Section: .. / 0404-exploits /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 50

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	0404-exploits.tgz
Description:	Packet Storm new exploits for April, 2004.
File Size:	136096
Last Modified:	Jan 2 22:01:29 2005
MD5 Checksum:	85f526a8ef74aa7fab235cec0a12d54a

/// File Name:	tcp_reset.c
Description:	Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson.
Author:	eazy
Related File:	SlippingInTheWindow_v1.0.doc
File Size:	3737
Related CVE(s):	CAN-2004-0230
Last Modified:	Apr 28 08:03:00 2004
MD5 Checksum:	2edd0e1dafca116fdae393cd4f64c383

/// File Name:	RoseAttackv2.txt
Description:	Another program that demonstrates the Rose Attack eating up CPU processing time on a Windows 2000 box.
Author:	Chuck
Related File:	Rose_Frag_Attack_Explained.txt
File Size:	11786
Last Modified:	Apr 28 07:12:15 2004
MD5 Checksum:	c71f6be9ef9b5b7e9aaaa903c83d697c

/// File Name:	RoseAttackv1.txt
Description:	Program that demonstrates the Rose Attack eating up CPU processing time on a Windows 2000 box.
Author:	Laurent Constantin
Related File:	Rose_Frag_Attack_Explained.txt
File Size:	6275
Last Modified:	Apr 28 07:11:14 2004
MD5 Checksum:	abe79cdc4e802902cbc75e03bd7f4406

/// File Name:	phpnukeVideo.txt
Description:	PHP-Nuke Video Gallery Module version 0.1 Beta 5 is susceptible to full path disclosure and SQL injection attacks.
Author:	DarkBicho
Homepage:	http://www.darkbicho.tk
File Size:	4374
Last Modified:	Apr 28 06:01:47 2004
MD5 Checksum:	54acb3d8866b74c2e6d1ec256608e9d9

/// File Name:	JetRoot_pl.txt
Description:	Linux root and Windows NT/2000 Administrator remote exploit for HP Web JetAdmin 6.5.
Author:	FX
Homepage:	http://www.phenoelit.de
Related File:	HP_Web_Jetadmin_advisory.txt
File Size:	5343
Last Modified:	Apr 28 05:58:40 2004
MD5 Checksum:	5cd19d9db75680df1b4b9a5cd6ca9642

/// File Name:	disconn.py
Description:	Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson. Python version.
Author:	Michael Gschwandtner
Homepage:	http://anyplay.tznetz.com/exploits/disconn_py.html
Related File:	SlippingInTheWindow_v1.0.doc
File Size:	3491
Related CVE(s):	CAN-2004-0230
Last Modified:	Apr 28 05:49:14 2004
MD5 Checksum:	46637e58111353af9ab2dffa5ac6e5a3

/// File Name:	not_so_smartether.txt
Description:	Samsung SmartEther switches allow a remote attacker to login as admin without having a correct password. All that is required is that all of the characters that can fit in the buffer for the password be filled.
Author:	Kyle Duren
File Size:	1633
Last Modified:	Apr 26 01:07:00 2004
MD5 Checksum:	3960756959bce9934971104a4c4533b7

/// File Name:	Kreset.pl
Description:	Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson. Perl version.
Author:	K-sPecial
Homepage:	http://xzziroz.freeshell.org
Related File:	SlippingInTheWindow_v1.0.doc
File Size:	5576
Related CVE(s):	CAN-2004-0230
Last Modified:	Apr 25 19:05:00 2004
MD5 Checksum:	35eafe0e58f3157a7d65afbb26e29c04

/// File Name:	eXtremail2.c
Description:	Linux eXtremail versions 1.5.9 and below remote root exploit that makes use of a format string vulnerability in its logging mechanism.
Author:	Luca Ercoli
Homepage:	http://www.seeweb.com
Related File:	eXtremail.txt
File Size:	3939
Last Modified:	Apr 25 17:46:00 2004
MD5 Checksum:	eb165abefc04759a78ee48e3da5a316d

/// File Name:	bgp-dosv2.pl
Description:	BGP proof of concept denial of service utility that sends out a RST flood to BGP connection providing the attacker has already gained knowledge of the source port and sequence number.
Author:	Rich Compton
Related File:	SlippingInTheWindow_v1.0.doc
File Size:	1446
Related CVE(s):	CAN-2004-0230
Last Modified:	Apr 24 02:05:02 2004
MD5 Checksum:	52fe0ea2108771280df6c0b70527aa60

/// File Name:	reset-tcp_rfc31337-compliant.c
Description:	Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson. Some modifications done by J 'Swoop' Barber.
Author:	Paul A. Watson
Homepage:	http://www.terrorist.net
Related File:	SlippingInTheWindow_v1.0.doc
File Size:	4479
Related CVE(s):	CAN-2004-0230
Last Modified:	Apr 24 01:57:29 2004
MD5 Checksum:	b89b0241199fd7937f1cc29a3a32e3af

