Section: .. / 0506-exploits /

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 89

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	0506-exploits.tgz
Description:	Packet Storm new exploits for June, 2005.
File Size:	145468
Last Modified:	Jul 1 08:59:44 2005
MD5 Checksum:	6a33061f5d9ec915bb5a28d98edb37f1

/// File Name:	phpbb2_0_15.pl.txt
Description:	php 2.0.15 remote command execution exploit for viewtopic.php.
Author:	dab
Homepage:	http://www.digitalsec.net
File Size:	1598
Last Modified:	Jul 1 08:17:25 2005
MD5 Checksum:	23b500675fdc94044a614e8292017bf9

/// File Name:	XOOPS2011.txt
Description:	XOOPS versions 2.0.11 and below suffer from cross site scripting and SQL injection vulnerabilities.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
File Size:	4166
Last Modified:	Jul 1 08:10:11 2005
MD5 Checksum:	af1cf3535febd29375a29411d13db4bb

/// File Name:	prowebExec.txt
Description:	Community Link Pro Web Editor's Login.cgi script allows for remote code execution. Details on proper exploitation provided.
Author:	spher3, mozako
Homepage:	http://www.badroot.org/
File Size:	1538
Last Modified:	Jul 1 08:08:42 2005
MD5 Checksum:	6fcf91a8d8b18dd115cf86f026958166

/// File Name:	wpcmdexec.pl.txt
Description:	WordPress 1.5.1.2 XMLRPC Interface SQL injection exploit that allows for remote command execution.
Author:	James Bercegay
Homepage:	http://www.gulftech.org
File Size:	9490
Last Modified:	Jul 1 07:46:02 2005
MD5 Checksum:	ce0fdd5e9eaafc05dff2dd948ea52e56

/// File Name:	wordpress1512.txt
Description:	WordPress versions 1.5.1.2 and below suffer from cross site scripting and SQL injection flaw.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
File Size:	5078
Last Modified:	Jul 1 07:44:10 2005
MD5 Checksum:	8327b854df403cd160ea4930f97806f2

/// File Name:	imTRBBS.txt
Description:	Original imTRBBS versions 1.02 and below allow for remote command execution due to a lack of properly sanitized input in im_trbbs.cgi.
Author:	blahplok
File Size:	550
Last Modified:	Jul 1 07:33:39 2005
MD5 Checksum:	e2f1f4aed623bf85112f072bdb54fbc4

/// File Name:	ieCrash-javaprxy.txt
Description:	A heap corruption vulnerability exists in the javaprxy.dll in Internet Explorer 6. Sample denial of service exploit included.
Author:	sk0L, Martin Eiszner
Homepage:	http://www.sec-consult.com
File Size:	3011
Last Modified:	Jul 1 07:27:59 2005
MD5 Checksum:	ca5d482698e5f9c6feeab50732b88227

/// File Name:	peercast.c
Description:	peercast version 1211 and below format string vulnerability exploit. FreeBSD version.
Author:	Siim Poder
File Size:	6274
Last Modified:	Jul 1 07:24:44 2005
MD5 Checksum:	3ac111ba31587f6a38794505bfe7480b

/// File Name:	hostingController.txt
Description:	Hosting Controller suffers from a cross site scripting flaw.
Author:	Action Spider
File Size:	2961
Last Modified:	Jul 1 07:03:06 2005
MD5 Checksum:	08cab0f5b3506af6f9266f460bc84b7b

/// File Name:	ASPNukeSQL080.txt
Description:	ASPNuke versions 0.80 and below remote SQL injection exploit using comment_post.asp.
Author:	Alberto Trivero
File Size:	1215
Last Modified:	Jul 1 06:59:53 2005
MD5 Checksum:	17f91b9995ed195bdd4d9b6322b7a733

/// File Name:	Infradig60.txt
Description:	Infradig Systems Inframail Advantage Server Edition 6.0 suffers from multiple buffer overflows. Sample denial of service exploits included.
Author:	Reed Arvin
Homepage:	http://reedarvin.thearvins.com/
File Size:	3364
Last Modified:	Jul 1 06:57:21 2005
MD5 Checksum:	9ffd0b4310c54c96ad38236984614c66

/// File Name:	communityXSS.txt
Description:	Community forum suffers from a cross site scripting flaw. Exploitation provided.
Author:	abducter_minds
File Size:	417
Last Modified:	Jun 29 10:45:39 2005
MD5 Checksum:	3eda9b0e950a5224de3379c5dd0b1c9e

