Section: .. / 0311-exploits /

Page 2 of 2
<< 1 2 >> Files 25 - 40 of 40

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	kpopup.txt
Description:	Kpopup version 0.9.1 is susceptible to allowing privilege escalation due to format string bugs and an unsafe system() call. Local root exploit included.
Author:	b0f
Homepage:	http://www.b0f.net
File Size:	3743
Last Modified:	Nov 4 08:16:18 2003
MD5 Checksum:	ef5877dfcaad27f0f1cbd792ee2650aa

/// File Name:	boomerang.tgz
Description:	Local exploit for the ListBox/ComboBox vulnerabilities in Win32 platforms. Included is an example of a vulnerable program.
Author:	xCrZx
Related File:	MS03-045
File Size:	3638
Last Modified:	Nov 14 03:05:55 2003
MD5 Checksum:	2535d98788c7d94b7b1bc63be67d9adf

/// File Name:	TCM315.txt
Description:	The embedded webserver for the Thomson TCM315 cable modem is vulnerable to a buffer overflow during a typical GET method HTTP request.
Author:	aT4r
File Size:	3579
Last Modified:	Nov 25 05:05:14 2003
MD5 Checksum:	51198bef948a30a3927152acb48c8e3f

/// File Name:	rush13.txt
Description:	Rolis Guestbook version 1.0 is susceptible to php injection cross site scripting attacks.
Author:	idtwolf
Homepage:	http://www.rsteam.ru
File Size:	3114
Last Modified:	Nov 17 23:34:34 2003
MD5 Checksum:	1972e31d4135891fa96c056c66ac386f

/// File Name:	termxploit.c
Description:	TerminatorX version 3.81 and below local root exploit. Makes use of vulnerabilities discussed in this related advisory.
Author:	phender
File Size:	2650
Last Modified:	Nov 14 02:12:09 2003
MD5 Checksum:	8b5061ce2be4afdf626e722708c4230e

/// File Name:	rush12.txt
Description:	phpWebFileManager version 2.0.0 is susceptible to a directory traversal attack due to a lack of input validation.
Author:	idtwolf
Homepage:	http://www.rsteam.ru
File Size:	2621
Last Modified:	Nov 17 23:31:15 2003
MD5 Checksum:	9eb1029ff44f80602acd4bef54d419dc

/// File Name:	gEEk-0verkill.c
Description:	0verkill version 0.16 local proof of concept exploit that makes use of a stack overflow when reading in the HOME environment variable.
Author:	demz
Homepage:	http://geekz.nl/
File Size:	2258
Last Modified:	Nov 15 18:53:13 2003
MD5 Checksum:	ee4378534a1ac7e7c6ff82037218678f

/// File Name:	gEEk-unace.c
Description:	UnAce version 2.20 local proof of concept exploit. Original vulnerability discovery made by MegaHz. Tested on Debian 3.0.
Author:	demz
Homepage:	http://geekz.nl/
File Size:	2225
Last Modified:	Nov 15 18:49:31 2003
MD5 Checksum:	2b33f62481726d5a0a5ecbdf48ec57e1

/// File Name:	chemtrailX.c
Description:	Proof of concept local root exploit for iwconfig that is normally not setuid by default. Tested on RedHat Linux 9.0.
Author:	Knight420
File Size:	1728
Last Modified:	Nov 14 02:42:59 2003
MD5 Checksum:	b3da4e4973f8442505f7f11bb2442480

/// File Name:	myegallery.txt
Description:	My_eGallery versions below 3.1.1.g has PHP files which do not filter all parameters fed to functions, allowing a malicious attacker the ability to execute any command as the user id the webserver is running under. Vendor supplied patch available here.
Author:	Bojan Zdrnja
File Size:	1564
Last Modified:	Nov 27 01:09:53 2003
MD5 Checksum:	b43abc56c3104b46370ca73811988658

/// File Name:	iw-config.c
Description:	Proof of concept local root exploit for iwconfig, which is not setuid by default.
Author:	heka
File Size:	1344
Last Modified:	Nov 14 02:17:07 2003
MD5 Checksum:	5a3507650d6a7aa825d9cc3694338c88

/// File Name:	Mircxpl.pl
Description:	Remote exploit for mIRC versions below 6.12 that will cause the victim's client to crash.
Author:	Jackal.
File Size:	1112
Last Modified:	Nov 5 06:01:00 2003
MD5 Checksum:	afd42a6a9c7cc811f4b482ebdeb88690

/// File Name:	DSR-wmapm.sh
Description:	Wmapm v3.1 local exploit - Gives a shell with UID=operator in FreeBSD if compiled via ports collection, or UID=root if compiled from source on FreeBSD or Linux. Requires a valid X display.
Author:	Knud Erik Højgaard
Homepage:	http://kokanins.homepage.dk
File Size:	831
Last Modified:	Nov 8 03:16:52 2003
MD5 Checksum:	9c96e222a97fbced2e4789d67c4f010f

/// File Name:	badc0ded-DSR-ensim.sh
Description:	Virthostmail (part of the Ensim WEBppliance Pro) local exploit for Linux/x86. Tested on Ensim 3.5.20-7 and others. Bug found by Kokanin.
Author:	Joel Eriksson
File Size:	696
Last Modified:	Nov 8 03:20:28 2003
MD5 Checksum:	dfc06bc790ea5e5dcbea2f03b8eb6269

/// File Name:	commerceSQL.txt
Description:	CommerceSQL shopping cart allows remote file reading via a directory traversal vulnerability in its index.cgi.
Author:	Mariusz Ciesla
File Size:	602
Last Modified:	Nov 25 05:09:35 2003
MD5 Checksum:	5a17b3f5332c2e8437aa225dc2841a71