Section:  .. / 0403-exploits  /

Page 2 of 3
<< 1 2 3 >> Files 25 - 50 of 61
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: memmansys21.txt
Description:
Input validation holes in Member Management System version 2.1 allow for SQL injection and cross site scripting attacks.
Author:Manuel Lopez
File Size:1885
Last Modified:Mar 23 06:14:00 2004
MD5 Checksum:57a9c2aab1a113f03144a493b0e3fd7a

 ///  File Name: motorolaT720.txt
Description:
Motorola T720 Cellular phones have a vulnerability that cause a denial of service when the phone receives an abnormal amount of IP traffic. Upon receiving the traffic, the phone powers-off when the user attempts to access the network.
Author:Shaun Colley
Homepage:http://www.nettwerked.co.uk
File Size:5054
Last Modified:Mar 2 03:47:00 2004
MD5 Checksum:d3c62248544d92b2ef9ea4bdffd774cc

 ///  File Name: MSWordPW.txt
Description:
Information on how to bypass Password protection on Microsoft Word documents with step by step instructions given.
Author:Andrew Barkley
File Size:1247
Last Modified:Mar 26 02:58:52 2004
MD5 Checksum:b9116e287760862aeda67726ea23b7d0

 ///  File Name: netsupport.txt
Description:
Invision NetSupport School Pro stores passwords in a manner that allows their encryption to be easily reversed. Exploit written in Pascal is included.
Author:spiffomatic 64
File Size:6012
Last Modified:Mar 27 04:01:32 2004
MD5 Checksum:27c12a27a7f8864f85087da894f906ff

 ///  File Name: newsmanlite25.txt
Description:
News Manager Lite 2.5 and News Manager Lite administration suffer from cross site scripting, SQL injection, and cookie hijacking vulnerabilities.
Author:Manuel Lopez
File Size:1968
Last Modified:Mar 23 06:17:00 2004
MD5 Checksum:8b8b4c8b0df0c8fea60819640c5c61a0

 ///  File Name: opera723.txt
Description:
Opera version 7.23 on Linux and Windows is susceptible to a denial of service attack.
Author:d3thstar
Homepage:http://rootthief.com
File Size:1041
Last Modified:Mar 15 20:12:09 2004
MD5 Checksum:614da594c116c9c6a40fde144c8c89e0

 ///  File Name: oseen_shoutcast.c
Description:
SHOUTcast version 1.9.2 remote exploit with connect back code. Written for Slackware 8.1, 9.0, 9.1, and RedHat 7.2.
Author:exworm
Homepage:http://www.oseen.org
File Size:11501
Last Modified:Mar 4 23:57:00 2004
MD5 Checksum:41e90e705c92fbcacf2c7e8d4e80badb

 ///  File Name: Pegasi022.txt
Description:
Pegasi Web Server aka PWS version 0.2.2 is susceptible to cross site scripting and directory traversal attacks due to a lack of input validation.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:2629
Last Modified:Mar 12 02:59:48 2004
MD5 Checksum:e3efa0b9842af7a8049abc169304ca43

 ///  File Name: phorum503.txt
Description:
Cross site scripting vulnerabilities exists in Phorum versions 5.0.3 Beta and below.
Author:JeiAr
File Size:1885
Last Modified:Mar 17 07:57:35 2004
MD5 Checksum:945b7d0d1cd0744b82f57e86647d09ac

 ///  File Name: phpBBXSS206d.txt
Description:
phpBB versions 2.0.6d and below suffer from cross site scripting vulnerabilities.
Author:JeiAr
Homepage:http://www.gulftech.org
File Size:4776
Last Modified:Mar 15 20:06:27 2004
MD5 Checksum:8f141547555e3e8b5843c2166e6132ba

 ///  File Name: phpx324.txt
Description:
PHPX versions 2.x through 3.2.4 fail to create a secure session management engine. A user can obtain a session by simply supplying a uid of the user in which they want to obtain the account from, and as long as their session is in the database, it will allow session hi-jacking to occur. Further-more it is concerning that the session id itself is generated by a simple auto increment field in the MySQL database, making it trivial for an attacker to steal a cookie. Full exploitation included.
Author:Ryan Wray aka HelloWorld
File Size:6448
Last Modified:Mar 17 08:15:34 2004
MD5 Checksum:09ddcbef76dbf1843ea527f95f6e77ed

 ///  File Name: picobof.zip
Description:
Proof of concept exploit for PicoPhone versions 1.63 and below that makes use of a buffer overflow in the logging functionality.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:picophone163.txt
File Size:6072
Last Modified:Mar 24 17:32:00 2004
MD5 Checksum:7b97fc4e9b1b9d51052ae11b7a4d08a8

 ///  File Name: PWebServer033.txt
Description:
PWebServer version 0.3.3 suffers from a directory traversal attack that allows a remote attacker to access any file outside of the webroot.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1951
Last Modified:Mar 9 06:21:00 2004
MD5 Checksum:00405698c916876942c35258726a48b6

