Section: .. / 0403-exploits /

Page 2 of 3
<< 1 2 3 >> Files 25 - 50 of 61

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	memmansys21.txt
Description:	Input validation holes in Member Management System version 2.1 allow for SQL injection and cross site scripting attacks.
Author:	Manuel Lopez
File Size:	1885
Last Modified:	Mar 23 06:14:00 2004
MD5 Checksum:	57a9c2aab1a113f03144a493b0e3fd7a

/// File Name:	motorolaT720.txt
Description:	Motorola T720 Cellular phones have a vulnerability that cause a denial of service when the phone receives an abnormal amount of IP traffic. Upon receiving the traffic, the phone powers-off when the user attempts to access the network.
Author:	Shaun Colley
Homepage:	http://www.nettwerked.co.uk
File Size:	5054
Last Modified:	Mar 2 03:47:00 2004
MD5 Checksum:	d3c62248544d92b2ef9ea4bdffd774cc

/// File Name:	MSWordPW.txt
Description:	Information on how to bypass Password protection on Microsoft Word documents with step by step instructions given.
Author:	Andrew Barkley
File Size:	1247
Last Modified:	Mar 26 02:58:52 2004
MD5 Checksum:	b9116e287760862aeda67726ea23b7d0

/// File Name:	netsupport.txt
Description:	Invision NetSupport School Pro stores passwords in a manner that allows their encryption to be easily reversed. Exploit written in Pascal is included.
Author:	spiffomatic 64
File Size:	6012
Last Modified:	Mar 27 04:01:32 2004
MD5 Checksum:	27c12a27a7f8864f85087da894f906ff

/// File Name:	newsmanlite25.txt
Description:	News Manager Lite 2.5 and News Manager Lite administration suffer from cross site scripting, SQL injection, and cookie hijacking vulnerabilities.
Author:	Manuel Lopez
File Size:	1968
Last Modified:	Mar 23 06:17:00 2004
MD5 Checksum:	8b8b4c8b0df0c8fea60819640c5c61a0

/// File Name:	opera723.txt
Description:	Opera version 7.23 on Linux and Windows is susceptible to a denial of service attack.
Author:	d3thstar
Homepage:	http://rootthief.com
File Size:	1041
Last Modified:	Mar 15 20:12:09 2004
MD5 Checksum:	614da594c116c9c6a40fde144c8c89e0

/// File Name:	oseen_shoutcast.c
Description:	SHOUTcast version 1.9.2 remote exploit with connect back code. Written for Slackware 8.1, 9.0, 9.1, and RedHat 7.2.
Author:	exworm
Homepage:	http://www.oseen.org
File Size:	11501
Last Modified:	Mar 4 23:57:00 2004
MD5 Checksum:	41e90e705c92fbcacf2c7e8d4e80badb

/// File Name:	Pegasi022.txt
Description:	Pegasi Web Server aka PWS version 0.2.2 is susceptible to cross site scripting and directory traversal attacks due to a lack of input validation.
Author:	Donato Ferrante
Homepage:	http://www.autistici.org/fdonato
File Size:	2629
Last Modified:	Mar 12 02:59:48 2004
MD5 Checksum:	e3efa0b9842af7a8049abc169304ca43

/// File Name:	phorum503.txt
Description:	Cross site scripting vulnerabilities exists in Phorum versions 5.0.3 Beta and below.
Author:	JeiAr
File Size:	1885
Last Modified:	Mar 17 07:57:35 2004
MD5 Checksum:	945b7d0d1cd0744b82f57e86647d09ac

/// File Name:	phpBBXSS206d.txt
Description:	phpBB versions 2.0.6d and below suffer from cross site scripting vulnerabilities.
Author:	JeiAr
Homepage:	http://www.gulftech.org
File Size:	4776
Last Modified:	Mar 15 20:06:27 2004
MD5 Checksum:	8f141547555e3e8b5843c2166e6132ba

/// File Name:	phpx324.txt
Description:	PHPX versions 2.x through 3.2.4 fail to create a secure session management engine. A user can obtain a session by simply supplying a uid of the user in which they want to obtain the account from, and as long as their session is in the database, it will allow session hi-jacking to occur. Further-more it is concerning that the session id itself is generated by a simple auto increment field in the MySQL database, making it trivial for an attacker to steal a cookie. Full exploitation included.
Author:	Ryan Wray aka HelloWorld
File Size:	6448
Last Modified:	Mar 17 08:15:34 2004
MD5 Checksum:	09ddcbef76dbf1843ea527f95f6e77ed

/// File Name:	picobof.zip
Description:	Proof of concept exploit for PicoPhone versions 1.63 and below that makes use of a buffer overflow in the logging functionality.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	picophone163.txt
File Size:	6072
Last Modified:	Mar 24 17:32:00 2004
MD5 Checksum:	7b97fc4e9b1b9d51052ae11b7a4d08a8

/// File Name:	PWebServer033.txt
Description:	PWebServer version 0.3.3 suffers from a directory traversal attack that allows a remote attacker to access any file outside of the webroot.
Author:	Donato Ferrante
Homepage:	http://www.autistici.org/fdonato
File Size:	1951
Last Modified:	Mar 9 06:21:00 2004
MD5 Checksum:	00405698c916876942c35258726a48b6

