Section: .. / 0702-exploits /

Page 1 of 6
<< 1 2 3 4 5 6 >> Files 1 - 25 of 126

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	0702-exploits.tgz
Description:	Packet Storm new exploits for February, 2007.
Homepage:	http://packetstormsecurity.org/
File Size:	215102
Last Modified:	Mar 6 06:08:23 2007
MD5 Checksum:	4293d73fbe0d189cd0fbb512857db6c8

/// File Name:	02062007-raptor_winudf.tgz
Description:	This is a MySQL backdoor kit for Windows based on the UDFs (User Defined Functions) mechanism. It can be used to spawn a reverse shell (netcat UDF on port 80/tcp) or to execute single OS commands (exec UDF). Tested on MySQL 4.0.18-win32 (running on Windows XP SP2), MySQL 4.1.22-win32 (running on Windows XP SP2), MySQL 5.0.27-win32 (running on Windows XP SP2).
Author:	Marco Ivaldi
File Size:	68771
Last Modified:	Feb 8 06:08:50 2007
MD5 Checksum:	7c61df06ad51543872d66efc84c7858c

/// File Name:	phpnuke80-blindsql.txt
Description:	PHP-Nuke versions 8.0 and below suffer from a blind SQL injection vulnerability. Exploits included.
Author:	krasza
Homepage:	http://www.krasza.int.pl
File Size:	45472
Last Modified:	Feb 24 00:50:31 2007
MD5 Checksum:	e0a5265c3b8dc65cfc108d69274a15f1

/// File Name:	connectix-multi.txt
Description:	Connectix Boards versions 0.7 and below privilege escalation and remote code execution exploit.
Author:	DarkFig
File Size:	10514
Last Modified:	Feb 24 02:34:47 2007
MD5 Checksum:	4e9f41620a7ecbe2ee5ddc0eae631d6f

/// File Name:	phpnuke-sql.txt
Description:	PHP-Nuke Module Emporium versions 2.3.0 and below remote SQL injection exploit.
Author:	ajann
File Size:	9228
Last Modified:	Feb 20 02:17:55 2007
MD5 Checksum:	353a24f571bea2a91359187d2ae7deae

/// File Name:	12070214.txt
Description:	Jupiter CMS version 1.1.5 suffers from multiple vulnerabilities including SQL injection, cross site scripting, local and remote file inclusion, and more. I think it should be a do-over.
Author:	DarkFig
Homepage:	http://www.acid-root.new.fr/
File Size:	8609
Last Modified:	Feb 14 23:17:00 2007
MD5 Checksum:	e99bcc28b629a60c407dba283724c814

/// File Name:	NETRAGARD-20070220-1.txt
Description:	Netragard, L.L.C Advisory - McAfee Virex contains an exploitable feature that enables users to define what files should be excluded for scanning. This feature relies on a configuration file with insecure privileges and is located in /Library/Application Support. Any user on the system can modify or delete the configuration file thus affecting what Virex will scan. Versions 7.7 and below are affected.
Author:	Kevin Finisterre
Homepage:	http://www.netragard.com/html/recent_research.html
File Size:	8039
Last Modified:	Mar 6 05:20:27 2007
MD5 Checksum:	7a113c2b8adb0d5f52d1d955c4363497

/// File Name:	newsbin-local.txt
Description:	News Bin Pro version 5.33 local buffer overflow exploit for .NBI files.
Author:	Marsu
File Size:	6136
Last Modified:	Feb 24 03:15:42 2007
MD5 Checksum:	8d420915619ab331438c6eaac89dfac1

/// File Name:	axiagen.c
Description:	Axigen eMail Server version 2.0 Beta format string exploit that binds a shell to port 31337. Not tested.
Author:	fugich
File Size:	6119
Last Modified:	Feb 17 05:55:06 2007
MD5 Checksum:	ec6405482e949071196784b15d5168ae

/// File Name:	adv66-K-159-2007.txt
Description:	SendStudio versions 2004.14 and below suffer from a remote file inclusion vulnerability.
Author:	M.Hasran Addahroni
Homepage:	http://advisories.echo.or.id/
File Size:	6029
Last Modified:	Feb 24 01:04:57 2007
MD5 Checksum:	e49bc139f7bc31e7917783ba3e8a0c4f

/// File Name:	nukesentinel-disclose.txt
Description:	NukeSentinel version 2.5.05 file disclosure exploit that makes use of nukesentinel.php.
Author:	DarkFig
File Size:	5824
Last Modified:	Feb 24 00:47:11 2007
MD5 Checksum:	1d6fc2db5821eaa86245b905de861f29

/// File Name:	nukesentinel-sql.txt
Description:	NukeSentinel version 2.5.05 blind SQL injection exploit that makes use of nsbypass.php.
Author:	DarkFig
File Size:	5706
Last Modified:	Feb 24 00:46:36 2007
MD5 Checksum:	1b3ca86641caa030276996454fea744e

