Section:  .. / 0310-exploits  /

Page 1 of 2
<< 1 2 >> Files 1 - 25 of 42
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: 0310-exploits.tgz
Packet Storm new exploits for October, 2003.
File Size:91652
Last Modified:Dec 10 03:25:00 2003
MD5 Checksum:63cd13d549e08c661624ae5de22a9818

 ///  File Name: asl_plz.txt
Information and packet capture of Mirc v6.11 and below DCC SEND buffer overflow exploit which crashes the client.
Author:Omi Da
File Size:2358
Last Modified:Oct 27 21:06:44 2003
MD5 Checksum:a84a0c6eae3a016419e6195491cd79b4

 ///  File Name:
Xchat script which uses the DCC SEND overflow to kill mIRC clients v6.11 and below.
Author:Josh Medley
File Size:675
Last Modified:Oct 30 05:10:00 2003
MD5 Checksum:1040b28d55d687b066bab53964c3f2e5

 ///  File Name: c-sillyPoker.c
Local proof of concept exploit that makes use of the HOME environment variable related overflow in Silly Poker v0.25.5. Yields group id of games.
File Size:2317
Last Modified:Oct 1 18:26:14 2003
MD5 Checksum:2fd90ac8f55bff836228b9a176515ae2

 ///  File Name: cafelog.txt
WordPress Cafelog is vulnerable to a number of SQL injection attacks that allow a local attacker with access to the same filesystem as the database to exploit.
Author:Seth Woolley
File Size:2690
Last Modified:Oct 3 23:23:10 2003
MD5 Checksum:ed17f61eb59c8f6d8edcea50685c919c

 ///  File Name: conexant.txt
The Conexant Access Runner DSL Console has faulty authentication capabilities that allow an attacker to login as the administrator after one failed attempt.
Author:Chris Norton
File Size:785
Last Modified:Oct 6 22:11:01 2003
MD5 Checksum:ef90ad98b9812873986dd8461f0b578c

 ///  File Name: cpCommerce.exp.txt
cpCommerce v0.5f and below contains an input validation error in _functions.php which allows remote arbitrary code execution. Exploit URL included. Fix available here. Additional information available here.
File Size:1627
Last Modified:Oct 30 05:01:13 2003
MD5 Checksum:fc3d68bc4d70e84ecab8477883ba365d

 ///  File Name: dcpportal.txt
DCP Portal 5.5 is susceptible to multitudes of SQL injection attacks.
Author:Lifo Fifo
File Size:2097
Last Modified:Oct 1 18:43:32 2003
MD5 Checksum:142855eac3a735ea182606e9af60918d

 ///  File Name: deskpro.sql.txt
DeskPRO v1.1.0 and below do not adequately filter user provided data, allowing a remote attacker to insert malicious SQL statements into existing ones. Allows attackers to login to the system as an administrator without knowing the password.
Author:Aviram Jenik
File Size:1780
Last Modified:Oct 21 03:59:29 2003
MD5 Checksum:6c7179a6ec73486ce67c6556b01c6725

 ///  File Name: dtprintinfo.txt
HPUX dtprintinfo on B.11.00 is vulnerable to a buffer overflow that can allow for privilege escalation.
Author:Davide Del Vecchio
File Size:1936
Last Modified:Oct 9 07:30:52 2003
MD5 Checksum:c28c1505ec6a76bab631cb245e45fd2f

 ///  File Name: easyfile12.txt
Easy File Sharing Web Server 1.2 allows for remote access to logs and options without any type of authentication.
File Size:2544
Last Modified:Oct 6 23:55:30 2003
MD5 Checksum:d5619a7af590c8ed019e96a20685cd2e

 ///  File Name: EMML.txt
EMML version 1.32, or EternalMart Mailing List Manager, and EMGB version 1.1, or EternalMart Guestbook, are both vulnerable to cross site scripting attacks that allow for remote PHP code execution from another site.
Author:Frog Man
File Size:1599
Last Modified:Oct 6 21:04:59 2003
MD5 Checksum:8c1b6f25babfb7d196152e0d98026950

 ///  File Name: FlexWATCH.txt
The FlexWATCH surveillance camera server is used by many banks and "secure" places and contains remotely exploitable vulnerabilities which allow remote attackers to view camera footage, add users, remove users, change the configuration, disable camera surveillance, and more.
File Size:7284
Last Modified:Oct 30 06:31:17 2003
MD5 Checksum:656d2fad064108c3fe3c98b3b6f97e4f

