Section: .. / 0508-exploits /

Page 2 of 5
<< 1 2 3 4 5 >> Files 25 - 50 of 105

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	lglass20040427.txt
Description:	Exploit for Looking Glass v20040427 arbitrary command execution / cross site scripting vulnerabilities
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	6518
Last Modified:	Aug 28 11:31:58 2005
MD5 Checksum:	fc4b3d001799b92df265dce9d88d0b2a

/// File Name:	ZipTorrent1.3.7.3.txt
Description:	ZipTorrent stores proxy server information and password in X:\\[Program_Files_Path]\[ZipTorrent_Path]\pref.txt in plain text. A local user can read passwords and others.
Author:	Kozan
Homepage:	http://www.spyinstructors.com
File Size:	5118
Last Modified:	Aug 24 10:42:57 2005
MD5 Checksum:	7d908a1cd5539c732f0a038b55e21f92

/// File Name:	x_osh2-9byte.pl.txt
Description:	Operator Shell (osh) 1.7-12 local root exploit. New version of an old exploit. This version has the shellcode trimmed down to 9 bytes thanks to Andrewg.
Author:	Charles Stevenson aka core
File Size:	4764
Last Modified:	Aug 24 02:10:16 2005
MD5 Checksum:	8f1aa72893779d145383f8a40c25191e

/// File Name:	x_osh2.pl.txt
Description:	Operator Shell (osh) 1.7-12 local root exploit. New version of an old exploit.
Author:	Charles Stevenson aka core
File Size:	4659
Last Modified:	Aug 17 07:36:57 2005
MD5 Checksum:	bbc767844763edfbf4e168e6b994939b

/// File Name:	HAURItraverse.txt
Description:	Secunia Research has discovered a vulnerability in various HAURI anti-virus products, which can be exploited by malicious people to write files to arbitrary directories. Affected versions: ViRobot Expert 4.0, ViRobot Advanced Server, ViRobot Linux Server 2.0, HAURI LiveCall.
Author:	Tan Chew Keong
Homepage:	http://secunia.com/
File Size:	4600
Last Modified:	Aug 24 02:31:14 2005
MD5 Checksum:	48852c43d92563bdb5dd75c64b1cdbb1

/// File Name:	multiVulns.txt
Description:	Multiple vulnerabilities have been discovered in various CMS and forum software. e107 suffers from a cross site scripting flaw, Wordpress suffers from a SQL injection flaw, PHPNews suffers from a remote inclusion flaw, phpBB suffers from a SQL injection flaw, Google suffers from a SQL injection flaw, and myspace.com suffers from a user profile defacement flaw. Oh.. and UBB 6.3.2 suffers from a remote code execution flaw.
Author:	pacifico, ratboy
File Size:	4505
Last Modified:	Aug 31 07:15:14 2005
MD5 Checksum:	0b3cc1bdf7c9bc094938f2cf671a24b5

/// File Name:	DMA-2005-0826a.txt
Description:	The Nokia Affix Bluetooth btsrv makes poor use of a popen() that in turn allows for privileged code execution as root.
Author:	Kevin Finisterre
Homepage:	http://www.digitalmunition.com/
File Size:	4242
Last Modified:	Aug 28 21:17:28 2005
MD5 Checksum:	61e981f322c2f459330e5ada5d8ff244

/// File Name:	WebWizXSS.txt
Description:	The Web Wiz Forum software is susceptible to a cross site scripting flaw.
Author:	sirh0t
File Size:	4070
Last Modified:	Aug 24 06:40:01 2005
MD5 Checksum:	437ca49aad788bf13576a13327457a35

/// File Name:	HP_OV_NNM_RCE.c
Description:	Remote command execution exploit for HP OpenView Network Node Manager versions 6.2, 6.4, 7.01, and 7.50.
Author:	Lympex
Homepage:	http://l-bytes.net
File Size:	3959
Last Modified:	Aug 31 08:26:49 2005
MD5 Checksum:	f52cf58231344c9d88f6eb0cd01adc82

/// File Name:	WinAce2605.txt
Description:	Local exploitation of a buffer overflow vulnerability in WinAce 2.6.0.5 allows attackers to execute arbitrary code. Exploit included.
Author:	ATmaCA
Homepage:	http://www.atmacasoft.com
File Size:	3827
Last Modified:	Aug 24 03:02:46 2005
MD5 Checksum:	ef03c6d30861cb461ac833057f3168d5

/// File Name:	solaris_lpd_unlink.pm.txt
Description:	This Metasploit module uses a vulnerability in the Solaris line printer daemon to delete arbitrary files on an affected system. This can be used to exploit the rpc.walld format string flaw, the missing krb5.conf authentication bypass, or simple delete system files. Tested on Solaris 2.6, 7, 8, 9, and 10.
Author:	H D Moore, Optyx
File Size:	3736
Last Modified:	Aug 24 11:33:23 2005
MD5 Checksum:	c354cbe8ad5502700d7c12a89411d670

/// File Name:	SqWebMail.txt
Description:	Secunia Security Advisory - Secunia Research has discovered a vulnerability in SqWebMail, which can be exploited by malicious people to conduct script insertion attacks. The vulnerability is caused due to SqWebMail failing to properly sanitize HTML emails. This can be exploited to include arbitrary script code in HTML emails, which will be executed in context of the SqWebMail server, as soon as the user views a received email. Version 5.0.4 is affected.
Author:	Jakob Balle
Homepage:	http://www.secunia.com
File Size:	3694
Last Modified:	Aug 31 07:37:12 2005
MD5 Checksum:	57470dc10cef0798ea3aec873b6095dd

