Section:  .. / 0402-exploits  /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 54
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: 0402-exploits.tgz
Packet Storm new exploits for February, 2004.
File Size:118379
Last Modified:Mar 4 06:32:17 2004
MD5 Checksum:5a6ec2112ecac27ef985e10b59d352b6

 ///  File Name: 3com-DoS.c
Proof of concept DoS exploit for 3Com OfficeConnect DSL Routers. Successful exploitation of the vulnerability should cause the router to reboot.
File Size:1667
Last Modified:Feb 23 03:48:00 2004
MD5 Checksum:94069a9c5530f90d4d23aa6a0ef27899

 ///  File Name: Adv-20040216.txt
S-Quadra Advisory #2004-02-16 - EarlyImpact ProductCart shopping cart software incorrectly makes use of cryptography, is susceptible to a cross site scripting attack, and allows for SQL injection attacks as well.
Author:Nick Gudov
File Size:5213
Last Modified:Feb 18 20:15:00 2004
MD5 Checksum:90a560aa4703caff2202e2ae473c2775

 ///  File Name: Adv-20040218.txt
S-Quadra Advisory #2004-02-18 - WebCortex Webstores2000 version 6.0 has a SQL injection vulnerability that allows a remote attacker to add an administrative account and it also has a cross site scripting flaw.
Author:Nick Gudov
File Size:4017
Last Modified:Feb 18 22:08:00 2004
MD5 Checksum:09cc5ad6ab60c00eb917ba1e2d21b989

 ///  File Name: AllMyGuests.txt
AllMyGuests suffers from a PHP code injection vulnerability that allows a remote attacker to execute arbitrary commands on the server.
Author:bnfx, Mad_Skater
File Size:1443
Last Modified:Feb 14 18:47:00 2004
MD5 Checksum:72f0c0b2c34b543b4780f3e16c5afba3

 ///  File Name: AllMyLinks.txt
AllMyLinks suffers from a PHP code injection vulnerability that allows a remote attacker to execute arbitrary commands on the server.
Author:bnfx, Mad_Skater
File Size:1464
Last Modified:Feb 14 18:40:00 2004
MD5 Checksum:01d15dbcbddab7ec1b5a632060fa953e

 ///  File Name: AllMyVisitors.txt
AllMyVisitors suffers from a PHP code injection vulnerability that allows a remote attacker to execute arbitrary commands on the server.
Author:bnfx, Mad_Skater
File Size:1447
Last Modified:Feb 14 18:33:00 2004
MD5 Checksum:9315cd43eae3618cc9b47b2580ef0428

 ///  File Name: apc_9606_backdoor.txt
APC SmartSwitch and UPS products use an HTTP/SNMP management card that have backdoor passwords in them. Tested vulnerable: SmartUPS 3000RM with AP9606 AOS v3.2.1 and SmartUPS App v3.2.6, MasterSwitch AP9212 with AP9606 AOS v3.0.3 and MasterSwitch App v2.2.0.
Author:Dave Tarbatt
File Size:3890
Last Modified:Feb 16 23:44:00 2004
MD5 Checksum:2ef9d5ed44f20681ee2e2cb3015d6153

 ///  File Name: ASPportal.txt
ASP Portal suffers from multiple vulnerabilities that can lead to disclosure of authentication information, disclosure of user information, execution of arbitrary code remotely, modification of user information, and identity spoofing. Cookie hijacking exploit enclosed.
Author:Manuel L�pez
File Size:4017
Last Modified:Feb 13 20:37:00 2004
MD5 Checksum:14936acecce7c07a79157f22ad67b49c

 ///  File Name: brokerFTP.txt
Two security vulnerabilities in Broker FTP server version cause the server to crash and utilize 100 percent of the systems CPU cycles.
Author:Aviram Jenik
File Size:2501
Last Modified:Feb 18 02:50:00 2004
MD5 Checksum:45feef2ea56922c811759339ed7e8f3a

 ///  File Name:
Test exploit for the client of Chaser versions 1.50 and below.
Author:Luigi Auriemma
Related File:chaser-adv.txt
File Size:7256
Last Modified:Feb 4 00:51:00 2004
MD5 Checksum:970d0ffdeff636fb4650bdfa1a52ad11

 ///  File Name:
Test exploit for the server of Chaser versions 1.50 and below.
Author:Luigi Auriemma
Related File:chaser-adv.txt
File Size:6688
Last Modified:Feb 4 00:52:00 2004
MD5 Checksum:ed5fedd4787387bb39fb891b2dd6ff93

