Section: .. / 0403-exploits /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 61

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	0403-exploits.tgz
Description:	Packet Storm new exploits for March, 2004.
File Size:	193924
Last Modified:	May 4 07:01:31 2004
MD5 Checksum:	4e97d41068bbd2b4d4ff013e93caa7d6

/// File Name:	wilco.zip
Description:	A testing tool for RogerWilco versions 1.4.1.6 and below and RogerWilco Base Station versions 0.30a that suffer from multiple bugs.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	rogerwilco2.txt
File Size:	17405
Last Modified:	Mar 31 20:12:00 2004
MD5 Checksum:	597c92720fd3a472c793309702812662

/// File Name:	ieBad.txt
Description:	Good write up discussing how Microsoft has yet again dropped the ball on patching another Internet Explorer vulnerability, where using forms can allow an attacker to spoof a fake destination to the user.
Homepage:	http://www.malware.com
File Size:	2884
Last Modified:	Mar 31 18:04:00 2004
MD5 Checksum:	680d3103b8fc6fe4567af0e44af3bcff

/// File Name:	Adv-20040331.txt
Description:	S-Quadra Advisory #2004-03-31 - CactuShop shopping cart versions 5.x suffer from a SQL injection attack that allows for remote code execution via the MS SQL xp_cmdshell function. They also have a cross site scripting vulnerability.
Author:	Nick Gudov
Homepage:	http://www.s-quadra.com/advisories/Adv-20040331.txt
File Size:	3894
Last Modified:	Mar 31 16:13:00 2004
MD5 Checksum:	c25653ec903f60f19045dd7037a0d269

/// File Name:	acartSQL.txt
Description:	A-CART Pro and A-CART 2.0 suffer from input validation holes that allow for SQL injection and cross site scripting attacks. Full exploitation demonstrated.
Author:	Manuel Lopez
File Size:	1383
Last Modified:	Mar 29 14:30:00 2004
MD5 Checksum:	29824b591dd5a64c7391bc7c93eb6352

/// File Name:	cloisterblog.txt
Description:	Cloisterblog version 1.2.2 does not perform proper parameter auditing derived from user inputs allowing for multiple XSS issues and also directory traversal attacks.
Author:	Dotho
Homepage:	http://Badcode.org
File Size:	1580
Last Modified:	Mar 28 17:52:00 2004
MD5 Checksum:	7d4a338db045679b418dfb1eaef9fe87

/// File Name:	557iss_pam_exp.c
Description:	RealSecure / BlackICE iss_pam1.dll remote overflow exploit.
Author:	Sam Chen
Related File:	eEye.iss.txt
File Size:	9062
Last Modified:	Mar 28 08:55:00 2004
MD5 Checksum:	0ddc8c39ea4432b2ec4fc6a8f5d6ea4d

/// File Name:	ethereal.igap.c
Description:	Ethereal IGAP Dissector Message overflow remote root exploit that spawns a shell on port 31337. Makes use of the vulnerability that exists between versions 0.10.0 to 0.10.2. Tested under Gentoo and RedHat 8.
Author:	Nilanjan De, Abhisek Datta
Homepage:	http://www.eos-india.net
File Size:	11753
Last Modified:	Mar 28 07:10:00 2004
MD5 Checksum:	42e9f9dc28e6c773c9816a77b3bff6b0

/// File Name:	systrace.txt
Description:	Full detailed analysis and explanation of a systrace vulnerability that exists in various kernels. This problem was silently fixed in the Linux 2.4.24 kernel release without any real acknowledgment to the security community. Full exploit included.
Author:	Brad
Homepage:	http://www.grsecurity.net
File Size:	13946
Last Modified:	Mar 27 16:01:00 2004
MD5 Checksum:	3ee4b2c23da5f70220f4d222dfec56c8

/// File Name:	waraxe-2004-SA013.txt
Description:	A SQL injection vulnerability in PHPBB versions 2.0.8 and below allows an attacker the ability to extract the administrator password hash.
Author:	Janek Vind aka waraxe
File Size:	7003
Last Modified:	Mar 27 04:08:29 2004
MD5 Checksum:	c316b4db1e73a0dca9df33134cbd779e

/// File Name:	waraxe-2004-SA012.txt
Description:	Multiple SQL injection and cross site scripting vulnerabilities lie in XMB 1.8 Partagium SP3 and 1.9 Nexus Beta. Full exploitation syntax given.
Author:	Janek Vind aka waraxe
File Size:	6863
Last Modified:	Mar 27 04:04:34 2004
MD5 Checksum:	9d1f6f6943811ac0c1887925ea3d441c

/// File Name:	netsupport.txt
Description:	Invision NetSupport School Pro stores passwords in a manner that allows their encryption to be easily reversed. Exploit written in Pascal is included.
Author:	spiffomatic 64
File Size:	6012
Last Modified:	Mar 27 04:01:32 2004
MD5 Checksum:	27c12a27a7f8864f85087da894f906ff

