Section: .. / 0506-exploits /

Page 3 of 4
<< 1 2 3 4 >> Files 50 - 75 of 89

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	adv21-theday-2005.txt
Description:	SQL injection and cross site scripting vulnerabilities exist in ActiveBuyAndSell version 6.2.
Author:	the_day
Homepage:	http://theday.echo.or.id/
File Size:	2463
Last Modified:	Jun 25 09:10:22 2005
MD5 Checksum:	ee5551b4a5153e5d71c800e2d028bb19

/// File Name:	memfs.c
Description:	Proof of concept exploit for a memory disclosure vulnerability that exists in FUSE versions below 2.3.0.
Author:	Sven Tantau
Homepage:	http://www.sven-tantau.de/
Related File:	fuseDisclose.txt
File Size:	2432
Last Modified:	Jun 18 22:34:46 2005
MD5 Checksum:	1eefaaa038bfe2e407174f6a8de7c306

/// File Name:	igallery33.txt
Description:	i-Gallery versions 3.3 and below suffer from a directory traversal vulnerability and cross site scripting flaws.
Author:	Seyed Hamid Kashfi
Homepage:	http://www.hat-squad.com/
File Size:	2351
Last Modified:	Jun 23 09:20:50 2005
MD5 Checksum:	3f1cc193ca9ed14b18f053dc22bc804c

/// File Name:	traceSolaris.txt
Description:	traceroute under Solaris 10 is susceptible to a buffer overflow in the handling of the -g argument. Sample exploitation included.
Author:	Przemyslaw Frasunek
Homepage:	http://www.frasunek.com/
File Size:	2275
Last Modified:	Jun 25 09:07:42 2005
MD5 Checksum:	12bfb0bfe843c6f3aff37ac9ae831254

/// File Name:	UPBdecrypt.pl.txt
Description:	Ultimate PHP Board versions 1.9.6 and below GOLD users.dat password decryption exploit.
Author:	Alberto Trivero
File Size:	2253
Last Modified:	Jun 18 20:08:10 2005
MD5 Checksum:	100b1d9c49fead9a21e3af04ec645575

/// File Name:	phpCMS12x.txt
Description:	phpCMS 1.2.x suffers from an arbitrary file inclusion vulnerability.
Author:	sk0L
Homepage:	http://www.sec-consult.com
File Size:	2245
Last Modified:	Jun 18 21:48:52 2005
MD5 Checksum:	5b8843c1fddc0a8fcffeb227365117e5

/// File Name:	enterasys.txt
Description:	Enterasys Vertical Horizon switches have a default account embedded in them. Additionally, a denial of service vulnerability exists.
Author:	Jacek Lipkowski
File Size:	2216
Last Modified:	Jun 21 07:28:28 2005
MD5 Checksum:	3c55a0c2a378a2559de3b5e1742f103a

/// File Name:	claroline16.txt
Description:	Claroline e-Learning versions 1.6 and below remote password hash extraction SQL injection exploit.
Author:	Sieg Fried, MH_p0rtal
File Size:	2089
Last Modified:	Jun 21 07:07:50 2005
MD5 Checksum:	4a6202bc89d4af70e45042da387bf656

/// File Name:	winzipBO.c
Description:	WinZip command line local buffer overflow exploit. Tested with WinZip 8.1 on Win XP SP2 EN.
Author:	ATmaCA, Kozan
File Size:	2071
Last Modified:	Jun 18 19:46:35 2005
MD5 Checksum:	6d6c057db1a93df80a6ed4d08b8a8c5e

/// File Name:	invision.php.txt
Description:	Invision Power Board versions 2.0.3 and below Login.PHP SQL injection exploit.
File Size:	2043
Last Modified:	Jun 18 19:42:29 2005
MD5 Checksum:	808f6d1f8c898d4ad21d833d2e3cafd8

/// File Name:	ASPNuke.pl
Description:	ASPNuke versions 0.80 and below SQL injection exploit that makes use of article.asp.
Author:	mh_p0rtal
File Size:	1896
Last Modified:	Jun 29 10:31:28 2005
MD5 Checksum:	50df7997265f2e27e14b828757e8416f

/// File Name:	epsxe-e.c
Description:	ePSXe version 1.6.0 and below nogui() local exploit.
Author:	Qnix
File Size:	1882
Last Modified:	Jun 18 19:24:35 2005
MD5 Checksum:	6370ed74f1cebe6583b53e9d959801c2

/// File Name:	CAU-launchd.c
Description:	Mac OS X 10.4 launchd race condition exploit.
Author:	intropy
File Size:	1798
Last Modified:	Jun 18 19:55:31 2005
MD5 Checksum:	1dace8c5356c34bdc3cccbc74efc4d78