 ///  File Name: crobftp.txt
Crob FTP version 2.5.2 is vulnerable to a denial of service attack.
File Size:1867
Last Modified:Feb 13 02:30:00 2004
MD5 Checksum:ad585adfdd66afe795db5c2cf29abe8a

 ///  File Name: crobFTP351.txt
Crob FTP Server version 3.5.1 is susceptible to directory traversal and denial of service attacks.
Author:Zero X
File Size:501
Last Modified:Feb 1 20:13:00 2004
MD5 Checksum:4554432edece35df33f907548aff66f4

 ///  File Name: discuz.txt
A cross site scripting vulnerability exists in Discuz! Board versions 2.x and 3.x.
Author:Cheng Peng Su
File Size:1011
Last Modified:Feb 5 03:02:00 2004
MD5 Checksum:6bb558af3597e1500662e095cfd64fa9

 ///  File Name: ex_servu.c
Serv-U FTPD 3.x/4.x/5.x MDTM remote command buffer overflow exploit. Tested on Windows 2000 and XP.
Author:Sam Chen
File Size:18147
Last Modified:Feb 27 22:56:00 2004
MD5 Checksum:7903957bc2d05d99715a806c19f459b6

 ///  File Name: Flexwatch22.txt
FlexWATCH-Webs versions 2.2 (NTSC) and below suffer from an authorization bypass via double slashes and also a cross site scripting attack.
Author:Rafel Ivgi aka The-Insider
File Size:5366
Last Modified:Feb 24 22:08:00 2004
MD5 Checksum:6619638cf6bb4c0a7ea46a68935cd11c

 ///  File Name: GateKeeper.c
GateKeeper Pro 4.7 on the win32 platform has a buffer overflow vulnerability when processing GET requests. Full remote exploit included. Tested against Microsoft Windows 2000 Pro and Microsoft Windows XP.
File Size:8276
Last Modified:Feb 23 10:42:00 2004
MD5 Checksum:836f01f1e1277e6d256d54485d8c881d

 ///  File Name: invisionPB.txt
Invision Power Board is susceptible to a SQL injection vulnerability in its search.php script.
Author:Knight Commander
File Size:2548
Last Modified:Feb 28 20:44:00 2004
MD5 Checksum:4bf0e8ed50f64846844b14d3696ada14

 ///  File Name: JSinject.txt
There lies a way to inject a javascript url in the history list of Microsoft Internet Explorer causing a cross site/zone scripting attack when the user presses the backbutton. An attacker may use this to read arbitrary cookies/local files and execute programs leading to total system compromise if IE is run as administrator.
Author:Andreas Sandblad
File Size:5199
Last Modified:Feb 4 00:58:00 2004
MD5 Checksum:e4ee8441ecf1fa1800d26656e17ce425

 ///  File Name: lbreakout2-exp.c
lbreakout2 versions 2.4beta-2 and below local exploit.
File Size:3944
Last Modified:Feb 21 23:04:00 2004
MD5 Checksum:e96f9ecfd1f97869642ab94d72b864c9

 ///  File Name: ldaped.c
iMail 8.05 LDAP service remote exploit.
Related File:02.17.04.txt
File Size:7579
Last Modified:Feb 19 22:03:00 2004
MD5 Checksum:35da4d13438508743c37c87b99f0105a

 ///  File Name: MS04-007-dos.c
Remote denial of service exploit that causes a windows machine to reboot by manipulating the ASN.1 vulnerabilities mentioned here.
Author:Christophe Devine
File Size:8863
Last Modified:Feb 13 20:34:00 2004
MD5 Checksum:c4d224486dc37176ce5c2c741b65ac62

 ///  File Name: openjournal2.5.txt
Open Journal Blog versions 2.5 and below lack proper user authentication prior to attempting to add a new user to the system.
Author:Tri Huynh
File Size:2027
Last Modified:Feb 7 02:23:00 2004
MD5 Checksum:0385079a4ca27ac7ecde7c50366cb84d

 ///  File Name: overkill.txt
The game 0verkill is susceptible to multiple buffer overflows. Remote exploit for the client attached.
File Size:8921
Last Modified:Feb 2 11:58:00 2004
MD5 Checksum:f55cc977512e6c5b7e153474bbf6ebcc