Section:  .. / 0404-exploits  /

Page 2 of 3
<< 1 2 3 >> Files 25 - 50 of 50
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: gvexpl.tgz
Description:
 Remote root proof of concept exploit for gv versions 3.5.8 and below. Binds a shell to port 65535. Makes use of an old vulnerability that does not have an exploit circulating for it.
Author:priestmaster
Homepage:http://www.priestmaster.org
Related File:gv-exploit.pdf
File Size:3090
Last Modified:Apr 18 12:33:00 2004
MD5 Checksum:41cdb7aa6c873e01ffd225c7bb8c3355

 ///  File Name: Phorum347SQL.pl
Description:
 Remote exploit that makes use of a SQL injection vulnerability in Phorum version 3.4.7.
Author:Janek Vind aka waraxe
Homepage:http://www.waraxe.us/
Related File:waraxe-2004-SA019.txt
File Size:2900
Last Modified:Apr 18 11:34:00 2004
MD5 Checksum:4ec2f69be6677d3a55d044b479749d1c

 ///  File Name: SPK-chpasswd.tgz
Description:
 Local root exploit for Squirrelmail's chpasswd utility. Original bug found by Matias Neiff.
Author:SpikE
Related File:chpasswd.txt
File Size:1069
Last Modified:Apr 18 11:14:00 2004
MD5 Checksum:89576d98080ddfe977136d731fbd137d

 ///  File Name: gemitelv3.txt
Description:
 Gemitel versions 3.5 and below allow for malicious file inclusion in its affich.php script. This vulnerability allows an attacker to forcibly execute arbitrary scripts from remote resources on the server.
Author:jaguar
Homepage:http://www.wulab.com
File Size:1492
Last Modified:Apr 17 14:52:00 2004
MD5 Checksum:0dfcf9d72eb05a0ab1ce7f892fe712ff

 ///  File Name: billybastard.c
Description:
 Local exploit that makes use of the flaw in lsass.exe. Binds a shell to port 31337.
Author:Hi_Tech_Assassin
File Size:5271
Last Modified:Apr 17 14:11:00 2004
MD5 Checksum:1f9222b74b939049559dc3333d823b31

 ///  File Name: SCSA028.txt
Description:
 Security Corporation Security Advisory [SCSA-028]: Nuked-KlaN versions b1.4 and b1.5 allows for directory traversal attacks and global variable overwriting.
Author:Germain Randaxhe aka frog-man
Homepage:http://www.phpsecure.info
File Size:10380
Last Modified:Apr 17 13:01:00 2004
MD5 Checksum:9a1ed5e3d1ff8b9aeefee4487b9fa4e5

 ///  File Name: XMicro.backdoor2.txt
Description:
 X-Micro WLAN 11b Broadband Routers versions 1.2.2, 1.2.2.3, 1.2.2.4, 1.6.0.0, and 1.6.0.1 all have a backdoor account of super with a password of super. 1.6.0.1 also has an account 1502 with a password of 1502 hardcoded.
Author:Gergely Risko
File Size:2454
Last Modified:Apr 16 12:31:00 2004
MD5 Checksum:2522c3d224054bfc979da26ee025c82d

 ///  File Name: sslbomb.c
Description:
 Remote denial of service exploit for IIS SSL vulnerability documented in MS04-011.
Author:David Barroso Berrueta, Alfredo Andres Omella
Homepage:http://www.s21sec.com
File Size:12128
Last Modified:Apr 15 09:45:00 2004
MD5 Checksum:655b5cdfab95f087efd0af0e1cbf2d6c

 ///  File Name: wz_ex.c
Description:
 Proof of concept exploit for the WinZip32 MIME Parsing Overflow. Tested against WinZip 8.1 on Windows XP SP1 and Windows 2000 SP1. Instructions for use are included.
Author:snooq
Homepage:http://www.angelfire.com/linux/snooq/
Related File:02.27.04a.txt
File Size:6499
Last Modified:Apr 15 09:23:00 2004
MD5 Checksum:5fc351268d1bcf67459c35ae1510a996

 ///  File Name: cdpexpl.tgz
Description:
 Proof of concept demonstration exploit for cdp versions 0.4 and below.
Author:priestmaster
Homepage:http://www.priestmaster.org
File Size:1164
Last Modified:Apr 14 17:52:00 2004
MD5 Checksum:b7e4101c43e6efa314dee08047dee947

 ///  File Name: SurgeLDAP10.txt
Description:
 SurgeLDAP 1.0g suffers from a directory traversal vulnerability in the user.cgi script due to a lack of input validation.
Author:Dr. Insane
Homepage:http://members.lycos.co.uk/r34ct/
File Size:1414
Last Modified:Apr 14 16:23:00 2004
MD5 Checksum:114af6df8ed3c31a1fb8814675003e77

 ///  File Name: ADA.image.txt
Description:
 ADA Image Server (ImgSvr) 0.4 suffers from a buffer overflow via GET requests, directory traversal vulnerabilities, and a denial of service flaw.
Author:Dr. Insane
Homepage:Http://members.lycos.co.uk/r34ct/
File Size:2642
Last Modified:Apr 14 16:10:00 2004
MD5 Checksum:c9af293363595a0fcc1e638e861dfdfd