/// File Name:	reset-tcp.c
Description:	Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson.
Author:	Paul A. Watson
Homepage:	http://www.terrorist.net
Related File:	SlippingInTheWindow_v1.0.doc
File Size:	3373
Related CVE(s):	CAN-2004-0230
Last Modified:	Apr 24 01:56:17 2004
MD5 Checksum:	109c83b293fa1cd19507c8d844936b19

/// File Name:	THCIISSLame.c
Description:	THCIISSLame version 0.2 IIS 5 SSL remote root exploit. Uses a connect back shell.
Author:	Johnny Cyberpunk
Homepage:	http://www.thc.org/
File Size:	6725
Last Modified:	Apr 22 18:04:00 2004
MD5 Checksum:	b10bb6ba9138a6d29c48e148b7207004

/// File Name:	umodpoc.zip
Description:	Proof of concept exploit for the Unreal engine developed by EpicGames which has a flaw with UMOD where it handles information from files without properly filtering for dangerous characters.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	unrealEngine2.txt
File Size:	8523
Last Modified:	Apr 22 18:03:00 2004
MD5 Checksum:	babab0ce107edf023e98cb9facc781f6

/// File Name:	waraxe-2004-SA022.txt
Description:	PostNuke 0.726 Phoenix is susceptible to multiple path disclosure and cross site scripting vulnerabilities.
Author:	Janek Vind aka waraxe
Homepage:	http://www.waraxe.us/
File Size:	4922
Last Modified:	Apr 22 11:37:00 2004
MD5 Checksum:	26c15fd38d1d3b31e7aacd5170f5c586

/// File Name:	waraxe-2004-SA021.txt
Description:	The phprofession 2.5 module for PostNuke is susceptible to path disclose, cross site scripting, and possible SQL injection attacks.
Author:	Janek Vind aka waraxe
Homepage:	http://www.waraxe.us/
File Size:	3955
Last Modified:	Apr 22 10:16:00 2004
MD5 Checksum:	60a7eb530f31c704d7281ef37d66a91a

/// File Name:	eaea.class.php.txt
Description:	Mambo OS versions 4.5 and 4.6 exploit written in PHP that insets an administrator user into the database.
Author:	Yo_Soy
Homepage:	http://www.raza-mexicana.org
Related File:	mambo.txt
File Size:	1647
Last Modified:	Apr 22 05:06:00 2004
MD5 Checksum:	4ecba7a08a0a8efe0a8826d3deec68e8

/// File Name:	reset.zip
Description:	This program will reset a TCP connection by guessing a valid sequence number.
Author:	Aphex
Homepage:	http://www.iamaphex.cjb.net
Related File:	246929.html
File Size:	14181
Related CVE(s):	CAN-2004-0230
Last Modified:	Apr 22 04:45:00 2004
MD5 Checksum:	f4ab099f779083bfa1ce46e3cdfdea5d

/// File Name:	0x3142-sq-chpasswd.c
Description:	Local root exploit for Squirrelmail's chpasswd utility. Tested on Suse 9. Original bug found by Matias Neiff.
Author:	x314
Related File:	chpasswd.txt
File Size:	1154
Last Modified:	Apr 20 12:36:00 2004
MD5 Checksum:	19cd768af23b86e42a4d1f020bd43aeb

/// File Name:	p_xfree.c
Description:	XFree version 4.3.x local root exploit that makes use of the vulnerability that exists in the use of the CopyISOLatin1Lowered() function with the 'font_name' buffer.
Author:	pi3
Homepage:	http://www.pi3.int.pl
Related File:	02.11.04.txt
File Size:	11670
Last Modified:	Apr 20 12:17:00 2004
MD5 Checksum:	02f09f93f2adb9197f86c2140e23e6ee

/// File Name:	eudora61.pl
Description:	Eudora 6.1 still has attachment spoofing flaws along with a Nested MIME DoS vulnerability.
Author:	Paul Szabo
File Size:	2834
Last Modified:	Apr 20 07:57:00 2004
MD5 Checksum:	aee6853e3fb6b331288d903a8813c2da

/// File Name:	Exch.pl
Description:	Kinesphere Corporation Exchange POP3 e-mail gateway remote exploit that makes use of a buffer overflow.
Author:	securma massine
File Size:	4629
Last Modified:	Apr 19 17:45:00 2004
MD5 Checksum:	6ab8a0b89d6c06af47d8d320cc7ab4ae

/// File Name:	phpBBmod.txt
Description:	phpBB modified by PRzemo version 1.8 allows for arbitrary code execution due to improper filtering allowing for remote script inclusion.
Author:	Officerrr
File Size:	1871
Last Modified:	Apr 19 16:30:00 2004
MD5 Checksum:	56451f2f2af87fa042870c5de4688379

/// File Name:	kphone.stun.txt
Description:	KPhone versions 4.0.1 and below are vulnerable to a denial of service attack when receiving a malformed STUN response packet.
Author:	Storm
File Size:	3430
Last Modified:	Apr 19 15:24:00 2004
MD5 Checksum:	dad1d1036001f137bef211a08445b7ac