Section: .. / 0510-exploits /

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 76

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	0510-exploits.tgz
Description:	New Packet Storm exploits for October, 2005.
Homepage:	http://packetstormsecurity.org/
File Size:	247312
Last Modified:	Nov 1 07:04:19 2005
MD5 Checksum:	818f8615584dabdd06b6c482230fcbf7

/// File Name:	10.10.05.txt
Description:	iDEFENSE Security Advisory 10.10.05-1 - Local exploitation of a design error vulnerability in the runpriv command included in multiple versions of Silicon Graphics Inc.'s IRIX could allow for arbitrary code execution as the root user. iDEFENSE has confirmed the existence of this vulnerability in SGI IRIX version 6.5.22 (maintenance). It is suspected that previous and later versions of both the feature and maintenance revisions of IRIX 6.5 are also vulnerable.
Homepage:	http://www.idefense.com
File Size:	4614
Related CVE(s):	CAN-2005-2925
Last Modified:	Oct 11 06:50:55 2005
MD5 Checksum:	7739b7bd8768ae74b99e57fdb64e6838

/// File Name:	advisory-103.txt
Description:	Various Techno Dreams scripts are susceptible to sql injection flaws. Proof of concept examples provided.
Author:	Farhad Koosha
Homepage:	http://www.kapda.ir/
File Size:	3108
Last Modified:	Oct 27 08:23:41 2005
MD5 Checksum:	9dfaf6f058204304f8c96c9a17cffee7

/// File Name:	aenovoSQL.txt
Description:	Aenovo is susceptible to multiple SQL injection and cross site scripting vulnerabilities. Details provided.
Author:	Devil_box, Farhad Koosha
Homepage:	http://www.kapda.ir/
File Size:	3108
Last Modified:	Oct 8 18:36:11 2005
MD5 Checksum:	e561e4e93fc7945cc8062b0c36201777

/// File Name:	AL-Caricatier.txt
Description:	AL-Caricatier suffers from a login bypass vulnerability.
Author:	God Of Death
File Size:	1063
Last Modified:	Oct 26 23:46:16 2005
MD5 Checksum:	a3414aac20e3cc2f75a00ed591e0bc37

/// File Name:	aspReadySQL.txt
Description:	aspReady FAQ suffers from a SQL injection flaw that allows for administrator access to change and delete the underlying database.
Author:	Preben Nyloekken
File Size:	543
Last Modified:	Oct 7 06:58:07 2005
MD5 Checksum:	8bba10150932204775cf0a12de0c48cb

/// File Name:	AVCraftedArchive.txt
Description:	An Anti-Virus bypass flaw has been discovered that slightly varies from CAN-2004-0932 and CAN-2004-0937. It makes use of a specially crafted archive. Full exploitation details provided. Appears to possibly affect all anti-virus products.
Author:	fRoGGz
Homepage:	http://shadock.net/secubox/AVCraftedArchive.html
File Size:	9378
Last Modified:	Oct 8 20:27:59 2005
MD5 Checksum:	705b5d261986d37d1a7b22621692481a

/// File Name:	baalASPSQL.txt
Description:	BaalASP Free Bulletin Board is susceptible to SQL injection attacks.
Author:	BiPi_HaCk
Homepage:	http://www.NightmareTeAmZ.altervista.org
File Size:	1188
Last Modified:	Oct 11 04:56:44 2005
MD5 Checksum:	031f15de6e552cab101c3ef2e0d44fa7

/// File Name:	caigw.c
Description:	Computer Associates iGateway debug mode remote buffer overflow exploit.
Author:	erikam
File Size:	3024
Last Modified:	Oct 12 09:33:35 2005
MD5 Checksum:	d0cb97a5f1697e872f78704181815177

/// File Name:	cirt-39-advisory.pdf
Description:	The Novell ZENworks Patch Management Server version 6.0.0.52 is vulnerable to SQL injection attacks in the management console. Details provided.
Author:	Dennis Rand
Homepage:	http://www.cirt.dk/
File Size:	132240
Last Modified:	Oct 30 23:43:06 2005
MD5 Checksum:	57b33786dec8c9d43b1c15a0cd5614d7

/// File Name:	cpanelBlank.txt
Description:	The latest version of cPanel comes with a blank remote MySQL user password.
Author:	sup3r_linux
File Size:	910
Last Modified:	Oct 30 22:08:30 2005
MD5 Checksum:	018dc7e828206ceb26636bc38595dd07

/// File Name:	ctxpoliciesbypass.txt
Description:	A vulnerability in Citrix Metaframe Presentation Server versions 3.0 and 4.0 allows for users to bypass policy restrictions.
Author:	Gustavo Gurmandi
Homepage:	http://www.grupoitpro.com.ar
File Size:	1929
Last Modified:	Oct 6 05:46:58 2005
MD5 Checksum:	5f13820d1d8a116dcd37c6039870051d

