Section:  .. / 0402-exploits  /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 54
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: 0402-exploits.tgz
Description:
Packet Storm new exploits for February, 2004.
File Size:118379
Last Modified:Mar 4 06:32:17 2004
MD5 Checksum:5a6ec2112ecac27ef985e10b59d352b6

 ///  File Name: SCSA027.txt
Description:
Security Corporation Security Advisory [SCSA-027]: PHP-Nuke versions 6.9 and below are vulnerable to multiple SQL injection attacks.
Author:Germain Randaxhe aka frog-man
Homepage:http://www.phpsecure.info
File Size:23461
Last Modified:Feb 1 20:18:00 2004
MD5 Checksum:9ff89c232b48b567a2f69407dca3fe86

 ///  File Name: Servu2.c
Description:
Serv-U FTPD 2.x/3.x/4.x/5.x MDTM remote command buffer overflow exploit. Tested against Windows 2000 and XP en/cn.
Author:lion
Homepage:http://www.cnhonker.com
File Size:21756
Last Modified:Mar 5 00:01:29 2004
MD5 Checksum:165ec4a880bb84cadb7b7e5c666a355e

 ///  File Name: xploit_dbg.cpp.txt
Description:
Exploit that tests for several vulnerabilities in one of Windows XP kernel's native API functions.
Author:randnut
Related File:XPkern.txt
File Size:21345
Last Modified:Feb 19 05:53:00 2004
MD5 Checksum:079419668499d82b300edc4f4676390a

 ///  File Name: ex_servu.c
Description:
Serv-U FTPD 3.x/4.x/5.x MDTM remote command buffer overflow exploit. Tested on Windows 2000 and XP.
Author:Sam Chen
Homepage:http://0x557.org
File Size:18147
Last Modified:Feb 27 22:56:00 2004
MD5 Checksum:7903957bc2d05d99715a806c19f459b6

 ///  File Name: PSOProxy-exp.c
Description:
Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91.
Author:Li0n7
Related File:PSOProxy091.txt
File Size:9393
Last Modified:Feb 21 22:28:00 2004
MD5 Checksum:e53c88be294dc587edb95c99e12d1794

 ///  File Name: overkill.txt
Description:
The game 0verkill is susceptible to multiple buffer overflows. Remote exploit for the client attached.
Author:pi3
Homepage:http://www.pi3.int.pl
File Size:8921
Last Modified:Feb 2 11:58:00 2004
MD5 Checksum:f55cc977512e6c5b7e153474bbf6ebcc

 ///  File Name: MS04-007-dos.c
Description:
Remote denial of service exploit that causes a windows machine to reboot by manipulating the ASN.1 vulnerabilities mentioned here.
Author:Christophe Devine
Homepage:http://linuxfromscratch.org/~devine/
File Size:8863
Last Modified:Feb 13 20:34:00 2004
MD5 Checksum:c4d224486dc37176ce5c2c741b65ac62

 ///  File Name: GateKeeper.c
Description:
GateKeeper Pro 4.7 on the win32 platform has a buffer overflow vulnerability when processing GET requests. Full remote exploit included. Tested against Microsoft Windows 2000 Pro and Microsoft Windows XP.
Author:kralor
Homepage:http://www.coromputer.net
File Size:8276
Last Modified:Feb 23 10:42:00 2004
MD5 Checksum:836f01f1e1277e6d256d54485d8c881d

 ///  File Name: ldaped.c
Description:
iMail 8.05 LDAP service remote exploit.
Author:kralor
Homepage:http://www.coromputer.net
Related File:02.17.04.txt
File Size:7579
Last Modified:Feb 19 22:03:00 2004
MD5 Checksum:35da4d13438508743c37c87b99f0105a

 ///  File Name: psoproxy-exploit.c
Description:
Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91. This version support the following operating systems: Windows XP Home Edtion SP1, Windows XP Pro Edtion SP1, Win2k Pro Edtion.
Author:rave
Homepage:http://www.rosiello.org/
Related File:PSOProxy091.txt
File Size:7462
Last Modified:Feb 25 19:34:00 2004
MD5 Checksum:4320054933d5ea571c771b6234c91d9f

 ///  File Name: chaser-client.zip
Description:
Test exploit for the client of Chaser versions 1.50 and below.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org/
Related File:chaser-adv.txt
File Size:7256
Last Modified:Feb 4 00:51:00 2004
MD5 Checksum:970d0ffdeff636fb4650bdfa1a52ad11

 ///  File Name: sp-advisory-x10.txt
Description:
A specifically crafted HTTP GET request which contains over 4096 bytes of data will cause the KarjaSoft Sami HTTP server to crash. Versions affected: 1.0.4, possibly earlier versions as well.
Author:badpack3t
Homepage:http://www.security-protocols.com/
File Size:7104
Last Modified:Feb 17 10:41:00 2004
MD5 Checksum:24ad3e59488c6e1c7b36852ccc7160d5