 ///  File Name: ragefreeze.zip
Description:
Remote denial of service exploit for The Rage game versions 1.01 and below.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:therage101.txt
File Size:5196
Last Modified:Mar 24 04:02:00 2004
MD5 Checksum:4bf17b3df82c0f6ebc4c73592086592a

 ///  File Name: rfcbof.zip
Description:
Exploit for Red Faction versions 1.20 and below that have a client-side buffer overflow.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:redfaction120.txt
File Size:5410
Last Modified:Mar 5 06:26:22 2004
MD5 Checksum:98f4f1a862da41bdacac4a0f7d24c638

 ///  File Name: smbprintsymlink.txt
Description:
smbprint insecurely writes to files in /tmp allowing for a symbolic link attack. Full details on exploitation included.
Author:Shaun Colley aka shaun2k2
File Size:7843
Last Modified:Mar 19 20:38:00 2004
MD5 Checksum:1a280809a3d52ca67bfea0331f678f8c

 ///  File Name: systrace.txt
Description:
Full detailed analysis and explanation of a systrace vulnerability that exists in various kernels. This problem was silently fixed in the Linux 2.4.24 kernel release without any real acknowledgment to the security community. Full exploit included.
Author:Brad
Homepage:http://www.grsecurity.net
File Size:13946
Last Modified:Mar 27 16:01:00 2004
MD5 Checksum:3ee4b2c23da5f70220f4d222dfec56c8

 ///  File Name: t3cbof.zip
Description:
Remote proof of concept denial of service exploit for Terminator 3 that makes use of a broadcast client buffer overflow.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:terminator3.txt
File Size:6861
Last Modified:Mar 24 06:42:00 2004
MD5 Checksum:a0488bcfc89f8c89bb396b3c7e80cc10

 ///  File Name: trendmicro.txt
Description:
TrendMicro Interscan Viruswall versions 3.5 and below suffer from a directory traversal vulnerability that allow a remote attacker to access any files outside of the web root.
Author:Tri Huynh from SentryUnion
File Size:3366
Last Modified:Mar 24 16:11:00 2004
MD5 Checksum:ec8b6587245cb7d6b0ea630d03b0e0cd

 ///  File Name: unrfs-poc.zip
Description:
Remote exploit for the Unreal game engine for Windows, MacOS, and Linux that makes use of a format string bug. This proof-of-concept is a proxy server able to modify the Unreal packets in real-time allowing the insertion of %n into the class names sent by the client to the server causing the remote crash. Games affected: America's Army, DeusEx, Devastation, Magic Battlegrounds, Mobile Forces, Nerf Arena Blast, Postal 2, Rainbow Six: Raven Shield, Rune, Sephiroth: 3rd episode the Crusade, Star Trek: Klingon Honor Guard, Tactical Ops, TNN Pro Hunter, Unreal 1, Unreal II XMP, Unreal Tournament, Unreal Tournament 2003, Wheel of Time, X-com Enforcer, and XIII.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:unrealEngine.txt
File Size:9404
Last Modified:Mar 11 10:46:50 2004
MD5 Checksum:8ae15e07d05998dbfc95996a84ebc3fc

 ///  File Name: virtuanews103.txt
Description:
VirtuaNews Admin Panel version 1.0.3 Pro is vulnerable to a cross site scripting attack.
Author:Rafel Ivgi aka The-Insider
Homepage:http://theinsider.deep-ice.com
File Size:4206
Last Modified:Mar 5 22:35:46 2004
MD5 Checksum:679b21b883c822881e664b5f21da6993

 ///  File Name: vocaltec8.txt
Description:
VocalTec Gateway version 8 has multiple vulnerabilities. Using an information disclosure vulnerability existant in this server, an attacker can then traverse directories when treating the file as a directory, and gain access to any file normally protected.
Author:Rafel Ivgi aka The-Insider
Homepage:http://theinsider.deep-ice.com
File Size:2633
Last Modified:Mar 16 04:46:46 2004
MD5 Checksum:f9be12534bb4e693002b5793cad94b9e

 ///  File Name: vz-eSignal76.pl
Description:
Remote exploit for eSignal versions 7.6 and 7.5 that downloads and executes a file.
Author:insect
Homepage:http://viziblesoft.com/
Related File:vz012004-esignal7.txt
File Size:3321
Last Modified:Mar 26 02:50:56 2004
MD5 Checksum:6f90cae56696ff993c33b9899191a47e

 ///  File Name: waraxe-2004-SA005.txt
Description:
PHP-Nuke 7.1.0 is susceptibel to multiple cross site scripting attacks.
Author:Janek Vind aka waraxe
File Size:3478
Last Modified:Mar 17 07:43:35 2004
MD5 Checksum:5b9ef9a1588d59a6e090331c3ad524ba

 ///  File Name: waraxe-2004-SA006.txt
Description:
The 4nalbum module for PHP-Nuke versions 6.5 to 7.0 suffers from path disclosure, cross site scripting, remote file inclusion, and SQL injection vulnerabilities.
Author:Janek Vind aka waraxe
File Size:4031
Last Modified:Mar 17 07:46:24 2004
MD5 Checksum:369a410f953e7fff7195f32b0c5adfd7