Section: .. / 0405-exploits /

Page 2 of 2
<< 1 2 >> Files 25 - 46 of 46

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	hsftpexpl.tgz
Description:	HSFTP versions 1.11 and below remote exploit that makes use of a format string vulnerability when processing file names.
Author:	priestmaster
Homepage:	http://www.priestmaster.org
File Size:	4247
Last Modified:	May 1 18:22:19 2004
MD5 Checksum:	7cd8a65e47c3d8ce7e8abc637a3a3696

/// File Name:	waraxe-2004-SA028.txt
Description:	The Nuke jokes module for PHPNuke is susceptible to path disclosure, cross site scripting, and SQL injection attacks.
Author:	Janek Vind aka waraxe
Homepage:	http://www.waraxe.us/
File Size:	3767
Last Modified:	May 9 21:01:34 2004
MD5 Checksum:	d66d60d7836ef40f78ee42673d0e47b9

/// File Name:	sp-x12-advisory.txt
Description:	BNBT BitTorrent Tracker Beta 7.5 Release 2 and earlier versions are susceptible a denial of service due to a malicious crafted HTTP GET request. Sample exploit included. Tested on Windows XP SP1.
Author:	badpack3t
Homepage:	http://www.security-protocols.com
File Size:	3751
Last Modified:	May 24 08:16:30 2004
MD5 Checksum:	d70ca4fb4aa9ee3fd6e78f911a191794

/// File Name:	waraxe-2004-SA027.txt
Description:	PHP-Nuke version 6.x through 7.2 suffer from various SQL injection and cross site scripting vulnerabilities.
Author:	Janek Vind aka waraxe
Homepage:	http://www.waraxe.us/
File Size:	3656
Last Modified:	May 7 23:42:01 2004
MD5 Checksum:	e6e2537ec2fd1485641bcb0bfc844659

/// File Name:	gyan_sendmail.c
Description:	Local root exploit for sendmail versions 8.12.9 and below that makes use of the prescan function vulnerability originally discovered by Michal Zalewski back in September.
Author:	Gyan Chawdhary
Related File:	sendmail8.12.9.txt
File Size:	3612
Last Modified:	May 7 20:44:23 2004
MD5 Checksum:	e6a94843ad03750d2f73beb8a33a7cdd

/// File Name:	sp-x13-advisory.txt
Description:	Orenosv HTTP/FTP server version orenosv059f is susceptible to a remote denial of service attack when supplied with an overly long GET request.
Author:	badpack3t
Homepage:	http://www.security-protocols.com
File Size:	3443
Last Modified:	May 26 11:41:24 2004
MD5 Checksum:	b808aeba5f9878b8e97a72d00f4c1090

/// File Name:	emule042e.pl
Description:	Remote denial of service exploit for Emule 0.42e.
Author:	Rafel Ivgi aka The-Insider
Homepage:	http://theinsider.deep-ice.com
File Size:	3398
Last Modified:	May 11 06:19:41 2004
MD5 Checksum:	22b00d28a310b84818beaccb735f864f

/// File Name:	paxdos.c
Description:	PaX with CONFIG_PAX_RANDMMAP for Linux 2.6 denial of service proof of concept exploit the send the kernel into an infinite loop. Originally discovered by ChrisR.
Author:	Shadowinteger
File Size:	3178
Last Modified:	May 11 06:45:27 2004
MD5 Checksum:	001c4ea7efedf19d582a2e5969a9939b

/// File Name:	titanDoS.txt
Description:	A security vulnerability exists in South River Technologies' Titan FTP Server. An attacker issuing a LIST command and disconnecting before the LIST command had the time to connect, will cause the program to try and access an invalid socket. This results in the FTP service crashing. Version affected: 3.01 build 163.
Author:	Storm
Homepage:	http://www.securiteam.com/windowsntfocus/5RP0215CUU.html
File Size:	2543
Last Modified:	May 7 22:29:51 2004
MD5 Checksum:	06ec27cef6424d9953fbee1c03bdbe2c

/// File Name:	servuLIST.txt
Description:	Serv-U ftpd versions older than 5.0.0.6 suffer from a flaw where a user issuing a long parameter as a value to a LIST command can cause the server to try and read a value that is outside the memory location causing a crash.
Author:	Storm
File Size:	2455
Last Modified:	May 4 05:06:01 2004
MD5 Checksum:	e1ac518faa09770360a61a3b10698007