 ///  File Name: MSIE.printer.txt
Description:
 Microsoft Internet Explorer 6.0 allows malicious Javascript to send documents to the printer without notifying the end user.
Author:Ben Garvey
Homepage:http://www.bengarvey.com
File Size:3042
Last Modified:Apr 13 00:45:00 2004
MD5 Checksum:4c4e790d243752c616023e9903017ffb

 ///  File Name: 305monit.c
Description:
 Monit versions 4.2 and below remote exploit that makes use of a buffer overflow in the handling of basic authentication. Binds a shell to port 31337.
Author:Nilanjan De, Abhisek Datta
Homepage:http://www.eos-india.net/
Related File:monit.txt
File Size:9183
Last Modified:Apr 12 06:55:00 2004
MD5 Checksum:ad1d48f1fac2fb76a281eade6259171e

 ///  File Name: emule4x.pl
Description:
 eMule versions 0.42d and below remote exploit that makes use of the buffer overflow in the DecodeBase16() function. Tested against Windows XP SP1 and Windows 2000 SP4.
Author:kcope
Related File:emule-0.42d.txt
File Size:8196
Last Modified:Apr 11 20:25:00 2004
MD5 Checksum:1ce6c958dd2930cdd1a5efdc4ab262cb

 ///  File Name: tikiwiki181.txt
Description:
 Tiki CMS/Groupware (aka TikiWiki) versions 1.8.1 and below suffer from path disclosure, cross site scripting, SQL injection, directory traversal, and arbitrary file upload vulnerabilities.
Author:JeiAr
File Size:8998
Last Modified:Apr 11 12:16:00 2004
MD5 Checksum:e695514d042cdecc0a42e45dcab558ce

 ///  File Name: XMicro.backdoor.txt
Description:
 X-Micro WLAN 11b Broadband Routers versions 1.2.2 and 1.2.2.3 have a backdoor account of super with a password of super.
Author:Gergely Risko
File Size:1896
Last Modified:Apr 10 17:57:00 2004
MD5 Checksum:fb2348377074ae051bdf7d478b99ddd4

 ///  File Name: emptyconn.zip
Description:
 Proof of concept exploit that causes a denial of service condition in RSniff.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:rsniff.txt
File Size:5802
Last Modified:Apr 9 14:23:00 2004
MD5 Checksum:5d496cff7e0fa3a67f0e145da67e0182

 ///  File Name: cobain-monit.pl
Description:
 Monit versions 4.1 and below remote denial of service exploit. Tested on Mandrake 9.1.
Author:gsicht
Related File:monit.txt
File Size:1528
Last Modified:Apr 9 11:11:00 2004
MD5 Checksum:f0cc271a17471fcd8555602dc84764d5

 ///  File Name: priv8lcd44.pl
Description:
 Remote exploit that makes use of overflows in versions 0.4.4 and below of LCDproc's daemon.
Author:Adriano Lima
Homepage:http://www.priv8security.com
Related File:lcdproc.adv2
File Size:3717
Last Modified:Apr 9 06:55:00 2004
MD5 Checksum:7196f50ff2b0c806cf549add4c7278db

 ///  File Name: waraxe-2004-SA015.txt
Description:
 NukeCalendar version 1.1.a, the PHP-Nuke Calendar Module, suffers from SQL injection, cross site scripting, and full path disclosure flaws.
Author:Janek Vind
Homepage:http://www.waraxe.us/index.php?modname=sa&id=15
File Size:3473
Last Modified:Apr 8 16:04:00 2004
MD5 Checksum:347eabc0fa516ae07eb0e9868b897d7c

 ///  File Name: rootme.tar
Description:
 Local root exploit for the Solaris vfs_getvfssw() Loadable Kernel Module Path vulnerability found by Immunity Security.
Author:Sam
Related File:solaris_kernel_vfs.sxw.pdf
File Size:10240
Last Modified:Apr 7 10:23:00 2004
MD5 Checksum:6d96d97f7cd6f65a60955ca1eab94875

 ///  File Name: igi2fs.zip
Description:
 Proof of concept exploit that makes use of a format string bug in IGI 2: Covert Strike. Affected versions are 1.3 and below.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:igi2.txt
File Size:5998
Last Modified:Apr 5 20:24:00 2004
MD5 Checksum:1c431b4877d8f8c8a450e93962d8f0a5

 ///  File Name: Abrior.txt
Description:
 A lack of proper input validation on Abrior's Encore WebForum allows for remote command execution via Display.cgi.
Author:Schizoprenic, k159
Homepage:http://g-security.tk
File Size:3003
Last Modified:Apr 3 13:47:00 2004
MD5 Checksum:b729c60b75ed3166fd73e47cdd65d70e

 ///  File Name: imgSvr.txt
Description:
 Under its default, imgSvr version 0.4 allows some security checks to be bypassed allowing an attacker to see the contents of a web directory and see or download the files of a web directory.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1774
Last Modified:Apr 1 11:39:00 2004
MD5 Checksum:84b29a02de69b2b54da296623e927287