Section:  .. / 0309-exploits  /

Page 2 of 2
<< 1 2 >> Files 25 - 47 of 47
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: dbabble.txt
Description:
 DBabble 2.5i suffers from cross site scripting issues that can lead to cookie hijacking.
Author:dr_insane
Homepage:http://members.lycos.co.uk/r34ct/
File Size:5399
Last Modified:Sep 18 20:54:25 2003
MD5 Checksum:d7bd98900757ac09369e6a2ae7509dfe

 ///  File Name: MS03-039-linux.c
Description:
 Remote Windows exploit for the RPC DCOM long filename heap overflow discovered by NSFOCUS.
Author:ey4s. This version was ported to Linux by nulluid.
Related File:sa2003-06.txt
File Size:13641
Last Modified:Sep 18 20:31:36 2003
MD5 Checksum:bc05567626bebd91b9ea3c9844b4a56a

 ///  File Name: liquidwar-exploit.c
Description:
 Liquidwar 5.4.5 local exploit that has been tested on Slackware Linux 9.0.0 and Gentoo Linux 1.4.
Author:Angelo Rosiello
Homepage:http://www.rosiello.org
File Size:1552
Last Modified:Sep 18 20:16:48 2003
MD5 Checksum:e19fe2d76a0e5359b37326a9f8ffec8c

 ///  File Name: mounty.c
Description:
 Remote root exploit for rpc.mountd that makes use of the xlog off-by-one vulnerability discussed here.
Author:newroot
Homepage:http://www.newroot.de
File Size:9448
Last Modified:Sep 17 18:30:54 2003
MD5 Checksum:eb911a8a195173435b059a49e159a2a7

 ///  File Name: 09.16.MS03-039-exp.c
Description:
 Remote Windows exploit for the RPC DCOM long filename heap overflow discovered by NSFOCUS.
Author:ey4s
Related File:sa2003-06.txt
File Size:13143
Last Modified:Sep 16 23:53:46 2003
MD5 Checksum:914d1c99e072cfb536a6d00fd8a75d8a

 ///  File Name: TEXONET-20030902.txt
Description:
 Texonet Security Advisory 20030902 - SCO OpenServer / Internet Manager (mana) versions 5.0.5 to 5.0.7 are susceptible to escalating a local attacker's privileges due to being tricked into executing the environment variable REMOTE_ADDR when it is set.
Homepage:http://www.texonet.com/
File Size:3991
Last Modified:Sep 16 23:45:03 2003
MD5 Checksum:e110cec39a0883d80e796ab5fd06d804

 ///  File Name: 09.14.mysql.c
Description:
 Remote exploit for Mysql 3.x versions 3.23.56 and Mysql 4.x versions below 4.0.15. More information available here.
Author:Bkbll
File Size:8867
Related CVE(s):CAN-2003-0780
Last Modified:Sep 16 22:04:40 2003
MD5 Checksum:6db4d9e49e4882f5622fd5b59932596c

 ///  File Name: sorpine.c
Description:
 Remote Pine exploit for versions 4.56 and below. Makes use of a vulnerability discussed here.Binds a shell to port 6682. Written for Slackware 8.0, 8.1, and 9.0 and works for RedHat as well.
Author:sorbo
Homepage:http://www.darkircop.org
File Size:20847
Last Modified:Sep 16 21:37:14 2003
MD5 Checksum:f9e9118421a2a9d7c0f6da00eb98f949

 ///  File Name: minihttp.txt
Description:
 Minihttpserver 1.x Host Engine is susceptible to a directory traversal attack and has a login parsing flaw that allows a remote attacker to gain administrative privileges.
Author:Peter Winter-Smith
File Size:3162
Last Modified:Sep 16 20:57:25 2003
MD5 Checksum:52c72989566b10fad57a9d48c623658b

 ///  File Name: easyfile.txt
Description:
 Easy File Sharing Web Server 1.2 is vulnerable to directory traversal bugs, cross site scripting, HTML injection, and password snatching due to them being left in the clear.
Author:Dr_insane
Homepage:Http://members.lycos.co.uk/r34ct/
File Size:3960
Last Modified:Sep 16 20:52:52 2003
MD5 Checksum:10386b500c650364176e96a1890fc114

 ///  File Name: ftgatepro.txt
Description:
 Secunia Research Advisory - Two vulnerabilities have been identified in FTGatePro mail server version 1.x that allow malicious users to access sensitive information. One lies in the file ftgatedump.fts allowing an attacker to see the system configuration while another lies in exportmbx.fts that holds all the usernames and passwords for the system.
Author:Phuong Nguyen
Homepage:http://www.secunia.com/advisories/
File Size:1779
Last Modified:Sep 14 00:33:23 2003
MD5 Checksum:92c1ea9ed17988649d4fcb386b69df54