/// File Name:	MSWordPW.txt
Description:	Information on how to bypass Password protection on Microsoft Word documents with step by step instructions given.
Author:	Andrew Barkley
File Size:	1247
Last Modified:	Mar 26 02:58:52 2004
MD5 Checksum:	b9116e287760862aeda67726ea23b7d0

/// File Name:	ethboom.zip
Description:	Remote proof of concept exploit for Etherlords I versions 1.07 and below and Etherlords II versions 1.03 and below that causes a crash.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	etherlords.txt
File Size:	5936
Last Modified:	Mar 26 02:57:15 2004
MD5 Checksum:	a9be70bea9c44b71fe18cb74a9439389

/// File Name:	vz-eSignal76.pl
Description:	Remote exploit for eSignal versions 7.6 and 7.5 that downloads and executes a file.
Author:	insect
Homepage:	http://viziblesoft.com/
Related File:	vz012004-esignal7.txt
File Size:	3321
Last Modified:	Mar 26 02:50:56 2004
MD5 Checksum:	6f90cae56696ff993c33b9899191a47e

/// File Name:	hpjadmadv.txt
Description:	HP Web JetAdmin Version 7.5.2546 has multiple vulnerables. They include denial of service, the ability to upload any file to the server, the ability to write to any file on the filesystem, and the ability to read any file via a directory traversal attack.
Author:	wirepair
File Size:	5251
Last Modified:	Mar 24 20:38:00 2004
MD5 Checksum:	e6f0dc1235b0d0236d656ada61472d58

/// File Name:	picobof.zip
Description:	Proof of concept exploit for PicoPhone versions 1.63 and below that makes use of a buffer overflow in the logging functionality.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	picophone163.txt
File Size:	6072
Last Modified:	Mar 24 17:32:00 2004
MD5 Checksum:	7b97fc4e9b1b9d51052ae11b7a4d08a8

/// File Name:	trendmicro.txt
Description:	TrendMicro Interscan Viruswall versions 3.5 and below suffer from a directory traversal vulnerability that allow a remote attacker to access any files outside of the web root.
Author:	Tri Huynh from SentryUnion
File Size:	3366
Last Modified:	Mar 24 16:11:00 2004
MD5 Checksum:	ec8b6587245cb7d6b0ea630d03b0e0cd

/// File Name:	t3cbof.zip
Description:	Remote proof of concept denial of service exploit for Terminator 3 that makes use of a broadcast client buffer overflow.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	terminator3.txt
File Size:	6861
Last Modified:	Mar 24 06:42:00 2004
MD5 Checksum:	a0488bcfc89f8c89bb396b3c7e80cc10

/// File Name:	ragefreeze.zip
Description:	Remote denial of service exploit for The Rage game versions 1.01 and below.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	therage101.txt
File Size:	5196
Last Modified:	Mar 24 04:02:00 2004
MD5 Checksum:	4bf17b3df82c0f6ebc4c73592086592a

/// File Name:	wsftp402eval3.txt
Description:	Ipswitch WS_FTP server version 4.0.2.EVAL allows for a local attacker with program execution privileges to run anything with SYSTEM privileges. Full step-by-step exploitation given.
Author:	Hugh Mann
File Size:	3565
Last Modified:	Mar 23 16:55:00 2004
MD5 Checksum:	04e6d24da1e0cdf233c5fa31d7cbe6b8

/// File Name:	xp_ws_ftp_server.zip
Description:	Remote exploit for Ipswitch WS_FTP server version 4.0.2.EVAL that makes use of a buffer overflow in the STAT command.
Author:	Hugh Mann
Related File:	wsftp402eval.txt
File Size:	8559
Last Modified:	Mar 23 16:38:00 2004
MD5 Checksum:	757ff118a5513e54d7deee4651b08175

/// File Name:	newsmanlite25.txt
Description:	News Manager Lite 2.5 and News Manager Lite administration suffer from cross site scripting, SQL injection, and cookie hijacking vulnerabilities.
Author:	Manuel Lopez
File Size:	1968
Last Modified:	Mar 23 06:17:00 2004
MD5 Checksum:	8b8b4c8b0df0c8fea60819640c5c61a0

/// File Name:	memmansys21.txt
Description:	Input validation holes in Member Management System version 2.1 allow for SQL injection and cross site scripting attacks.
Author:	Manuel Lopez
File Size:	1885
Last Modified:	Mar 23 06:14:00 2004
MD5 Checksum:	57a9c2aab1a113f03144a493b0e3fd7a

/// File Name:	xwebTraversal10.txt
Description:	xweb version 1.0 is susceptible to a directory traversal attack that allows viewing of files outside of the web root.
Author:	Donato Ferrante
Homepage:	http://www.autistici.org/fdonato
File Size:	1844
Last Modified:	Mar 22 21:55:00 2004
MD5 Checksum:	ce444d06c99e6df9b102954f96b37bc4