Section:  .. / 0403-exploits  /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 61
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: 0403-exploits.tgz
Description:
Packet Storm new exploits for March, 2004.
File Size:193924
Last Modified:May 4 07:01:31 2004
MD5 Checksum:4e97d41068bbd2b4d4ff013e93caa7d6

 ///  File Name: 557iss_pam_exp.c
Description:
RealSecure / BlackICE iss_pam1.dll remote overflow exploit.
Author:Sam Chen
Related File:eEye.iss.txt
File Size:9062
Last Modified:Mar 28 08:55:00 2004
MD5 Checksum:0ddc8c39ea4432b2ec4fc6a8f5d6ea4d

 ///  File Name: acartSQL.txt
Description:
A-CART Pro and A-CART 2.0 suffer from input validation holes that allow for SQL injection and cross site scripting attacks. Full exploitation demonstrated.
Author:Manuel Lopez
File Size:1383
Last Modified:Mar 29 14:30:00 2004
MD5 Checksum:29824b591dd5a64c7391bc7c93eb6352

 ///  File Name: Adv-20040331.txt
Description:
S-Quadra Advisory #2004-03-31 - CactuShop shopping cart versions 5.x suffer from a SQL injection attack that allows for remote code execution via the MS SQL xp_cmdshell function. They also have a cross site scripting vulnerability.
Author:Nick Gudov
Homepage:http://www.s-quadra.com/advisories/Adv-20040331.txt
File Size:3894
Last Modified:Mar 31 16:13:00 2004
MD5 Checksum:c25653ec903f60f19045dd7037a0d269

 ///  File Name: anubis-crasher.pl
Description:
Remote exploit that makes use of a buffer overflow in GNU Anubis. Vulnerable versions: 3.6.2, 3.9.93, 3.9.92, 3.6.0, 3.6.1, possibly others.
Author:Ulf H?rnhammar
Related File:anubisAdv.txt
File Size:1073
Last Modified:Mar 5 06:08:58 2004
MD5 Checksum:7b03c09e98cae7bd3e89e751b5f4e983

 ///  File Name: anubisexp.c
Description:
Remote root exploit for GNU Anubis 3.6.2.
Author:CMN
Related File:anubisAdv.txt
File Size:17513
Last Modified:Mar 11 02:48:33 2004
MD5 Checksum:b1bb97db6413d3510250b9eed760455f

 ///  File Name: battlemagy.zip
Description:
Exploit for testing a specific server to see if it is susceptible to a denial of service vulnerability found in Battle Mages versions 1.0 for Windows.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:battlemages-adv.txt
File Size:5426
Last Modified:Mar 12 02:44:24 2004
MD5 Checksum:2779f53ca1344fd9a08b5f551bb0f38c

 ///  File Name: chromeboom.zip
Description:
Remote exploit that causes a server crash in Chrome versions 1.2.0.0 and below.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:chrome1200.txt
File Size:5882
Last Modified:Mar 19 17:46:00 2004
MD5 Checksum:e3db592b13f93de2362dcaac5b365292

 ///  File Name: cloisterblog.txt
Description:
Cloisterblog version 1.2.2 does not perform proper parameter auditing derived from user inputs allowing for multiple XSS issues and also directory traversal attacks.
Author:Dotho
Homepage:http://Badcode.org
File Size:1580
Last Modified:Mar 28 17:52:00 2004
MD5 Checksum:7d4a338db045679b418dfb1eaef9fe87

 ///  File Name: cpanelroot.txt
Description:
When trying to change a user password in Cpanel 8.x.x, it is possible to execute commands as root. Exploitation included.
Author:Arab VieruZ
File Size:455
Last Modified:Mar 12 02:51:50 2004
MD5 Checksum:f2839f547ba7c9b3167b5fc8fe293edd

 ///  File Name: crafty.zip
Description:
Local exploit for the Crafty game versions 19.3 and below that makes use of a buffer overflow vulnerability. Tested on Red Hat 9.0 and Slackware 8.0.
Author:Angelo Rosiello
Homepage:http://www.rosiello.org/
File Size:1339
Last Modified:Mar 17 08:03:59 2004
MD5 Checksum:7f2d5cf53e82ee02aedd5cd104c2625b

 ///  File Name: ethboom.zip
Description:
Remote proof of concept exploit for Etherlords I versions 1.07 and below and Etherlords II versions 1.03 and below that causes a crash.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:etherlords.txt
File Size:5936
Last Modified:Mar 26 02:57:15 2004
MD5 Checksum:a9be70bea9c44b71fe18cb74a9439389

 ///  File Name: ethereal.igap.c
Description:
Ethereal IGAP Dissector Message overflow remote root exploit that spawns a shell on port 31337. Makes use of the vulnerability that exists between versions 0.10.0 to 0.10.2. Tested under Gentoo and RedHat 8.
Author:Nilanjan De, Abhisek Datta
Homepage:http://www.eos-india.net
File Size:11753
Last Modified:Mar 28 07:10:00 2004
MD5 Checksum:42e9f9dc28e6c773c9816a77b3bff6b0

