Section: .. / 0401-exploits /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 67

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	0401-exploits.tgz
Description:	Packet Storm new exploits for January, 2004.
File Size:	111178
Last Modified:	Feb 23 03:46:21 2004
MD5 Checksum:	dc3485ad8b2762b423d11d688c681c3e

/// File Name:	SCSA026.txt
Description:	Security Corporation Security Advisory [SCSA-026]: A vulnerability has been discovered in DUWARE Products, which allows malicious users to become administrators. It affects approximately 15 different products in all.
Author:	frog-man
Homepage:	http://www.Security-Corp.com
File Size:	18506
Last Modified:	Jan 21 08:40:00 2004
MD5 Checksum:	e0f69730ba6f5ceede94ff8f24ddb128

/// File Name:	servu2.c
Description:	Remote exploit that makes use of a buffer overrun in the Serv-U FTP server versions 4.2 and below.
Author:	kkqq, lion
Related File:	servu.txt
File Size:	14341
Last Modified:	Jan 27 15:42:00 2004
MD5 Checksum:	471231a0f4338ed849231470c392dea8

/// File Name:	proxyNow2x.txt
Description:	ProxyNow! versions 2.75 and below are susceptible to both heap memory corruption and stack-based buffer overflows. Exploitation of these vulnerabilities can lead to a denial of service and/or code execution with SYSTEM privileges. Detailed analysis and exploit included.
Author:	Peter Winter-Smith
Homepage:	http://www.elitehaven.net/proxynow.txt
File Size:	11440
Last Modified:	Jan 27 01:44:00 2004
MD5 Checksum:	56a50454322d1252538d57d7ca7db26e

/// File Name:	lftp.c
Description:	Remote exploit that makes use of the try_netscape_proxy() overflow in versions 2.3 to 2.6.9 of lftp.
Author:	Li0n7
Related File:	lftpadv.tgz
File Size:	11177
Last Modified:	Jan 30 12:01:00 2004
MD5 Checksum:	aa27e2f0a9caa7e80db62d9cd472b247

/// File Name:	DameWeird.c
Description:	DameWare Mini Remote Control versions 3.73 and below remote exploit. Tested against Windows 2000 with versions 3.68 and 3.72.
Author:	kralor
Homepage:	http://www.coromputer.net
File Size:	9141
Last Modified:	Jan 11 05:04:00 2004
MD5 Checksum:	4cd04d7261c12d9e3fe068c4eb2e2ccc

/// File Name:	sslexp.c
Description:	Brute forcer for OpenSSL ASN.1 parsing bugs that affects versions 0.9.6j and below and 0.9.7b and below.
Author:	Bram Matthys
Related File:	secadv_20030930.txt
File Size:	8914
Related CVE(s):	CAN-2003-0545, CAN-2003-0543, CAN-2003-0544
Last Modified:	Jan 30 12:02:00 2004
MD5 Checksum:	c1c971d5bc02630efc56c819b2b2d5b1

/// File Name:	SwitchOff.c
Description:	Switch Off 2.3 remote exploit that achieves SYSTEM privileges from a buffer overflow in the message parameter. Tested on Windows 2000 SP0 and XP SP0.
Author:	Mr. Nice
Homepage:	http://www.coromputer.net
Related File:	switchoff.txt
File Size:	6977
Last Modified:	Jan 8 19:23:51 2004
MD5 Checksum:	66f4b3f4d6252750baf6177084444df0

/// File Name:	servu3.c
Description:	Remote exploit that makes use of a buffer overrun in the Serv-U FTP server versions 4.2 and below.
Author:	kkqq, mandragore
Related File:	servu.txt
File Size:	6852
Last Modified:	Jan 30 15:34:00 2004
MD5 Checksum:	196d47c57e8dd07092d004eaac160800

/// File Name:	nfshp2cbof.zip
Description:	Need for Speed Hot Pursuit 2 remote exploit that makes use of a vulnerable client that is susceptible to a buffer overflow attack by a hostile server.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	nfshp2cbof-adv.txt
File Size:	6179
Last Modified:	Jan 23 01:46:00 2004
MD5 Checksum:	a2533e96a41fae2797422a54576747d5

/// File Name:	phpshopProject.txt
Description:	phpShop Project versions 0.6.1-b and earlier are prone to SQL injection attacks, script injection, cross site scripting, and user information disclosure vulnerabilities.
Author:	JeiAr
Homepage:	http://www.gulftech.org
File Size:	5779
Last Modified:	Jan 16 10:15:00 2004
MD5 Checksum:	076eaaa70fe151462a72ab91f8f525d4

/// File Name:	servu.c
Description:	Remote exploit that makes use of a buffer overrun in the Serv-U FTP server versions 4.2 and below.
Author:	kkqq, mslug
Related File:	servu.txt
File Size:	5730
Last Modified:	Jan 26 15:00:00 2004
MD5 Checksum:	480b668830de70170b51ba045aa17e00

/// File Name:	serv-ME.c
Description:	Remote exploit that makes use of a buffer overrun in the Serv-U FTP server versions 4.2 and below that binds a shell to port 28876.
Author:	SkyLined
Related File:	servu.txt
File Size:	5670
Last Modified:	Jan 31 22:43:00 2004
MD5 Checksum:	df97fa08733ac9a559651c1560ae605b