/// File Name:	ADSLFR4II.txt
Description:	Nth Dimension Security Advisory (NDSA20050719) - Mentor's ADSL-FR4II router, firmware version 2.00.0111 2004.04.09, is susceptible to unauthenticated administrative access, downloading of configuration files with the system password, and denial of service attacks.
Author:	Tim Brown
Homepage:	http://www.nth-dimension.org.uk/
File Size:	3572
Last Modified:	Aug 17 06:59:01 2005
MD5 Checksum:	f3bbb1c54db3bfc7d745084f66ad82a6

/// File Name:	IE-Msddsdll-0day.txt
Description:	Microsoft Internet Explorer msdds.dll remote code execution exploit. z3r0 d4y. Binds a shell on port 28876. Tested on Microsoft Internet Explorer 6 SP2 (Windows XP SP2).
File Size:	3319
Last Modified:	Aug 19 06:31:35 2005
MD5 Checksum:	d1fe9fb20e8dc5e0ef6fe7939785ef12

/// File Name:	IMRadio-4.0-expl.txt
Description:	Mercora IMRadio 4.0.0.0 stores username and passwords in the Windows Registry in plain text. A local user can read the values.
Author:	Kozan
Homepage:	http://www.spyinstructors.com
File Size:	3019
Last Modified:	Aug 24 10:36:19 2005
MD5 Checksum:	649b6ad97a5ee8a49551e8e28ad2b8b4

/// File Name:	phpAdsNew205.txt
Description:	phpAdsNew and phpPgAds versions 2.0.5 and below suffer from an arbitrary file inclusion flaw. Detailed exploitation provided.
Author:	Maksymilian Arciemowicz
File Size:	3018
Last Modified:	Aug 18 09:23:35 2005
MD5 Checksum:	1ed20310705df1b100b9b0f847ea67a1

/// File Name:	elmexPoC.c
Description:	Proof of concept exploit for Elm versions 2.5.8 and below that makes use of a buffer overflow during the parsing of the Expires field.
Author:	c0ntex
Related File:	elm-data.tar.gz
File Size:	2857
Last Modified:	Aug 24 07:17:59 2005
MD5 Checksum:	30c19e44672429391d6d1363aa6295f6

/// File Name:	phpfreenews140.txt
Description:	PHPFreeNews versions 1.40 and below are susceptible to SQL injection and cross site scripting attacks.
Author:	matrix killer, h4cky0u
Homepage:	http://www.h4cky0u.org
File Size:	2808
Last Modified:	Aug 18 09:30:54 2005
MD5 Checksum:	678d0e34a1a7e5546aa2cd24aa7be7dd

/// File Name:	zenworks_desktop_agent.pm.txt
Description:	Novell ZENworks 6.5 Desktop/Server Management remote stack overflow exploit.
File Size:	2711
Last Modified:	Aug 15 07:13:39 2005
MD5 Checksum:	678bf1fc3cd9aa603ec1771ffe7855f5

/// File Name:	citibankXSS.txt
Description:	Citibank's website in the UK is susceptible cross site scripting attacks.
Author:	Andrew Smith
File Size:	2584
Last Modified:	Aug 17 07:02:15 2005
MD5 Checksum:	8e84876372ebab674c0b73a3848af57e

/// File Name:	adv22-y3dips-2005.txt
Description:	PunBB 1.2.6 suffers from a script injection flaw in its use of IMG tags.
Author:	y3dips
Homepage:	http://echo.or.id/adv/adv22-y3dips-2005.txt
File Size:	2515
Last Modified:	Aug 31 07:34:44 2005
MD5 Checksum:	e745714402a160c0bbd36c5fd17862fe

/// File Name:	gtchatDoS.txt
Description:	GTChat versions 0.95 Alpha and below remote denial of service exploit.
Author:	x97Rang
File Size:	2490
Last Modified:	Aug 19 07:17:18 2005
MD5 Checksum:	fb94eeadfecd56bcc98ef2ef6565bb53

/// File Name:	mdaemon_imap.pm.txt
Description:	Mdaemon 8.0.3 IMAP CRAM-MD5 authentication remote buffer overflow exploit.
File Size:	2479
Last Modified:	Aug 15 07:17:13 2005
MD5 Checksum:	379e6bb2e530de9238d0c264ea2ef2d8

/// File Name:	fuseXSS.txt
Description:	Fuse version 4.1.0 and possibly earlier versions appear susceptible to cross site scripting attacks.
Author:	N.N.P
File Size:	2477
Last Modified:	Aug 5 09:38:39 2005
MD5 Checksum:	dfef692a0eec1d3be8708d8c4abe013b

/// File Name:	FreznoShopSQL.txt
Description:	Versions of FreznoShop below 1.4.1 are vulnerable to SQL injection attacks due to a lack of input validation on parameters used in database queries. Sample exploitation provided.
Author:	Mike Shema
Homepage:	http://www.ntobjectives.com/
File Size:	2363
Last Modified:	Aug 11 06:50:07 2005
MD5 Checksum:	251e4d680f2039a7188789d03c74e266