/// File Name:	SMCwhoops.txt
Description:	SMC broadband routers ship with remote administration enabled by default on port 1900 on the WAN side of the router. Hitting the external IP address on port 1900 and clicking Login allows a malicious attacker to gain full access to the device. Tested against model 7008ABR and 7004VBR.
Author:	user86
File Size:	2327
Last Modified:	May 4 01:24:38 2004
MD5 Checksum:	9691f91745efcee0c1abd98be7860c91

/// File Name:	wgetuhoh.txt
Description:	Wget versions 1.9 and 1.9.1 are susceptible to a symlink attack during a phase where it downloads the file to a temporary filename but does not actually lock the file.
Author:	Hugo Vazquez
File Size:	2007
Last Modified:	May 18 05:49:42 2004
MD5 Checksum:	7883f0415aa5768d71876d6b6214fc75

/// File Name:	sq-chpass-exp.c
Description:	Local root exploit for Squirrelmail's chpasswd utility. Tested on GNU/Debian with kernel 2.4.24 and on RH 9.0 shrike with kernel 2.4.20. Original bug found by Matias Neiff.
Author:	Michal Stys
Related File:	chpasswd.txt
File Size:	1721
Last Modified:	May 4 05:21:01 2004
MD5 Checksum:	0d39b4dd9b57ce7c70057d669bb68cfd

/// File Name:	4nalb.pl
Description:	Remote exploit that makes use of a file inclusion vulnerability in 4nalbum module version 0.92. To use, you must change the retrieve URL to point to a script that binds a shell to port 1234 of the server.
Author:	adil
Related File:	waraxe-2004-SA006.txt
File Size:	1561
Last Modified:	May 5 21:37:39 2004
MD5 Checksum:	f942a9ae511f73f04df62b0e1921cf33

/// File Name:	EXP_OmniHTTPd.BAT
Description:	Remote exploit for OmniHTTPd versions 3.0a and below.
Author:	CoolICE
File Size:	1512
Last Modified:	May 19 20:32:10 2004
MD5 Checksum:	38dc667070590ecbe6ef30723398ab92

/// File Name:	squirrel142.txt
Description:	SquirrelMail, a PHP based webmail package, has multiple cross-site scripting vulnerabilities. Version 1.4.2 and earlier are affected.
Author:	Alvin Alex
File Size:	1104
Last Modified:	May 4 01:09:38 2004
MD5 Checksum:	38ea4e0bb3227b77fcb7d5585e0ce880

/// File Name:	allegrodos.txt
Description:	Amusing simple one-liner that shows that 3COM 812 ADSL modems are still susceptible to 4 year old denial of service attacks.
Author:	Seth Alan Woolley
File Size:	1040
Last Modified:	May 24 08:10:44 2004
MD5 Checksum:	1125ca25c5750a65274d642901167a37

/// File Name:	eudoraURL.txt
Description:	Eudora for windows has a buffer overflow in versions 6.1, 6.0.3, and 5.2.1. Sample exploitation included.
Author:	Paul Szabo
File Size:	1039
Last Modified:	May 9 20:14:11 2004
MD5 Checksum:	73206457f0b37c792b97ed6221062a41

/// File Name:	aldosweb.txt
Description:	Aldo's web server version 1.5 on Windows is susceptible to path disclosure and pathetic directory traversal attack that allows for remote access to any file on the system.
Author:	Oliver Karow
Homepage:	http://www.oliverkarow.de/research/AldosWebserverMultipleVulns.txt
File Size:	1014
Last Modified:	May 4 05:03:03 2004
MD5 Checksum:	f0e78cddf0d74c429c81530532d3f80f

/// File Name:	jportal.txt
Description:	JPortal is susceptible to SQL injection attacks and also stores the administrator password in the clear.
Author:	Maciek Wierciski
File Size:	666
Last Modified:	May 30 21:47:25 2004
MD5 Checksum:	5d99778db6af0ad83abc1d85e30297a1

/// File Name:	advisory13.txt
Description:	osCommerce versions 2.x suffer from a directory traversal attack that allows for access to directories outside of the webroot.
Author:	l0om
Homepage:	http://www.excluded.org
File Size:	556
Last Modified:	May 19 23:23:41 2004
MD5 Checksum:	9f27e4abcf8a58882000fc1a740db958