/// File Name:	EXPL-A-2005-009.txt
Description:	Cool Cafe Chat 1.2.1 suffers from a SQL injection vulnerability via an unsanitized password variable.
Author:	Donnie Werner
Homepage:	http://exploitlabs.com
File Size:	1790
Last Modified:	Jun 21 07:01:29 2005
MD5 Checksum:	e392b48b21b9e092a495d83dbad304b0

/// File Name:	ZH2005-13SA.txt
Description:	SQL injection, input tampering, and direct database access vulnerabilities exist in the (i)Site web site management system.
Author:	Trash-80
File Size:	1776
Last Modified:	Jun 18 21:35:34 2005
MD5 Checksum:	6b05873aeea44f1fca95aa2c267d4d9d

/// File Name:	IAeMailServer_DOS.pl.txt
Description:	A denial of service vulnerability exists in the True North Software IA eMailServer Corporate Edition version 5.2.2. Build: 1051. Input to the IMAP4 LIST command is not properly checked. Perl exploit provided.
Author:	Reed Arvin
Homepage:	http://reedarvin.thearvins.com/
File Size:	1752
Last Modified:	Jun 29 10:36:31 2005
MD5 Checksum:	49463a1e24a79a951d044d3dadaa0090

/// File Name:	ldsoWhoops.txt
Description:	ld.so from Solaris 9 and 10 does not check the LD_AUDIT environment variable when running setuid and setgid binaries, allowing a malicious party to run arbitrary code with elevated privileges.
Author:	Przemyslaw Frasunek
File Size:	1718
Last Modified:	Jun 29 10:44:26 2005
MD5 Checksum:	02b0fa3de66ae2c25e511bb747ec86a9

/// File Name:	pafaq.pl.txt
Description:	paFaq version 1.0 Beta 4 add administrator proof of concept exploit.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
Related Exploit:	paFaq10beta4.txt"
File Size:	1697
Last Modified:	Jun 21 07:24:50 2005
MD5 Checksum:	e4b23110de0d22452069c17a74f0f323

/// File Name:	virobot_ex.pl
Description:	ViRobot UNIX/Linux Server web user interface remote root exploit which takes advantage of the setuid addschup cgi. Adds a root user to the system.
Author:	Kevin Finisterre
Related File:	DMA-2005-0614a.txt
File Size:	1654
Last Modified:	Jun 21 06:52:21 2005
MD5 Checksum:	4798c8571a63dd8076df666acd7ea84a

/// File Name:	phpbb2_0_15.pl.txt
Description:	php 2.0.15 remote command execution exploit for viewtopic.php.
Author:	dab
Homepage:	http://www.digitalsec.net
File Size:	1598
Last Modified:	Jul 1 08:17:25 2005
MD5 Checksum:	23b500675fdc94044a614e8292017bf9

/// File Name:	KCpnuke-xpl.pl
Description:	PostNuke versions 0.750 and below readpmsg.php SQL injection exploit.
Author:	K-c0d3r
File Size:	1539
Last Modified:	Jun 18 19:29:08 2005
MD5 Checksum:	29acbfc5d103d168f320291b2fc98026

/// File Name:	prowebExec.txt
Description:	Community Link Pro Web Editor's Login.cgi script allows for remote code execution. Details on proper exploitation provided.
Author:	spher3, mozako
Homepage:	http://www.badroot.org/
File Size:	1538
Last Modified:	Jul 1 08:08:42 2005
MD5 Checksum:	6fcf91a8d8b18dd115cf86f026958166

/// File Name:	KCcol-xpl.pl
Description:	Perl version of the Claroline e-Learning version 1.6 and below remote password hash extraction SQL injection exploit.
Author:	K-C0d3r
File Size:	1457
Last Modified:	Jun 21 07:09:54 2005
MD5 Checksum:	0ac46af2ede123a753211fce255eebfe

/// File Name:	goodtechDoS.txt
Description:	GoodTech SMTP Server for Windows NT/2000/XP version 5.14 is susceptible to a denial of service vulnerability.
Author:	Reed Arvin
Homepage:	http://reedarvin.thearvins.com/
File Size:	1444
Last Modified:	Jun 20 08:59:15 2005
MD5 Checksum:	865e9cb2d4c6232438f6ab88a1e22c39

/// File Name:	nokia-bt-cx.pl.txt
Description:	Nokia remote restart Bluetooth nickname exploit.
Author:	QNIX
File Size:	1393
Last Modified:	Jun 29 10:38:18 2005
MD5 Checksum:	fd481422d913224ffc22db92933ccc97