 ///  File Name: chasercrash.zip
Description:
Test exploit for the server of Chaser versions 1.50 and below.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org/
Related File:chaser-adv.txt
File Size:6688
Last Modified:Feb 4 00:52:00 2004
MD5 Checksum:ed5fedd4787387bb39fb891b2dd6ff93

 ///  File Name: waraxe-2004-SA004.txt
Description:
Extreme Messageboard aka XMB version 1.8 Partagium Final SP2 is vulnerable to multiple SQL injection and cross site scripting attacks.
Author:Janek Vind aka waraxe
File Size:5807
Last Modified:Feb 24 03:04:00 2004
MD5 Checksum:5381c5e782a35b2bee530ecab38cd3d0

 ///  File Name: PalmOShttpd.txt
Description:
A bug exists in the PalmOS httpd that causes a crash with a "Fatal Error". Full exploit included.
Author:Shaun Colley
File Size:5395
Last Modified:Feb 9 01:45:00 2004
MD5 Checksum:d4107b9c6ccb49a41047c8f89123d551

 ///  File Name: Flexwatch22.txt
Description:
FlexWATCH-Webs versions 2.2 (NTSC) and below suffer from an authorization bypass via double slashes and also a cross site scripting attack.
Author:Rafel Ivgi aka The-Insider
Homepage:http://theinsider.deep-ice.com
File Size:5366
Last Modified:Feb 24 22:08:00 2004
MD5 Checksum:6619638cf6bb4c0a7ea46a68935cd11c

 ///  File Name: Adv-20040216.txt
Description:
S-Quadra Advisory #2004-02-16 - EarlyImpact ProductCart shopping cart software incorrectly makes use of cryptography, is susceptible to a cross site scripting attack, and allows for SQL injection attacks as well.
Author:Nick Gudov
Homepage:http://www.s-quadra.com/advisories/Adv-20040216.txt
File Size:5213
Last Modified:Feb 18 20:15:00 2004
MD5 Checksum:90a560aa4703caff2202e2ae473c2775

 ///  File Name: JSinject.txt
Description:
There lies a way to inject a javascript url in the history list of Microsoft Internet Explorer causing a cross site/zone scripting attack when the user presses the backbutton. An attacker may use this to read arbitrary cookies/local files and execute programs leading to total system compromise if IE is run as administrator.
Author:Andreas Sandblad
File Size:5199
Last Modified:Feb 4 00:58:00 2004
MD5 Checksum:e4ee8441ecf1fa1800d26656e17ce425

 ///  File Name: PSOProxy.c
Description:
Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91.
Author:kralor
Homepage:http://www.coromputer.net
Related File:PSOProxy091.txt
File Size:5172
Last Modified:Feb 20 20:03:00 2004
MD5 Checksum:c85dc711e0b38c316b08320377cb861d

 ///  File Name: rsync_local.c
Description:
Local exploit for rsync 2.5.7 and below. Note: This exploit only escalates privileges if rsync is setuid, which it is not by default.
Author:abhisek
File Size:4732
Last Modified:Feb 17 12:12:00 2004
MD5 Checksum:2ca496c30d884f9a8056a7c610d79704

 ///  File Name: xp_wftpd.zip
Description:
Exploit for WFTPD server versions 3.1 through 3.21 and Pro server versions 3.2x that makes use of a stack based buffer overflow.
Author:axl
Related File:wftpdBO.txt
File Size:4659
Last Modified:Feb 29 03:27:00 2004
MD5 Checksum:bc94e7e71e7b442584f9675f5e32d3db

 ///  File Name: serv-u-mdtm-expl.c
Description:
Remote denial of service exploit that makes use of a command buffer overrun in Serv-U MDTM versions 5.0.0.4 and below.
Author:shaun2k2
Related File:servU.MDTM.txt
File Size:4075
Last Modified:Feb 26 21:01:00 2004
MD5 Checksum:0c41ebf259b8390d059a70d948948051

 ///  File Name: Adv-20040218.txt
Description:
S-Quadra Advisory #2004-02-18 - WebCortex Webstores2000 version 6.0 has a SQL injection vulnerability that allows a remote attacker to add an administrative account and it also has a cross site scripting flaw.
Author:Nick Gudov
Homepage:http://www.s-quadra.com/advisories/Adv-20040218.txt
File Size:4017
Last Modified:Feb 18 22:08:00 2004
MD5 Checksum:09cc5ad6ab60c00eb917ba1e2d21b989

 ///  File Name: ASPportal.txt
Description:
ASP Portal suffers from multiple vulnerabilities that can lead to disclosure of authentication information, disclosure of user information, execution of arbitrary code remotely, modification of user information, and identity spoofing. Cookie hijacking exploit enclosed.
Author:Manuel L�pez
File Size:4017
Last Modified:Feb 13 20:37:00 2004
MD5 Checksum:14936acecce7c07a79157f22ad67b49c