 ///  File Name: gaimexploit.txt
Simple notes on how to exploit GAIM via the festival plugin that was written quite poorly.
File Size:1689
Last Modified:Oct 16 07:59:43 2003
MD5 Checksum:bf092631c2e47257ae9f6aa6be652dda

 ///  File Name: gEEk-fuck-khaled.c
mIRC v6.1 and below remote exploit which takes advantage of the bug described in mirc61.txt. Creates a HTML file which overflows the irc:// URI handling, spawning a local cmd.exe window. The exploit works even if mIRC is not started - The HTML can be in a HTML email or on a web page. Tested against Windows XP build 2600.xpclient.010817-1148.
File Size:3506
Last Modified:Oct 21 03:11:05 2003
MD5 Checksum:bdc38dfedffb7977637c36ede12ea4e8

 ///  File Name: guppy24.txt
GuppY versions 2.4p3 and below are susceptible to cross site scripting attacks and have a lack of authentication when various data submissions are performed.
Author:Frog Man
File Size:5835
Last Modified:Oct 6 21:09:56 2003
MD5 Checksum:750a17e26237a6be3d4788f970d7a31a

 ///  File Name: I2S-LAB-25-09-2003.txt
I2S LAB Security Advisory - The HTTP daemon for FirstClass build 133 (SP3) and below suffers from a heap overflow that allows a remote attacker to shutdown various services on the server.
Author:Fred Chaverot, Aurélien Boudoux
File Size:4561
Last Modified:Oct 6 21:29:43 2003
MD5 Checksum:ba4b7562f6fe8af950ac6534737239a0

 ///  File Name: iwconfig.c
Iwconfig local proof of concept exploit - Causes a seg fault. Note that iwconfig is not suid.
File Size:1128
Last Modified:Oct 21 04:37:11 2003
MD5 Checksum:eccf7607942949f8ecfed824257cd7ac

 ///  File Name: iweb.traversal.txt
Directory traversal attacks against the iWeb mini http server. Exploit URLs included. Vendor URL here.
File Size:1145
Last Modified:Oct 30 05:12:34 2003
MD5 Checksum:dcaefe6f98304668838e20ca5cbcf763

 ///  File Name:
Solaris runtime linker ( local root buffer overflow exploit. Bug discovered by Jouko Pynnonen.
File Size:12219
Last Modified:Oct 30 05:21:23 2003
MD5 Checksum:159fa40468397e901231ffb0c7a34c8f

 ///  File Name: leap.tgz
Exploit that brute forces Microsoft's Active Directory authentication used in conjunction with the Cisco LEAP authentication on Cisco wireless access points. Related writing here.
File Size:11668
Last Modified:Oct 3 22:38:34 2003
MD5 Checksum:e8a8d7a237a6939d59520e342161c120

 ///  File Name: linksysDoS.txt
The Linksys EtherFast Cable/DSL Firewall Router BEFSX41 (Firmware 1.44.3) is susceptible to a denial of service attack when a long string is sent to the Log_Page_Num parameter of the Group.cgi script.
File Size:2301
Last Modified:Oct 16 08:08:22 2003
MD5 Checksum:1e142d2d4429f36d6bdbd08409720df8

 ///  File Name:
Denial of service exploit in ls, which is exploited remotely via wu-ftpd v2.6.2. In perl.
File Size:701
Last Modified:Oct 30 07:17:45 2003
MD5 Checksum:d172d1ad48e70d1f43bf8781bae6f7f1

 ///  File Name: ms03-043.c
Remote denial of service exploit for the Microsoft Messenger service buffer overflow described in ms03-043 which causes the target machine to reboot. Includes the ability to send the packet from a spoofed source address and requires the remote netbios name. Tested against Windows 2000 SP4.
Author:LSD, ported to Linux and *bsd by VeNoMouS
File Size:5930
Last Modified:Oct 21 02:55:57 2003
MD5 Checksum:75bde2a7d5758f67ec04524fa6b11be9

 ///  File Name:
Exploit for ms03-046 - Microsoft Exchange Server 5.5 and Exchange 2000 buffer overflow, in perl. Denial of service only.
Author:HD Moore
File Size:5499
Last Modified:Oct 30 05:08:34 2003
MD5 Checksum:17479c516711b178d64dbfcb23ff116f