Section: .. / 0305-exploits /

Page 2 of 2
<< 1 2 >> Files 25 - 41 of 41

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	gossh.sh
Description:	OpenSSH <= 3.6.1p1 user identification remote exploit shell script which tells you whether or not a user exists by using a timing attack. Accurate against Redhat.
Author:	Nicolas Couture
File Size:	2671
Last Modified:	May 8 09:35:57 2003
MD5 Checksum:	5eca1d8e2bc55d0020ba3bb15d7a79b2

/// File Name:	posterv2.txt
Description:	Poster version.two, the PHP news posting system, suffers from a vulnerability in the index.php file that allows a user to edit their account. Since the user is allowed to change the embedded information in the code, they can achieve privilege escalation to an administrative level.
Author:	Peter Winter-Smith
File Size:	2603
Last Modified:	May 15 04:14:25 2003
MD5 Checksum:	914c5f7dce23e127f627fad40eaca90f

/// File Name:	eserv-mem.txt
Description:	eServ's connection handling routine contains a memory leak that may be exploited to cause the eServ daemon to become unavailable. After several thousand successful connections, memory use on the system becomes exceedingly high, resulting in a denial of service.
Author:	Matthew Murphy
File Size:	2595
Last Modified:	May 12 07:01:16 2003
MD5 Checksum:	d14f30e4dcd002805c816b5f0e2c6e01

/// File Name:	bncDoS.txt
Description:	bnc version 2.6.2 and below suffers from a denial of service vulnerability. Armed with a valid login and password, a remote user can kill the daemon.
Author:	Angelo Rosiello
Homepage:	http://www.rosiello.org
File Size:	2591
Last Modified:	May 28 10:06:28 2003
MD5 Checksum:	19b82bf820cb2ac8cc6dc2cea49ef122

/// File Name:	a-WsMPdvuln.txt
Description:	INetCop Security Advisory #2003-0x82-017.a - WsMP3d, a web server that streams MP3s much like shoutcast but is GPL, suffers from a directory traversal vulnerability that not only allows viewing of files outside of the webroot, but allows for remote command execution as well.
Author:	Xpl017Elz
Homepage:	http://www.inetcop.org
File Size:	2302
Last Modified:	May 23 11:00:18 2003
MD5 Checksum:	1ff2d86a592f92c1751dc263dab6ada1

/// File Name:	Pi3web-DoS.c
Description:	A simple denial of service exists in the Pi3 webserver that allows a remote attacker to crash the daemon by feeding it a GET request with 354+ forward slashes after it.
Author:	Angelo Rosiello
Homepage:	http://www.rosiello.org
File Size:	2287
Last Modified:	May 23 09:53:49 2003
MD5 Checksum:	e627c9f9fd6b442a7aeffec686744f3a

/// File Name:	MaelstromX.c
Description:	Maelstrom local exploit that gives gid of games and makes use of the overflows found in the -player and -server switch.
Author:	Knight420
File Size:	1834
Last Modified:	Jul 9 17:45:34 2003
MD5 Checksum:	8b3420c452404597f9baf138d0ce82c3

/// File Name:	pnews.txt
Description:	P-News versions 1.6 is vulnerable to a privilege escalation attack by allowing a remote attacker to populate strings with the \| used for delimiting data stored about the account.
Author:	Peter Winter-Smith
File Size:	1833
Last Modified:	May 28 09:15:39 2003
MD5 Checksum:	369a8bfaa9af899f10559745c738d09b

/// File Name:	hotmailpassport.txt
Description:	Microsoft's Hotmail and Passport .NET accounts are vulnerable to having their password reset by a remote attacker due to lack of input validation for a secondary email address.
Author:	Muhammad Faisal Rauf Danka
File Size:	1607
Last Modified:	May 9 02:21:31 2003
MD5 Checksum:	b275a8a919e673f04ebd9d5fdd5ca0ea

/// File Name:	b2cafelog.txt
Description:	b2 cafelog is a blogger system that comes with the b2-tools directory. The PHP scripts contained within this directory allow a remote user to specify input for a variable that in turn allows for remote command execution.
Author:	pokleyzz
Homepage:	http://www.scan-associates.net
File Size:	1522
Last Modified:	May 30 12:08:41 2003
MD5 Checksum:	ea5c0bc0de678c217be1cbe85a7d9052

/// File Name:	iisDoS.txt
Description:	Microsoft IIS versions 5.0 and 5.1 are vulnerable to a denial of service attack if an attacker sends a Webdav request with a body over 49,153 bytes using the 'PROPFIND' or 'SEARCH' request methods. This results in IIS restarting itself and terminating any active sessions.
Author:	SPI Labs
Homepage:	http://www.spidynamics.com/iis_alert.html
File Size:	1450
Last Modified:	May 29 07:14:34 2003
MD5 Checksum:	466be4f57551e6a920e9059e50eaddf3

/// File Name:	maelst0x00.c.gz
Description:	Local root exploit for the game Maelstrom with is sometimes setuid to root for the purpose of faster frame rates.
Author:	r-code
File Size:	1289
Last Modified:	May 23 11:13:18 2003
MD5 Checksum:	bfd34d743e37c8ee7b7f8490438cadb2

/// File Name:	0x333maelstrom.c
Description:	Maelstrom local exploit that gives gid for user games making use of the overflow found in the -server switch. Tested against /usr/bin/Maelstrom on Red Hat 9.0
Author:	c0wboy
Homepage:	http://www.0x333.org
File Size:	1001
Last Modified:	Dec 14 13:20:13 2003
MD5 Checksum:	a935d6a8cc4501c955311239727e64af

/// File Name:	maelx.pl
Description:	Maelstrom local exploit that gives gid of user games which makes use of an overflow in the -player switch.
Author:	akcess
File Size:	995
Last Modified:	May 23 20:11:20 2003
MD5 Checksum:	4f7903d9b1f6bc6aca7417e2c825c448

/// File Name:	happymall-adv.txt
Description:	Happymall versions 4.3 and 4.4 are still susceptible to well-known directory traversal and cross-site scripting vulnerabilities.
Author:	e2fsck
File Size:	990
Last Modified:	May 15 04:23:10 2003
MD5 Checksum:	747291e08548a2e6cf2f161a68843c34

/// File Name:	DSR-youbin.pl
Description:	Local root exploit for the bounds checking vulnerability found in the utility youbin.
Author:	Knud Erik H�jgaard
Homepage:	http://www.dtors.net
File Size:	663
Last Modified:	May 8 00:08:15 2003
MD5 Checksum:	f203edcdeb0fc25c584d6a2684a02845