 ///  File Name: bandwebsite.txt
Description:
 Bandsite portal system version 1.5 lacks authentication validation in its admin.php code when an administrator is added, thus allowing a remote attacker to gain administrative privileges.
Author:Nasser.M.Sh
File Size:1516
Last Modified:Sep 13 09:34:11 2003
MD5 Checksum:f7c0dc27a28dfa690190754c5b69973c

 ///  File Name: 4DWS_ftp.c
Description:
 4D WebSTAR FTP server suite version 5.3.1 remote exploit that binds a shell to port 6969 as the uid running the server. This exploit makes use of the pre-authentication buffer overflow that exists in the login mechanism of the WebSTAR FTP service.
Author:B-r00t
Homepage:http://doris.scriptkiddie.net
File Size:8046
Last Modified:Sep 13 09:02:47 2003
MD5 Checksum:7456e23cbadbcbea96645ab9eee368c0

 ///  File Name: myPHPNuke.txt
Description:
 myPHPNuke version 1.8.8_7 performs improper variable sanitizing that will inadvertently allow a remote attacker to upload files from another site to the current site.
Author:Frog Man
Homepage:http://www.phpsecure.info
File Size:2845
Last Modified:Sep 13 08:25:35 2003
MD5 Checksum:82ce1f957a210e93e078256ee2002d53

 ///  File Name: rp9-priv-esc.c
Description:
 RealOne Player 9 exploit for Unix/Linux that escalates privileges to the person using the utility by taking advantage of group write permissions on user configuration files.
Author:Jon Hart
File Size:6183
Last Modified:Sep 11 08:14:45 2003
MD5 Checksum:4445831b67a74340eaffa17ee24060b4

 ///  File Name: WebX.txt
Description:
 WebX 1.1 and WebX Lite 1.1 web servers are vulnerable to a directory traversal attack that allows a remote attacker to access any files outside of the web root.
Author:dr_insane
Homepage:http://members.lycos.co.uk/r34ct/
File Size:1962
Last Modified:Sep 10 02:23:36 2003
MD5 Checksum:156de465b5dc858d41dabb4a2546a5d6

 ///  File Name: sp-myserver.c
Description:
 Remote denial of service exploit for MyServer 0.4.3.
Author:badpack3t
Homepage:http://www.security-protocols.com
Related File:myserver.txt
File Size:8268
Last Modified:Sep 10 02:21:13 2003
MD5 Checksum:26fe6f995a2b40b213a0a7f660d0d2b5

 ///  File Name: leak-sploit.c
Description:
 Stunnel v3.25 and below exploit which makes use of the file descriptor leak discussed in this Conectiva Security Advisory. Allows local attackers to hijack the stunnel server.
File Size:3100
Related CVE(s):CAN-2002-1563, CAN-2003-0740
Last Modified:Sep 9 05:47:54 2003
MD5 Checksum:a2b33220a6e0cb0535781760d121f2ce

 ///  File Name: augustiner.c
Description:
 Denial of service exploit for Microsoft Windows 98 that floods UDP traffic to random destination ports causing the system to lock up.
Author:Warlord
Homepage:http://www.nologin.org
File Size:6171
Last Modified:Sep 9 05:19:52 2003
MD5 Checksum:e282c1433fab2315b14f50153e017834

 ///  File Name: word.zip
Description:
 Exploit that makes use of the Microsoft Word WordPerfect document converter which has been found vulnerable to a buffer overflow when a malicious .doc file is opened.
Author:valgasu
Homepage:http://valgasu.rstack.org/
Related File:mswordcon.txt
File Size:19944
Last Modified:Sep 6 03:32:20 2003
MD5 Checksum:19134e503acc53ad924e617d58add3f7

 ///  File Name: bazooka_penaka.pl
Description:
 Proof of concept remote exploit for Foxweb 2.5 on Microsoft Windows that achieves access of the web server user id and makes use of a buffer overflow found in the PATH_INFO variable in foxweb.dll.
Author:pokleyzz
Homepage:http://www.scan-associates.net
File Size:4771
Last Modified:Sep 6 02:46:22 2003
MD5 Checksum:c3599adf8b5c36ef30b4eb85ff7a6773

 ///  File Name: tellurian.txt
Description:
 Tellurian TFTPDNT server version 1.8 for Windows NT and Windows 9x suffers from a buffer overflow that allows remote attackers to execute arbitrary code.
Author:Storm
Homepage:http://www.securiteam.com/windowsntfocus/5RP0M1PAUM.html
File Size:2090
Last Modified:Sep 4 05:06:02 2003
MD5 Checksum:59926ee18abe7c877c439b49e109a025