/// File Name:	cyphor019.html
Description:	Cyphor version 0.19 suffers from SQL injection and cross site scripting flaws. Full proof of concept exploit provided.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	12027
Last Modified:	Oct 8 20:36:21 2005
MD5 Checksum:	447053d0d8b68ea69e51c55648493cad

/// File Name:	e107remote.txt
Description:	e107 content management system versions 0.617, 0.6171, 0.6172 resetcore.php utility SQL Injection, login bypass, remote code execution, and cross site scripting exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org/
File Size:	13639
Last Modified:	Oct 19 00:57:19 2005
MD5 Checksum:	1afb10565cdecd8b9578a76d39580ddd

/// File Name:	eguestproXSSSQL.txt
Description:	EGuest PRO guestbook version 4.0 is susceptible to SQL injection and cross site scripting attacks.
Author:	BiPi_HaCk
Homepage:	http://www.NightmareTeAmZ.altervista.org
File Size:	1284
Last Modified:	Oct 11 06:14:38 2005
MD5 Checksum:	e40f18d14bfa5461a0fb251f320cd963

/// File Name:	ethereal_slimp3_bof.py.txt
Description:	Ethereal SLIMP3 protocol dissector remote buffer overflow proof of concept exploit that crashes the program. Tested with Ethereal 0.10.12, WinPcap 3.1 beta4, WinXP SP2.
Author:	Sowhat
Homepage:	http://secway.org
Related File:	ethereal-0.10.13.tar.bz2
File Size:	5906
Last Modified:	Oct 31 00:48:44 2005
MD5 Checksum:	8079fdf507021e269a350b1e0f4f8dd2

/// File Name:	EXPL-A-2005-015-tellme.txt
Description:	TellMe versions 1.2 and below are susceptible to cross site scripting attacks.
Author:	Donnie Werner
Homepage:	http://exploitlabs.com
File Size:	2855
Last Modified:	Oct 6 09:02:13 2005
MD5 Checksum:	3ddd430c42f0a27aecf330497720b583

/// File Name:	flatnuke.txt
Description:	Flatnuke suffers from file inclusion vulnerabilities and XSS
Author:	abducter_minds
File Size:	790
Last Modified:	Oct 26 23:50:27 2005
MD5 Checksum:	7bb0f39a1f5edc226c30a03c9ae1893a

/// File Name:	flysprayXSS.txt
Description:	Flyspray versions 0.9.7, 0.9.8, and 0.9.8-devel are susceptible to cross site scripting. Exploitation details included.
Author:	Lostmon
Homepage:	http://lostmon.blogspot.com/
File Size:	2104
Last Modified:	Oct 27 07:36:15 2005
MD5 Checksum:	ea71179354fed766b45b5fc6c8e73f36

/// File Name:	fr-dyn0.txt
Description:	www.friendsreunited.co.uk suffers from a XSS vulnerability in the lost password section.
Author:	dyn0
Homepage:	http://0xdeadface.co.uk
File Size:	842
Last Modified:	Oct 4 07:06:52 2005
MD5 Checksum:	5019b03af3546fccd49bf140d435435f

/// File Name:	Fusionv-6.00.109.txt
Description:	Exploit for PHP-Fusion v6.00.109 SQL Injection / credentials disclosure vulnerability. Written in php.
Author:	rgod
Homepage:	http://rgod.altervista.org/
File Size:	8447
Last Modified:	Oct 4 07:25:57 2005
MD5 Checksum:	0ab5f674038013c3308b5a06752874fe

/// File Name:	guestbookInject.txt
Description:	@lex Guestbook version 3.3 is susceptible to cross site scripting and injection attacks.
Author:	BiPi_HaCk
Homepage:	http://www.NightmareTeAmZ.altervista.org/
File Size:	1551
Last Modified:	Oct 13 16:44:45 2005
MD5 Checksum:	744ee8df690bb847b77706b27f0845b1

/// File Name:	guppyTraverse.txt
Description:	Guppy versions less than 4.5.6a suffer from a directory traversal flaw.
Author:	Josh Zlatin-Amishav
File Size:	1673
Last Modified:	Oct 6 05:36:13 2005
MD5 Checksum:	bcee9b2224bbc4f22288e5405a625bc0

/// File Name:	lucid_cms_1011_expl.txt
Description:	Exploit for Lucid CMS 1.0.11 SQL Injection, Login Bypass, and remote code execution vulnerabilities written in php.
Author:	rgod
Homepage:	http://rgod.altervista.org/lucid_cms_1011_expl.html
Related File:	lucid1011.txt
File Size:	13278
Last Modified:	Oct 4 06:54:52 2005
MD5 Checksum:	32d764f6be44cac1d49836a09c80a0e9

/// File Name:	mailenable.cpp
Description:	MailEnable proof of concept exploit for the W3C logging vulnerability. The shellcode used actually renames the vulnerable binary to disable the system from being vulnerable.
File Size:	12469
Last Modified:	Oct 8 18:34:00 2005
MD5 Checksum:	69cfa64e42bd717da95037ca93d691e1