/// File Name:	ldsoWhoops.txt
Description:	ld.so from Solaris 9 and 10 does not check the LD_AUDIT environment variable when running setuid and setgid binaries, allowing a malicious party to run arbitrary code with elevated privileges.
Author:	Przemyslaw Frasunek
File Size:	1718
Last Modified:	Jun 29 10:44:26 2005
MD5 Checksum:	02b0fa3de66ae2c25e511bb747ec86a9

/// File Name:	nokia-bt-cx.pl.txt
Description:	Nokia remote restart Bluetooth nickname exploit.
Author:	QNIX
File Size:	1393
Last Modified:	Jun 29 10:38:18 2005
MD5 Checksum:	fd481422d913224ffc22db92933ccc97

/// File Name:	IAeMailServer_DOS.pl.txt
Description:	A denial of service vulnerability exists in the True North Software IA eMailServer Corporate Edition version 5.2.2. Build: 1051. Input to the IMAP4 LIST command is not properly checked. Perl exploit provided.
Author:	Reed Arvin
Homepage:	http://reedarvin.thearvins.com/
File Size:	1752
Last Modified:	Jun 29 10:36:31 2005
MD5 Checksum:	49463a1e24a79a951d044d3dadaa0090

/// File Name:	ASPNuke.pl
Description:	ASPNuke versions 0.80 and below SQL injection exploit that makes use of article.asp.
Author:	mh_p0rtal
File Size:	1896
Last Modified:	Jun 29 10:31:28 2005
MD5 Checksum:	50df7997265f2e27e14b828757e8416f

/// File Name:	M4DR007-07SA.txt
Description:	Cross site scripting, HTTP Response splitting, and SQL injection vulnerabilities exist in ASP Nuke versions 0.80 and below.
Author:	Alberto Trivero
File Size:	5676
Last Modified:	Jun 29 10:28:39 2005
MD5 Checksum:	0cd8b64d7f6e4e78b1a45cd1bfff8a67

/// File Name:	backupexec_agent.pm.txt
Description:	Veritas Backup Exec Agent CONNECT_CLIENT_AUTH Request exploit that makes use of a stack overflow.
Related File:	06.23.05-1.txt
File Size:	5477
Related CVE(s):	CAN-2005-0773
Last Modified:	Jun 29 10:26:11 2005
MD5 Checksum:	0de18c58e6ab3fabdfbfa6b59a0a5c3b

/// File Name:	ipdatalook.txt
Description:	IP-DATALOOK versions 1.3 and below local denial of service exploit.
Author:	basher13
Homepage:	http://infamous.2hell.com
File Size:	4035
Last Modified:	Jun 26 08:54:04 2005
MD5 Checksum:	6647d59cdb87b50fed488336655dca48

/// File Name:	fusionDB.pl.txt
Description:	PHP-Fusion versions 6.00.105 and below suffer from allowing their database backups to be remotely downloadable due to being accessible in the webroot.
Homepage:	http://dark-assassins.com/
File Size:	2733
Last Modified:	Jun 26 08:51:32 2005
MD5 Checksum:	5e6eabb5d51a59ceae4f51a7ae65acd4

/// File Name:	adv21-theday-2005.txt
Description:	SQL injection and cross site scripting vulnerabilities exist in ActiveBuyAndSell version 6.2.
Author:	the_day
Homepage:	http://theday.echo.or.id/
File Size:	2463
Last Modified:	Jun 25 09:10:22 2005
MD5 Checksum:	ee5551b4a5153e5d71c800e2d028bb19

/// File Name:	traceSolaris.txt
Description:	traceroute under Solaris 10 is susceptible to a buffer overflow in the handling of the -g argument. Sample exploitation included.
Author:	Przemyslaw Frasunek
Homepage:	http://www.frasunek.com/
File Size:	2275
Last Modified:	Jun 25 09:07:42 2005
MD5 Checksum:	12bfb0bfe843c6f3aff37ac9ae831254

/// File Name:	ubb652.txt
Description:	UBB Threads versions 6.5.2 Beta and below are susceptible to cross site scripting, SQL injection, HTTP response splitting, and local file inclusion vulnerabilities.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
File Size:	6423
Last Modified:	Jun 25 08:56:27 2005
MD5 Checksum:	7626f1caa27e08854e48e3244bdbab85

/// File Name:	mssmb_poc.c
Description:	Windows SMB client transaction response handling exploit that makes use of the flaw detailed in MS05-011.
Author:	cybertronic
Homepage:	http://www.livejournal.com/users/cybertronic/
File Size:	37312
Related CVE(s):	CAN-2005-0045
Last Modified:	Jun 24 07:36:10 2005
MD5 Checksum:	7b7b92ef6de49bb01c9943401145c68e