Section:  .. / 0401-exploits  /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 67
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: 0401-exploits.tgz
Packet Storm new exploits for January, 2004.
File Size:111178
Last Modified:Feb 23 03:46:21 2004
MD5 Checksum:dc3485ad8b2762b423d11d688c681c3e

 ///  File Name: 0x333xsok-2.c
Local gid=games exploit for xsok v1.0.2 and below (version two).
File Size:999
Related CVE(s):CAN-2003-0949
Last Modified:Jan 3 22:46:58 2004
MD5 Checksum:82996803efed7ef19087e914aae03b01

 ///  File Name: 2WireGateway.txt
2Wire-Gateway is a router that has a webserver for maintenance. The CGI interface lacks input validation when returning an error with its return variable allowing for a directory traversal attack.
Author:Rafel Ivgi aka The-Insider
File Size:2256
Last Modified:Jan 21 08:14:00 2004
MD5 Checksum:2f31bde0d85934030ae48ddf5fa67a06

 ///  File Name: accipiter.txt
Accipiter Direct Server is susceptible to a directory traversal attack that allows retrieval of files outside of the webroot.
Author:Mark Bassett
File Size:1224
Last Modified:Jan 9 21:00:00 2004
MD5 Checksum:59a0576946987218e0538d48818bead6

 ///  File Name: adv_microsoft_word_protection.txt
All versions of Microsoft Word are susceptible to having the password protection on Word documents bypassed by clearing out the checksum in the document utilizing a hex editor and replacing it with 0x00000000 which equals an empty string.
Author:Thorsten Delbrouck
File Size:4221
Last Modified:Jan 5 23:58:51 2004
MD5 Checksum:d439fb571646d24b9b1db1620a73ca83

 ///  File Name: antivir.c
Local exploit that makes use of a symlink vulnerability that lies in Antivir for Linux version 2.0.9-9.
File Size:2453
Last Modified:Jan 14 03:37:00 2004
MD5 Checksum:5afdc59fb13c6f0d8baab28cbbbc0772

 ///  File Name: apache2047.txt
In the Apache httpd server version 2.0.47, a user can bypass a Deny directive by setting the ErrorDocument directive in their .htaccess file to access a php script which can then access the data they should be denied.
Author:Trung - caothuvolam
File Size:3211
Last Modified:Jan 31 23:02:00 2004
MD5 Checksum:62ade51afc01bff5975f1fa1fdd1605d

 ///  File Name: BremsServer124.txt
BremsServer version 1.2.4 is vulnerable to directory traversal and cross site scripting attacks.
Author:Donato Ferrante
File Size:1818
Last Modified:Jan 26 17:30:00 2004
MD5 Checksum:973777ad7fa56b40037a75a4241400b2

 ///  File Name: BRSwebweaverXSS.txt
BRE WebWeaver version 1.07 is vulnerable a cross site scripting attack.
File Size:417
Last Modified:Jan 28 21:40:00 2004
MD5 Checksum:a51162aec7d678367d96d90ca56ecd80

 ///  File Name: BWStraversal.txt
BWS or Borland Web Server, which is used as the Corel Paradox relational database interface, lacks input validation and is subject to directory traversal attacks. Versions 1.0b3 and below are affected.
Author:Rafel Ivgi aka The-Insider
File Size:2175
Last Modified:Jan 26 14:50:00 2004
MD5 Checksum:8455d25f930d008b12b6b26bb08311d8

 ///  File Name: DameWeird.c
DameWare Mini Remote Control versions 3.73 and below remote exploit. Tested against Windows 2000 with versions 3.68 and 3.72.
File Size:9141
Last Modified:Jan 11 05:04:00 2004
MD5 Checksum:4cd04d7261c12d9e3fe068c4eb2e2ccc

 ///  File Name: easydynamic.txt
EasyDynamicPages versions 2 through 2.5 are susceptible to an include() vulnerability due to a lack of filtering that in turn allows a remote attacker to load data from remote or local resources.
File Size:2346
Last Modified:Jan 6 00:18:43 2004
MD5 Checksum:db3165b1b2bc99fae3eda79181f412c2

 ///  File Name: exp-xsok-2.c
Local gid=games exploit for xsok v1.0.2 and below that exploits the -xsokdir command line overflow bug.
File Size:1483
Last Modified:Jan 6 01:45:09 2004
MD5 Checksum:1e7c28de39c2ed8b2304c408c7baa1e1

