject arbitrary SQL statements.
Author:John Gumbel
File Size:1610
Last Modified:Feb 28 06:52:15 2005
MD5 Checksum:0fa245da1da2ee450650915c291a331a

 ///  File Name: advisory002.txt
Description:
Due to a flaw in punbb version 1.2.1, a remote attacker without an account can set the password of any user on the system to NULL, effectively shutting them out of the system.
Author:John Gumbel
File Size:1841
Last Modified:Feb 28 06:50:51 2005
MD5 Checksum:2fca37c706129ea7a3acd4dc2f838553

 ///  File Name: advisory001.txt
Description:
A remote attacker can cause register.php punbb version 1.2.1 to execute arbitrary SQL statements by supplying malicious values to the language or email parameters.
Author:John Gumbel
File Size:983
Last Modified:Feb 28 06:49:14 2005
MD5 Checksum:49e3dec810dbe71cfb281699c1269f7d

 ///  File Name: sof2guidboom.zip
Description:
Proof of concept exploit for a denial of service flaw in Soldier of Fortune II versions 1.03 and below.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:sof2guidboom.txt
File Size:16723
Last Modified:Feb 26 20:23:35 2005
MD5 Checksum:6b5ce84269c5f3dbf5a53e46c70a1a33

 ///  File Name: phpMyAdmin261.txt
Description:
phpMyAdmin versions 2.6.1 and below suffer from remote file inclusion and cross site scripting flaws. Detailed exploitation given.
Author:Maksymilian Arciemowicz
File Size:3611
Last Modified:Feb 26 20:20:05 2005
MD5 Checksum:943aaf73594eaf3a6329bd1ea8d69e72

 ///  File Name: cycladesReveal.txt
Description:
The Cyclades AlterPath Manager (APM) Console Server has design flaws that expose restricted consoles to unauthorized APM users, allow any APM user to obtain administrative privileges, and provide detailed system information to unauthorized users.
Homepage:http://www.cirt.net/
File Size:3109
Related OSVDB(s):14073,14074
Last Modified:Feb 26 20:16:24 2005
MD5 Checksum:b05be9d4fc5d8ff1dadf3875d69ea0d1

 ///  File Name: wuftpd262DoS.c
Description:
wu-ftpd versions 2.6.2 and below file globbing denial of service exploit.
Author:str0ke
Homepage:http://milw0rm.com/
File Size:3538
Last Modified:Feb 26 06:17:02 2005
MD5 Checksum:2e6a392d582fec375515b21f8f5022e2

 ///  File Name: sileAWSxpl_v5.7-6.2.c
Description:
Remote pluginmode command execution exploit for AWStats versions 5.7 through 6.2.
Author:Silentium
Homepage:http://www.autistici.org/anacron-group-italy
File Size:6415
Last Modified:Feb 26 06:14:15 2005
MD5 Checksum:a3c1e41a10460242dd78ea43169acc88

 ///  File Name: avaya.cpp
Description:
Avaya IP Office Phone Manager exploit that attempts to extract sensitive data from the Windows registry.
Author:pagvac
File Size:1680
Last Modified:Feb 26 06:10:46 2005
MD5 Checksum:9666749b62f499e1f04e9084c391876b

 ///  File Name: webconnect.pl
Description:
WebConnect remote exploit that makes use of a directory traversal vulnerability in versions 6.4.4 and 6.5.
Author:KarakOrsan
Related File:webConnect.txt
File Size:1688
Last Modified:Feb 26 05:55:40 2005
MD5 Checksum:87be5ea960b62e6bab82d1a72e4b7e5a

 ///  File Name: wwwfileshare.c
Description:
WWW File Share Pro version 2.72 local exploit that discloses passwords.
Author:Kozan
Homepage:http://www.netmagister.com
File Size:2805
Last Modified:Feb 26 05:38:25 2005
MD5 Checksum:1396bc6f92f6f687ac3638bf0c5582f4

 ///  File Name: ChatAnywhere.c
Description:
Chat Anywhere version 2.72a local exploit that discloses passwords.
Author:Kozan
Homepage:http://www.netmagister.com
File Size:3775
Last Modified:Feb 26 05:34:12 2005
MD5 Checksum:32c7f73afcc0918d6935521ae88004e7

 ///  File Name: SendLink.c
Description:
SendLink version 1.5 local exploit that discloses passwords.
Author:Kozan
Homepage:http://www.netmagister.com
File Size:4754
Last Modified:Feb 26 05:32:20 2005
MD5 Checksum:e05fe5a6f04ba21b132754cbb67c2d51

 ///  File Name: eXeem021.c
Description:
eXeem version 0.21 local exploit that discloses passwords for proxy settings.
Author:Kozan
Homepage:http://www.netmagister.com
File Size:2691
Last Modified:Feb 26 05:30:56 2005
MD5 Checksum:1f56bd8c9fa4abdd53b03dc6288c2435

 ///  File Name: iGeneric12.txt
Description:
Multiple information disclosure and possible SQL injection vulnerabilities have been discovered in iGeneric eShop 1.2.
Author:John Cobb
Homepage:http://www.nobytes.com
File Size:1046
Last Modified:Feb 26 02:08:45 2005
MD5 Checksum:a90af00737204235c158c89d0979957d

 ///  File Name: SDtraverse.txt
Description:
SD Server versions 4.0.70 and below suffer from a classic directory traversal flaw.
Author:CorryL
File Size:1080
Last Modified:Feb 26 02:07:19 2005
MD5 Checksum:edd39b6f6ccf627ba499afd72b2bbdec

 ///  File Name: bontagobof.zip
Description:
Bontago versions 1.1 and below remote exploit that makes use of a buffer overflow when a nickname longer than 512 bytes is sent.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:bontagobof-adv.txt
File Size:6914
Last Modified:Feb 26 01:30:54 2005
MD5 Checksum:fc1431f7ae6fa0b788010eb29472e4f7

 ///  File Name: xinkaa-adv.txt
Description:
Xinkaa WEB Station versions 1.0.3 and below suffer from a classic directory traversal flaw.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:1423
Last Modified:Feb 26 01:25:28 2005
MD5 Checksum:28039f57e1c23f2f1fccb9ab33b8e28d

 ///  File Name: paNews_v2.0b4.txt
Description:
paNews version 2.0b4 is susceptible to remote php code injection.
Homepage:http://nst.e-nex.com/
File Size:1133
Last Modified:Feb 26 01:19:41 2005
MD5 Checksum:0768931e700ec992ba71b15aa8732b4a

 ///  File Name: ieBypass.txt
Description:
Using magic DNS, the domain name in the Internet Explorer titlebar can be exploited to trick users into visiting a malicious pop-up window. The weakness has been confirmed in version 6.0 on a fully patched system running Windows XP with SP2 installed.
Author:bitlance winter
File Size:2220
Last Modified:Feb 26 01:18:01 2005
MD5 Checksum:d469b06a4e4051d3981c2a3efdaad2f6