 ///  File Name: eudora603.pl
Description:
Exploit that performs an attachment spoofing demo for Eudora versions 6.0.3 and below.
Author:Paul Szabo
Homepage:http://www.maths.usyd.edu.au:8000/u/psz/
File Size:6838
Last Modified:Mar 19 18:32:00 2004
MD5 Checksum:96bdd0de3dd57cdfc53b48e97769538e

 ///  File Name: gwebTraversal.txt
Description:
GWeb HTTP server version 0.6 is susceptible to a directory traversal bug that allows remote attackers to access files outside of the webroot.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:2585
Last Modified:Mar 3 21:45:00 2004
MD5 Checksum:bc5882614a2a4eb87319badebaab8f69

 ///  File Name: hgmcrash.zip
Description:
Haegemonia version 1.07 and below denial of service exploit. Updated to support the other games from Desert Rats that are not even released yet but hold the same vulnerability.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:haegemonia.txt
File Size:5773
Last Modified:Mar 5 22:39:32 2004
MD5 Checksum:d93635be8f5f91eedf718a6f9f27e8df

 ///  File Name: hpjadmadv.txt
Description:
HP Web JetAdmin Version 7.5.2546 has multiple vulnerables. They include denial of service, the ability to upload any file to the server, the ability to write to any file on the filesystem, and the ability to read any file via a directory traversal attack.
Author:wirepair
File Size:5251
Last Modified:Mar 24 20:38:00 2004
MD5 Checksum:e6f0dc1235b0d0236d656ada61472d58

 ///  File Name: ieBad.txt
Description:
Good write up discussing how Microsoft has yet again dropped the ball on patching another Internet Explorer vulnerability, where using forms can allow an attacker to spoof a fake destination to the user.
Homepage:http://www.malware.com
File Size:2884
Last Modified:Mar 31 18:04:00 2004
MD5 Checksum:680d3103b8fc6fe4567af0e44af3bcff

 ///  File Name: invision101PSsql.txt
Description:
Invision Gallery version 1.0.1 fails to properly validate user supplied input allowing for various SQL injection attacks.
Author:JeiAr
Homepage:http://www.gulftech.org
File Size:3318
Last Modified:Mar 22 18:21:00 2004
MD5 Checksum:c0d1a2d6ef28b6bda7f843d1e973fada

 ///  File Name: invision13.txt
Description:
Invision Power Board versions 1.3 Final is susceptible to a cross site scripting attack.
Author:Rafel Ivgi aka The-Insider
Homepage:http://theinsider.deep-ice.com
File Size:3582
Last Modified:Mar 5 22:36:48 2004
MD5 Checksum:e1d2c462314e0f2e7511cbf50dee4767

 ///  File Name: invisionPTSL11.txt
Description:
Invision Power Top Site List versions 1.1 and below are susceptible to a SQL injection attack.
Author:JeiAr
Homepage:http://www.gulftech.org
File Size:1941
Last Modified:Mar 22 18:23:00 2004
MD5 Checksum:89cc01772ab29a9573a722ab0fff2aa0

 ///  File Name: isec-0014-mremap-unmap.v2.txt
Description:
A critical security vulnerability has been found in the Linux kernel memory management code inside the mremap(2) system call due to missing function return value check. This bug is completely unrelated to the mremap bug disclosed on 05-01-2004 except concerning the same internal kernel function code. Versions affected: 2.2 up to 2.2.25, 2.4 up to 2.4.24, 2.6 up to 2.6.2.
Author:Paul Starzetz
Homepage:http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt
File Size:19646
Related CVE(s):CAN-2004-0077
Last Modified:Mar 2 03:45:00 2004
MD5 Checksum:34d9a30a4201cb1cd237f1d56c8aed20

 ///  File Name: jelsoftvb.txt
Description:
Jelsoft vBulletin 3.0.0 RC4 and other releases and susceptible to cross site scripting attacks.
Author:JeiAr
Homepage:http://www.gulftech.org
File Size:1777
Last Modified:Mar 17 08:05:44 2004
MD5 Checksum:4f83992e161d1ddf246913f0c9010c4a

 ///  File Name: mambo45.txt
Description:
The Mambo Open Source web content management system version 4.5 stable 1.0.3 and earlier suffers from multiple vulnerabilities including cross site scripting, SQL injection, and query tampering.
Author:JeiAr
Homepage:http://www.gulftech.org/
File Size:3435
Last Modified:Mar 17 08:08:55 2004
MD5 Checksum:ec2f492becbcac7c65ef593029606aa8

 ///  File Name: mdaemon-exploit.c
Description:
Remote exploit for MDaemon Mail Server versions 6.52 to 6.85 that makes use of a buffer overflow in its raw message handler. This exploit has only been tested on Windows XP Home and Pro Edition (Dutch) SP1.
Author:Angelo Rosiello
Homepage:http://www.rosiello.org
Related File:mdaemon-raw.txt
File Size:12476
Last Modified:Mar 16 04:31:17 2004
MD5 Checksum:fff65d681162d5d7b7043edf21a4173e