Section: .. / 0307-exploits /

Page 2 of 3
<< 1 2 3 >> Files 25 - 50 of 64

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	SRT2003-07-07-0831.txt
Description:	Secure Network Operations, Inc. Advisory SRT2003-07-07-0831 - IBM U2 UniVerse version 10.0.0.9 and below on Linux and DGUX has a legacy program included in the package that creates hard links as root.
Author:	Strategic Reconnaissance Team
Homepage:	http://www.secnetops.com
File Size:	5677
Last Modified:	Jul 18 00:40:34 2003
MD5 Checksum:	4f530cac12d1047f485758b27cc63604

/// File Name:	SRT2003-07-07-0913.txt
Description:	Secure Network Operations, Inc. Advisory SRT2003-07-07-0913 - IBM U2 UniVerse version 10.0.0.9 and below commits some abnormal suid behavior in its uvrestore and setacc applications allowing an attacker to monitor other user ttys and more.
Author:	Strategic Reconnaissance Team
Homepage:	http://www.secnetops.com
File Size:	5366
Last Modified:	Jul 18 00:47:07 2003
MD5 Checksum:	9e89ac21655bf53bd9caae649ef91a26

/// File Name:	VPASP.txt
Description:	VP-ASP suffers from a SQL injection attack in shopexd.asp. The vulnerability allows a remote attacker to gain full administrative control of the web based interface.
Author:	AresU, TioEuy
Homepage:	http://bosen.net/releases/
File Size:	5317
Last Modified:	Jul 7 21:31:50 2003
MD5 Checksum:	91c1a47f59fbcc6e6c6536af6ade51a4

/// File Name:	DSR-ftp_clients.pl
Description:	This script runs in place of ftpd to exploit the moxftp/mftp 2.2, cftp 0.12, and Iglooftp 0.6.1 clients. Written to exploit these clients on FreeBSD.
Author:	inv
Homepage:	http://www.dtors.net
File Size:	4935
Last Modified:	Jul 7 21:03:12 2003
MD5 Checksum:	7dc4f6daf3a63c8b52d05b39e03d6cf2

/// File Name:	SRT2003-07-07-0833.txt
Description:	Secure Network Operations, Inc. Advisory SRT2003-07-07-0833 - IBM U2 UniVerse version 10.0.0.9 and below on Linux allows users with uvadm rights the ability to escalate to root privileges.
Author:	Strategic Reconnaissance Team
Homepage:	http://www.secnetops.com
File Size:	4319
Last Modified:	Jul 18 00:43:29 2003
MD5 Checksum:	13d39a311c7dfaba2c3bd51ccb556553

/// File Name:	essenexploit.c
Description:	A buffer overflow exists in the Essentia Web Server for Linux due to bad boundary checking with long urls which are greater than 2000 bytes. Versions higher than 2.12 are vulnerable.
Author:	B-r00t
File Size:	4241
Last Modified:	Jul 4 19:13:57 2003
MD5 Checksum:	757c024869e07919914a13548a11d4dd

/// File Name:	bosen-adv.7.txt
Description:	The ProductCart ASP shopping cart is vulnerable to a SQL injection attack which allows administrative access to the control panel.
Author:	Bosen
Homepage:	http://bosen.net/releases/
File Size:	4086
Last Modified:	Jul 7 21:35:58 2003
MD5 Checksum:	234b6dab3675e82a95ed3bbfa3aaaff4

/// File Name:	kereval.phpgroup.txt
Description:	Kereval Security Advisory KSA-003 - Cross Site Scripting vulnerabilities exist in Phpgroupware very 0.9.14.003.
Author:	François SORIN
Homepage:	http://www.kereval.com
File Size:	4016
Last Modified:	Jul 4 19:46:09 2003
MD5 Checksum:	20f15be1a0ddb7d5a03e4844b0352974

/// File Name:	cisco-bug-44020.tar.gz
Description:	Remote exploit that causes a denial of service against Cisco IOS versions 11.x through 12.x.
Author:	Martin Kluge
File Size:	4005
Last Modified:	Jul 22 01:30:17 2003
MD5 Checksum:	1221af8aa6ac91916c03e6b599441b55

/// File Name:	ccbillx.c
Description:	CCBill remote exploit that spawns a shell with netcat and attempts to connect into the server on port 6666 to gain access of the webserver uid.
Author:	Knight420
File Size:	3872
Last Modified:	Jul 9 17:43:11 2003
MD5 Checksum:	d16e63fce80c44af0cb31e5bb3b31202

/// File Name:	YahPoo.c
Description:	Exploit for Yahoo Messenger, Yahoo Module that allows for remote command execution on a victim machine via bad URI handling. Requires the victim to view the html.
Author:	bob
Homepage:	http://www.dtors.net/
File Size:	3705
Last Modified:	Jul 15 01:08:15 2003
MD5 Checksum:	1f8a1f0189da4662ead77ad7254d271a

/// File Name:	intersystems.txt
Description:	iDEFENSE Security Advisory 07.01.03: InterSystems Corp. Cache installs with insecure file and directory permissions, thereby allowing local attackers to gain root access by manipulating items in the main package tree. The vulnerability specifically exists because files and directories are open to all users for read, write, and execute operations.
Author:	Larry W. Cashdollar
Homepage:	http://www.idefense.com/
File Size:	3493
Related CVE(s):	CAN-2003-0497, CAN-2003-0498
Last Modified:	Jul 3 07:30:44 2003
MD5 Checksum:	a64a4be588901be55acb1feceb00d908