/// File Name:	ragefreeze.zip
Description:	Remote denial of service exploit for The Rage game versions 1.01 and below.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	therage101.txt
File Size:	5196
Last Modified:	Mar 24 04:02:00 2004
MD5 Checksum:	4bf17b3df82c0f6ebc4c73592086592a

/// File Name:	rfcbof.zip
Description:	Exploit for Red Faction versions 1.20 and below that have a client-side buffer overflow.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	redfaction120.txt
File Size:	5410
Last Modified:	Mar 5 06:26:22 2004
MD5 Checksum:	98f4f1a862da41bdacac4a0f7d24c638

/// File Name:	smbprintsymlink.txt
Description:	smbprint insecurely writes to files in /tmp allowing for a symbolic link attack. Full details on exploitation included.
Author:	Shaun Colley aka shaun2k2
File Size:	7843
Last Modified:	Mar 19 20:38:00 2004
MD5 Checksum:	1a280809a3d52ca67bfea0331f678f8c

/// File Name:	systrace.txt
Description:	Full detailed analysis and explanation of a systrace vulnerability that exists in various kernels. This problem was silently fixed in the Linux 2.4.24 kernel release without any real acknowledgment to the security community. Full exploit included.
Author:	Brad
Homepage:	http://www.grsecurity.net
File Size:	13946
Last Modified:	Mar 27 16:01:00 2004
MD5 Checksum:	3ee4b2c23da5f70220f4d222dfec56c8

/// File Name:	t3cbof.zip
Description:	Remote proof of concept denial of service exploit for Terminator 3 that makes use of a broadcast client buffer overflow.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	terminator3.txt
File Size:	6861
Last Modified:	Mar 24 06:42:00 2004
MD5 Checksum:	a0488bcfc89f8c89bb396b3c7e80cc10

/// File Name:	trendmicro.txt
Description:	TrendMicro Interscan Viruswall versions 3.5 and below suffer from a directory traversal vulnerability that allow a remote attacker to access any files outside of the web root.
Author:	Tri Huynh from SentryUnion
File Size:	3366
Last Modified:	Mar 24 16:11:00 2004
MD5 Checksum:	ec8b6587245cb7d6b0ea630d03b0e0cd

/// File Name:	unrfs-poc.zip
Description:	Remote exploit for the Unreal game engine for Windows, MacOS, and Linux that makes use of a format string bug. This proof-of-concept is a proxy server able to modify the Unreal packets in real-time allowing the insertion of %n into the class names sent by the client to the server causing the remote crash. Games affected: America's Army, DeusEx, Devastation, Magic Battlegrounds, Mobile Forces, Nerf Arena Blast, Postal 2, Rainbow Six: Raven Shield, Rune, Sephiroth: 3rd episode the Crusade, Star Trek: Klingon Honor Guard, Tactical Ops, TNN Pro Hunter, Unreal 1, Unreal II XMP, Unreal Tournament, Unreal Tournament 2003, Wheel of Time, X-com Enforcer, and XIII.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	unrealEngine.txt
File Size:	9404
Last Modified:	Mar 11 10:46:50 2004
MD5 Checksum:	8ae15e07d05998dbfc95996a84ebc3fc

/// File Name:	virtuanews103.txt
Description:	VirtuaNews Admin Panel version 1.0.3 Pro is vulnerable to a cross site scripting attack.
Author:	Rafel Ivgi aka The-Insider
Homepage:	http://theinsider.deep-ice.com
File Size:	4206
Last Modified:	Mar 5 22:35:46 2004
MD5 Checksum:	679b21b883c822881e664b5f21da6993

/// File Name:	vocaltec8.txt
Description:	VocalTec Gateway version 8 has multiple vulnerabilities. Using an information disclosure vulnerability existant in this server, an attacker can then traverse directories when treating the file as a directory, and gain access to any file normally protected.
Author:	Rafel Ivgi aka The-Insider
Homepage:	http://theinsider.deep-ice.com
File Size:	2633
Last Modified:	Mar 16 04:46:46 2004
MD5 Checksum:	f9be12534bb4e693002b5793cad94b9e

/// File Name:	vz-eSignal76.pl
Description:	Remote exploit for eSignal versions 7.6 and 7.5 that downloads and executes a file.
Author:	insect
Homepage:	http://viziblesoft.com/
Related File:	vz012004-esignal7.txt
File Size:	3321
Last Modified:	Mar 26 02:50:56 2004
MD5 Checksum:	6f90cae56696ff993c33b9899191a47e

/// File Name:	waraxe-2004-SA005.txt
Description:	PHP-Nuke 7.1.0 is susceptibel to multiple cross site scripting attacks.
Author:	Janek Vind aka waraxe
File Size:	3478
Last Modified:	Mar 17 07:43:35 2004
MD5 Checksum:	5b9ef9a1588d59a6e090331c3ad524ba

/// File Name:	waraxe-2004-SA006.txt
Description:	The 4nalbum module for PHP-Nuke versions 6.5 to 7.0 suffers from path disclosure, cross site scripting, remote file inclusion, and SQL injection vulnerabilities.
Author:	Janek Vind aka waraxe
File Size:	4031
Last Modified:	Mar 17 07:46:24 2004
MD5 Checksum:	369a410f953e7fff7195f32b0c5adfd7