/// File Name:	doaxigen.c
Description:	Denial of service exploit for Axigen versions 1.2.6 through 2.0.0b1 that makes use of a single byte underflow.
Author:	mu-b
Related Exploit:	doaxigen-v2.c
File Size:	4957
Last Modified:	Feb 13 06:34:06 2007
MD5 Checksum:	f51596f55de9baa75efe4804f4d04240

/// File Name:	nortel-sh.txt
Description:	Nortel SSL VPN Linux Client versions 6.0.3 and below local privilege escalation exploit.
Author:	Jon Hart
File Size:	4950
Last Modified:	Feb 24 03:14:53 2007
MD5 Checksum:	8bc27550159049196e9c42b7bc334d88

/// File Name:	doaxigen-v2.c
Description:	Denial of service exploit for Axigen versions 1.2.6 through 2.0.0b1 that makes use of a null pointer dereference.
Author:	mu-b
Related Exploit:	doaxigen.c
File Size:	4639
Last Modified:	Feb 13 06:34:50 2007
MD5 Checksum:	2816ff0b05e4fbfb1fb390e86a790c33

/// File Name:	maildisable-v3.pl.txt
Description:	Mail Enable Professional/Enterprise version 2.32 through 2.34 remote exploit. Binds a shell to port 1337.
Author:	mu-b
File Size:	4605
Last Modified:	Feb 17 05:49:05 2007
MD5 Checksum:	8a4f5b347c116e89a4361458183df659

/// File Name:	BTP00000P005CF.zip
Description:	Denial of service exploit that demonstrates a lack of argument validation in Comodo Firewall Pro. Affected versions include Comodo Firewall Pro 2.4.16.174 and Comodo Personal Firewall 2.3.6.81.
Homepage:	http://www.matousec.com/
Related File:	BTP00000P005CF.txt
File Size:	4515
Last Modified:	Feb 6 05:06:36 2007
MD5 Checksum:	03df1ac8bbebb394ff5a7b9d4be37b1c

/// File Name:	utorrent16-heap.txt
Description:	uTorrent version 1.6 remote heap overflow proof of concept exploit.
Author:	defsec
Homepage:	http://www.defacedsecurity.com/
File Size:	4338
Last Modified:	Feb 13 07:48:35 2007
MD5 Checksum:	2da282d7e2221051aa39c5b56bf1abb3

/// File Name:	maildisable-v6.pl.txt
Description:	Mail Enable Professional versions 2.35 and below remote exploit. Binds a shell to port 1337.
Author:	mu-b
File Size:	4299
Last Modified:	Feb 17 05:50:00 2007
MD5 Checksum:	5526079197ebd97d09e0b9f5c2a02765

/// File Name:	scip-2962.txt
Description:	Wordpress version 2.1.1 suffers from multiple script injection vulnerabilities.
Homepage:	http://www.scip.ch/
File Size:	4028
Last Modified:	Mar 6 05:10:21 2007
MD5 Checksum:	d1d3b2ca1222938073e4984f72460183

/// File Name:	phptraffic-lfi.txt
Description:	phpTrafficA version 1.4.1 is susceptible to a local file inclusion vulnerability.
Author:	Hamid Ebadi
Homepage:	http://www.bugtraq.ir/
File Size:	3955
Last Modified:	Feb 24 02:39:06 2007
MD5 Checksum:	8a6e82b009f50c53091b00f4ec3a8699

/// File Name:	revenge_proftpd_ctrls_26.pl.txt
Description:	ProFTPD versions 1.3.0 and 1.3.0a controls local root exploit that binds a shell to tcp/31337. This one works for the 2.6 kernel series.
Author:	revenge
Homepage:	http://www.0xcafebabe.it/
File Size:	3686
Last Modified:	Feb 20 02:09:30 2007
MD5 Checksum:	545a3a957304f724c6ce23e6ff75f481

/// File Name:	lotus.sh.txt
Description:	Lotus Domino versions R6 and below Webmail remote password hash dumper exploit.
Author:	Marco Ivaldi
File Size:	3578
Last Modified:	Feb 14 23:24:54 2007
MD5 Checksum:	2d50a561beba95bd4cb07456f3325e8d

/// File Name:	oraclekupv-perm.txt
Description:	Oracle 10g KUPW$WORKER.MAIN Grant/Revoke dba permission exploit.
Author:	bunker
Homepage:	http://rawlab.mindcreations.com/
File Size:	3532
Last Modified:	Feb 24 03:20:18 2007
MD5 Checksum:	1a6267279e19948c6072527708174f73

/// File Name:	ccs-xss.txt
Description:	Call Center Software version 0.93 is susceptible to a cross site scripting vulnerability.
Author:	CorryL
File Size:	3387
Last Modified:	Feb 24 02:38:06 2007
MD5 Checksum:	5cd1a0a65423a1d16e51134a548cde32