/// File Name:	FBHtoppler.c
Description:	Local exploit for the setgid game toppler. There is a stack overflow vulnerability with how toppler makes use of the HOME environment variable. Successful exploitation escalates user privileges to the group for games.
Author:	fbhowns
File Size:	3108
Last Modified:	Jul 8 00:58:27 2003
MD5 Checksum:	faff6a2833b8fb276ce613f446822f67

/// File Name:	ccbill.txt
Description:	The CGI script whereami.cgi that gets distributed by CCBill lacks input validation and in return allows for remote command execution as the web uid.
Author:	Dayne Jordan
File Size:	3064
Last Modified:	Jul 6 22:11:00 2003
MD5 Checksum:	03e058c869b7c0bd6a2db785177e26d6

/// File Name:	STG-Verity-K2.txt
Description:	STG Security Advisory SSA-20030701-02 - The Verity K2 Toolkit Query Builder suffers from a cross site scripting vulnerability.
Author:	SSR Team
File Size:	2988
Last Modified:	Jul 4 18:46:26 2003
MD5 Checksum:	3b7f9bfc19192e033b01fbdd0c4cc63c

/// File Name:	5358gchessfuck.c
Description:	gnuchess, if setuid, is vulnerable to a buffer overflow using the -s switch that will allow an attacker to escalate their privileges. Vulnerable versions are 5.0.6 and below.
Author:	ace, t0asty
Homepage:	http://www.static-x.org
File Size:	2944
Last Modified:	Jul 7 05:03:58 2003
MD5 Checksum:	7ccb9569d981b450e7bcb8a97bfcadd9

/// File Name:	5358isdnrape.c
Description:	isdnrep has a buffer overflow in the -t switch that allows a local attacker to escalate privileges if the binary is setuid/setgid (which it normally is not).
Author:	ace, t0asty
Homepage:	http://www.static-x.org
File Size:	2804
Last Modified:	Jul 7 05:09:21 2003
MD5 Checksum:	734ab28ee02006be169f339c1a516c6c

/// File Name:	CSSoft-EZTRansI-Eng.txt
Description:	STG Security Advisory SSA-20030701-03: ezTrans Server, the popular portal software used throughout Korea, lacks input validation in the file download module. Due to this, a remote attacker can download any file on the system that the webserver uid can access.
Author:	SSR Team
Homepage:	http://www.stgsecurity.com
File Size:	2787
Last Modified:	Jul 9 17:30:54 2003
MD5 Checksum:	5e5b9d4fb6b5adcb71f4b3a0a9f97782

/// File Name:	5358gnuanx0r.c
Description:	gnuan, the utility that produces an analysis of a chess game, has a buffer overflow that allows a local attacker to escalate privileges if the binary is setuid (which it normally is not).
Author:	ace, t0asty
Homepage:	http://www.static-x.org
File Size:	2777
Last Modified:	Jul 7 05:07:28 2003
MD5 Checksum:	a25af7dcda564b06beb127d57eb304ee

/// File Name:	Verity-K2Toolkit-Eng.txt
Description:	STG Security Advisory SSA-20030701-02: Verity's K2 Toolkit has a XSS vulnerability in its Query Builder.
Author:	SSR Team
Homepage:	http://www.stgsecurity.com
File Size:	2766
Last Modified:	Jul 9 17:33:06 2003
MD5 Checksum:	e311754582aaf122768c3fb8b1178a66

/// File Name:	0x333bru-fmtx.c
Description:	Local root exploit for bru, or Backup and Restore Utility for Unix, that makes use of a stack overflow.
Author:	nic
Homepage:	http://www.0x333.org
File Size:	2665
Last Modified:	Jul 22 02:18:54 2003
MD5 Checksum:	d98819e03bec7237629814af9f5d5a2c

/// File Name:	dcomx.pl
Description:	Remote denial of service exploit making use of the vulnerability found in DCOM under Windows.
Author:	Knight420.
File Size:	2404
Last Modified:	Jul 24 23:48:09 2003
MD5 Checksum:	1098316c80fe73f7861565b0b8ec61ef

/// File Name:	screenapple.txt
Description:	The screen saver that comes with MacOSX crashes when an large amount of characters are entered and then the return key is pressed. At this point, access to the desktop is achieved.
Author:	Delfim Machado
Homepage:	http://lab.xpto.org
File Size:	2377
Last Modified:	Jul 4 20:35:14 2003
MD5 Checksum:	5070858a1c37df111b8b6666b66e45ed

/// File Name:	ex_bru.c
Description:	Local root exploit for bru, or Backup and Restore Utility for Unix, that makes use of a stack overflow. Includes both Linux and FreeBSD targets.
Author:	Dvdman
Related File:	SRT2003-07-16-0358.txt
File Size:	2330
Last Modified:	Jul 19 01:15:51 2003
MD5 Checksum:	9e4e064acba76fd0ff9c367ec8ea852c

/// File Name:	diginews.txt
Description:	Digi-news and Digi-ads version 1.1 allow administrative access without a remote attacker having knowledge of the account password by keeping necessary credentials client-side in a cookie. Essentially, as long as an attacker has a valid administrative login name, they can use their own password to authenticate.
Author:	Arnaud Jacques aka scrap
Homepage:	http://www.securiteinfo.com
File Size:	2290
Last Modified:	Jul 18 03:42:40 2003
MD5 Checksum:	cbbef802af4f26114deb0b40e22828ec