Section: .. / 0307-exploits /

Page 3 of 3
<< 1 2 3 >> Files 50 - 64 of 64

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	ZH2003-11SA.txt
Description:	Zone-H Security Advisory ZH2003-11SA - Elite News version 1.0.0.0-1.0.0.3 Beta allows direct access to various system files which enables an attacker to retrieve the administrator login name, then utilize that name on another page to set a cookie that will be referenced by yet another page that allows an attacker to post as the administrator.
Author:	Trash-80
Homepage:	http://www.zone-h.org
File Size:	2275
Last Modified:	Jul 18 03:54:51 2003
MD5 Checksum:	e900152d55dde53d9e5ec8afebc4cf84

/// File Name:	Netsuite121.txt
Description:	Moby's Netsuite 1.21 httpd server is vulnerable to a multitude of directory traversal bugs that allow an attacker to access files outside of the web root.
Author:	Dr_insane
Homepage:	http://members.lycos.co.uk/r34ct/
File Size:	2216
Last Modified:	Jul 15 02:00:45 2003
MD5 Checksum:	13a9b1d37922d0946aefdc3259f7eb32

/// File Name:	ACME-mitel.txt
Description:	An interesting bug in the Mitel Voice Over IP system that allows an attacker to discover phone numbers calling through the DHCP server.
Author:	acme
Homepage:	http://olografix.org/acme/mitel.txt
File Size:	2111
Last Modified:	Jul 28 02:45:51 2003
MD5 Checksum:	5b613c224e45a1343f68316310dd2b06

/// File Name:	PUPET-simpnews.txt
Description:	Simpnews has an include file vulnerability that allows a remote attacker to load malicious PHP scripts.
Author:	PUPET
File Size:	2060
Last Modified:	Jul 18 02:19:51 2003
MD5 Checksum:	41e2b8e194447464b096d39c7b931325

/// File Name:	splatt.txt
Description:	The Splatt Forum engine allows html code insertion for the post icon form input.
Author:	Black Angels, Nemesis
File Size:	1943
Last Modified:	Jul 18 03:46:43 2003
MD5 Checksum:	09c345c267efafe1d85c5484feea2ec0

/// File Name:	ciscodos.sh
Description:	Remote exploit that causes a denial of service against Cisco IOS versions 11.x through 12.x using hping.
Author:	zerash
File Size:	1868
Last Modified:	Jul 22 01:31:46 2003
MD5 Checksum:	5b4d3da440603ada84738a3464e28b7e

/// File Name:	ZH2003-12SA.txt
Description:	PHP-Gästebuch version 1.60 Beta is vulnerable to various attacks due to information disclosure. The md5 hashed password for the administrator user is retrievable by any remote attacker along with the guestbookdat file containing their saved settings.
Author:	Trash-80
Homepage:	http://www.zone-h.org
File Size:	1733
Last Modified:	Jul 25 01:59:38 2003
MD5 Checksum:	c8eb6e9944f034550eae837f2e8114cd

/// File Name:	MABRYdtv.txt
Description:	The Mabry HTTP server version 1.00.047 suffers from multiple directory traversal attacks that allow an attacker to view the content of files outside of the web root.
Author:	dr_insane
File Size:	1373
Last Modified:	Jul 11 21:18:19 2003
MD5 Checksum:	c41348186e0a9a2cd7038995494a60a6

/// File Name:	DSR-listproc.pl
Description:	Local root exploit for listproc 8.2.09 written for FreeBSD.
Author:	kokanin
Homepage:	http://www.dtors.net
Related File:	srt2003-1137.txt
File Size:	1196
Last Modified:	Jul 9 17:51:29 2003
MD5 Checksum:	a65af9fb53e73d9c62532f6a4a3e3389

/// File Name:	DSR-mnogo.pl
Description:	Proof of concept exploit for mnoGoSearch 3.1.20 (and possibly works on 3.2.10) that binds a shell to port 10000. Tested against FreeBSD.
Author:	inv
Homepage:	http://www.dtors.net
File Size:	1194
Last Modified:	Jul 11 23:04:32 2003
MD5 Checksum:	2c6a3ed744a1a81e74c48085d0b4da50

/// File Name:	IEbug.txt
Description:	Internet Explorer 6 has a bug that will lock up the browser if C:\aux is entered. It is similar to the C:\con\con problem where it is trying to access a hardware device. Microsoft claims this bug does not exist.
Author:	Fabian Becker
Homepage:	http://www.neonomicus.ionichost.com
File Size:	652
Last Modified:	Jul 7 21:13:23 2003
MD5 Checksum:	6ba39980f6227e4a1edf8efb4b71ff75

/// File Name:	DSR-upclient.pl
Description:	Local exploit for Upclient 5.0.b5 that spawns a shell with kmem privileges. Tested on FreeBSD 5.0.
Author:	inv
Homepage:	http://www.dtors.net
File Size:	633
Last Modified:	Jul 15 01:02:55 2003
MD5 Checksum:	6956c86d50be5d1076121733aedb2449

/// File Name:	DSR-gnats.pl
Description:	Proof of concept local exploit for gnats version 3.113.1_6 tested on FreeBSD 5.0. If successful, escalates privileges to gnats.
Author:	inv
Homepage:	http://www.dtors.net/
File Size:	620
Last Modified:	Jul 20 08:34:44 2003
MD5 Checksum:	f35302b106a2fee84c4ceed3da644de6

/// File Name:	DSR-crapche.sh
Description:	Hilariously amusing and simple exploit that makes use of the fact that the cuxs binary on InterSystems Corp. Cache management system executes a binary as root without that binary having a static path.
Author:	kokanin
Homepage:	http://www.dtors.net
Related File:	intersystems.txt
File Size:	525
Last Modified:	Jul 3 07:36:22 2003
MD5 Checksum:	329a7a5129be9aefbe9ce9427f75d63e