 ///  File Name: exp-xsok.c
Local gid=games exploit for xsok v1.0.2 and below that will automatically calculate the return address and has improved shellcode. Tested on RedHat 9.0.
File Size:1474
Related CVE(s):CAN-2003-0949
Last Modified:Jan 6 01:43:07 2004
MD5 Checksum:23986a992a6216b63170a195ed714fac

 ///  File Name: ezcontents.txt
The ezContents utility allows for arbitrary code execution on the server due to a lack of input validation.
Author:Zero X
File Size:385
Last Modified:Jan 11 05:01:00 2004
MD5 Checksum:38a3e2b3ad498990ad9d390e8833d549

 ///  File Name: finjanSurfinGate.txt
When running in proxy mode, properly crafted requests sent to Finjan SurfinGate versions 6 and 7 can mimic control commands. Known vulnerabilities include viewing log data and causing the service to restart, potentially resulting in a DoS situation. The architecture for this application suggests there is a potential for modifying the filtering policy as well. The vendor has ignored the problem for over a year.
Author:David Byrne
File Size:4385
Last Modified:Jan 23 12:04:00 2004
MD5 Checksum:a70f0608854315d2b3d5d6fbf8a2c19f

 ///  File Name: firstclass71.txt
FirstClass desktop client version 7.1 is susceptible to having a user click on a maliciously crafted link that will result in local file execution.
Author:Richard Maudsley
File Size:1079
Last Modified:Jan 8 01:47:16 2004
MD5 Checksum:4d46ebc307889d6979f950c4031d2bbe

 ///  File Name: Flash.txt
Flash FTP server v1.0 for Windows directory traversal vulnerability - Allows remote anonymous users to read and write to any file on the system.
File Size:960
Last Modified:Jan 3 22:41:04 2004
MD5 Checksum:40baf9ae78b752916185e257b8d7147f

 ///  File Name: freesco.txt
Version 2.05 of the Freesco thttpd server is susceptible to a cross site scripting attack.
Author:Rafel Ivgi aka The-Insider
File Size:2409
Last Modified:Jan 23 02:30:00 2004
MD5 Checksum:5dfe5dcde7f8a611aba17a8b91fe854d

 ///  File Name: geoHTTP.txt
GeoHttpServer is vulnerable to an authentication bypass and a denial of service attack.
Author:Rafel Ivgi aka The-Insider
File Size:4144
Last Modified:Jan 23 02:00:00 2004
MD5 Checksum:01fc35d487f1ab59142f71a326fd8f7b

 ///  File Name: goahead.txt
The Goahead webserver, version 2.1.8 and below, is an embedded webserver used by many products. A flaw exists where an attacker can get the webserver to consume all of the server's resources by using the POST method with a specific number set for the Content-Length parameter.
Author:Luigi Auriemma
File Size:2883
Last Modified:Jan 20 03:50:00 2004
MD5 Checksum:bd70f9008e11a6ee7aee95e19b4bb985

 ///  File Name: goahead2.txt
The Goahead webserver, version 2.1.8 and below, is an embedded webserver used by many products. The server has an internal problem where it will accept improper HTTP requests that allow a remote attacker to view source for CGI related files.
Author:Luigi Auriemma
File Size:3505
Last Modified:Jan 20 03:51:00 2004
MD5 Checksum:c3c9b58c5d94300aea7ebd8debfaa90b

 ///  File Name: hdsoft.c
Remote exploit for Windows FTP server version 1.6. Data for original vulnerability discovery made by Peter Winter-Smith here.
File Size:4581
Last Modified:Jan 13 19:26:00 2004
MD5 Checksum:630232757bde88f3ee2b10ff364007ee

 ///  File Name: inrtra.txt
Inrtra Forum is susceptible to a cross site scripting vulnerability.
Author:Rafel Ivgi aka The-Insider
File Size:3050
Last Modified:Jan 26 14:51:00 2004
MD5 Checksum:41c1438eb8ab726423c3308d1345e047

 ///  File Name: j2ee.pointbase.txt
Attached is an exploit that crashes the Pointbase 4.6 database server that comes with the J2EE reference implementation. It is caused by fact that the Pointbase installation coming with j2ee/ri 1.4. is not equipped with an appropriate security manager, thus giving all jars implicitly all permissions. These unlimited permissions can be exploited by an attacker using jdbc to crash the jvm running the pointbase server. Further exploitations possible are information disclosure and remote command injection.
Author:Marc Schoenefeld
File Size:3294
Last Modified:Jan 19 10:25:00 2004
MD5 Checksum:656290e3971e2cf1d90448e0af989f95