/// File Name:	wts_bo.c
Description:	Jordan Windows Telnet Server v1.2 remote buffer overflow exploit. Binds a shell on port 9191. Tested on Win32 and Unix.
Author:	fiNis
File Size:	5381
Last Modified:	Jan 3 11:46:23 2004
MD5 Checksum:	397649c591bb7a4d322df72b6a4212be

/// File Name:	rapidcache.txt
Description:	RapidCache versions 2.2.6 and below suffer from denial of service and directory traversal bugs.
Author:	Peter Winter-Smith
Homepage:	http://www.elitehaven.net/rapidcache.txt
File Size:	5286
Last Modified:	Jan 15 23:17:00 2004
MD5 Checksum:	9ec67f2bde13bce339f49f1bd384b38f

/// File Name:	phpGedView.txt
Description:	phpGedView version 2.65 beta 5 is susceptible to SQL injection attacks, path disclosure issues, cross site scripting, and denial of service attacks.
Homepage:	http://www.gulftech.org
File Size:	5224
Last Modified:	Jan 13 07:55:00 2004
MD5 Checksum:	95a022a564bc919b1d05e11aff9c4f20

/// File Name:	novellNetware.txt
Description:	Novell Netware Enterprise web server versions 5.1 and 6.0 are vulnerable to various cross site scripting, path dislosure, and directory listing attacks.
Author:	Rafel Ivgi aka The-Insider
Homepage:	http://theinsider.deep-ice.com
File Size:	4912
Last Modified:	Jan 23 11:35:00 2004
MD5 Checksum:	d40561da198da58da8e3bcd2c83aa6a5

/// File Name:	mremap_bug.c
Description:	Modified version of the Christophe Devine exploit that tests whether or not a Linux system is vulnerable to the do_mremap() vulnerability discussed here. This version does not corrupt any kernel data.
Author:	Angelo Dell'Aera
Homepage:	http://buffer.antifork.org
File Size:	4689
Last Modified:	Jan 7 23:07:51 2004
MD5 Checksum:	85646ea024f2d27587622b0f85db23a7

/// File Name:	hdsoft.c
Description:	Remote exploit for Windows FTP server version 1.6. Data for original vulnerability discovery made by Peter Winter-Smith here.
Author:	mandragore
File Size:	4581
Last Modified:	Jan 13 19:26:00 2004
MD5 Checksum:	630232757bde88f3ee2b10ff364007ee

/// File Name:	finjanSurfinGate.txt
Description:	When running in proxy mode, properly crafted requests sent to Finjan SurfinGate versions 6 and 7 can mimic control commands. Known vulnerabilities include viewing log data and causing the service to restart, potentially resulting in a DoS situation. The architecture for this application suggests there is a potential for modifying the filtering policy as well. The vendor has ignored the problem for over a year.
Author:	David Byrne
File Size:	4385
Last Modified:	Jan 23 12:04:00 2004
MD5 Checksum:	a70f0608854315d2b3d5d6fbf8a2c19f

/// File Name:	adv_microsoft_word_protection.txt
Description:	All versions of Microsoft Word are susceptible to having the password protection on Word documents bypassed by clearing out the checksum in the document utilizing a hex editor and replacing it with 0x00000000 which equals an empty string.
Author:	Thorsten Delbrouck
Homepage:	http://www.guardeonic.com/
File Size:	4221
Last Modified:	Jan 5 23:58:51 2004
MD5 Checksum:	d439fb571646d24b9b1db1620a73ca83

/// File Name:	wwwfilesharepro.txt
Description:	WWW File Share Pro versions 2.42 and below allow for files outside of the webroot to be overwritten due to invalid input validation, a denial of service attack when POSTs are made with large amounts of bytes, and directory authorization bypass.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
File Size:	4207
Last Modified:	Jan 15 03:19:00 2004
MD5 Checksum:	5e77a79be109409e5e90b1d986024226

/// File Name:	geoHTTP.txt
Description:	GeoHttpServer is vulnerable to an authentication bypass and a denial of service attack.
Author:	Rafel Ivgi aka The-Insider
Homepage:	http://theinsider.deep-ice.com
File Size:	4144
Last Modified:	Jan 23 02:00:00 2004
MD5 Checksum:	01fc35d487f1ab59142f71a326fd8f7b

/// File Name:	nextplace.txt
Description:	NextPlace.com E-Commerce ASP engine is susceptible to a cross site scripting vulnerability.
Author:	Rafel Ivgi aka The-Insider
Homepage:	http://theinsider.deep-ice.com
File Size:	3611
Last Modified:	Jan 26 14:52:00 2004
MD5 Checksum:	7537a2a81e8d2aeca8c75ab5ce02048d

/// File Name:	goahead2.txt
Description:	The Goahead webserver, version 2.1.8 and below, is an embedded webserver used by many products. The server has an internal problem where it will accept improper HTTP requests that allow a remote attacker to view source for CGI related files.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
File Size:	3505
Last Modified:	Jan 20 03:51:00 2004
MD5 Checksum:	c3c9b58c5d94300aea7ebd8debfaa90b