Section:  .. / 0406-exploits  /

Page 1 of 2
<< 1 2 >> Files 1 - 25 of 34
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: 0406-exploits.tgz
Description:
Packet Storm new exploits for June, 2004.
File Size:136567
Last Modified:Jul 14 10:48:06 2004
MD5 Checksum:29c7c2674eab4520cd20b7302b9e9301

 ///  File Name: 2004-06-11_kernel_crash.t2t.tar.bz2
Description:
A very simple bug in the Linux kernel allows a small program to cause a denial of service. This flaw affects both the 2.4.2x and 2.6.x kernels on the x86 architecture.
Author:stian
Homepage:http://gcc.gnu.org/bugzilla/show_bug.cgi?id=15905
File Size:24523
Last Modified:Jun 14 22:01:50 2004
MD5 Checksum:2ab47694f55382d6c53256a0fabfb2ef

 ///  File Name: rdboom.zip
Description:
Remote denial of service proof of concept exploit that makes use of a flaw in the Race Driver server versions 1.20 and below.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:tocaracedriver120.txt
File Size:18049
Last Modified:Jun 9 08:14:14 2004
MD5 Checksum:d5fd2a22cd6cf8be1a8f6bf9e9461613

 ///  File Name: memplayer.c
Description:
All versions of MPlayer, the movie player for Linux, are vulnerable to a buffer overflow attack that allows for privilege escalation. Local exploit included. Tested against Redhat Linux with Gnome, FreeBSD and latest cvsup plus ports with Gnome.
Author:c0ntex
File Size:15554
Last Modified:Jun 27 22:58:00 2004
MD5 Checksum:cbe5d9e292378ea65f396eb994717fdb

 ///  File Name: analysis.tgz
Description:
Complete analysis of the 180 Solutions trojan along with exploitation tools that demonstrate at least two new unpublished vulnerabilities in Microsoft Internet Explorer 6 that allow for arbitrary code execution.
Author:Jelmer
File Size:9434
Last Modified:Jun 8 02:29:39 2004
MD5 Checksum:3673f2d74f6184a4a126bf6b2228c59f

 ///  File Name: waraxe-2004-SA032.txt
Description:
PHP-Nuke versions 6.x - 7.3 suffer from multiple cross site scripting flaws and one SQL injection attack.
Author:Janek Vind aka waraxe
Homepage:http://www.waraxe.us/
File Size:8260
Last Modified:Jun 14 09:56:20 2004
MD5 Checksum:29a12d03061abc3f21207ac954c01902

 ///  File Name: unsecure.zip
Description:
Remote proof of concept denial of service exploit that makes use of a flaw in the Unreal game engine where a simple UDP packet with a long value can overwrite important memory zones. Vulnerable games include: DeusEx versions below and equal to 1.112fm, Devastation versions below and equal to 390, Mobile Forces versions below and equal to 20000, Nerf Arena Blast versions below and equal to 1.2, Postal 2 versions below and equal to 1337, Rune versions below and equal to 107, Tactical Ops versions below and equal to 3.4.0, TNN Pro Hunter, Unreal 1 versions below and equal to 226f, Unreal II XMP versions below and equal to 7710, Unreal Tournament versions below and equal to 451b, Unreal Tournament 2003 versions below and equal to 2225, Unreal Tournament 2004 versions below 3236, Wheel of Time versions below and equal to 333b, X-com Enforcer.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:unrealCodeExec.txt
File Size:7765
Last Modified:Jun 23 01:35:04 2004
MD5 Checksum:361204957ff8fe968183581a523bd891

 ///  File Name: CYSA-0329.txt
Description:
Cyrillium Security Advisory CYSA-0329 - FoolProof Security 3.9.x for Windows 98/98SE/Me has a vulnerability in the password recovery functionality that allows an attacker to recover the Administrator password using the Control password and password recovery key. Exploit included.
Author:Cyrillium Security Solutions and Services
Homepage:http://www.cyrillium.com/
File Size:7613
Last Modified:Jun 9 07:12:48 2004
MD5 Checksum:a0822a9623e9b07dbce09d0268360f44

 ///  File Name: cmr4cdos.zip
Description:
Colin McRae Rally 04 remote denial of service exploit that makes use of a flaw where a client can passively block an entire gaming network by setting a value too high.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org/
Related File:colinmcraerally04.txt
File Size:7161
Last Modified:Jun 8 02:11:20 2004
MD5 Checksum:e6ba105eeddb87a5b00ecfe1dd699366

 ///  File Name: ircd-hybrid.txt
Description:
Due to faulty logic in the socket dequeuing mechanism used in hybrid 7 and the derivate ircd-ratbox, it is possible to severely lag an irc server using a low-bandwidth DoS attack. Affected versions: ircd-hybrid below and equal to 7.0.1, ircd-ratbox below and equal to 1.5.1, ircd-ratbox below and equal to 2.0rc6. Full exploitation included.
Author:Erik Sperling Johansen
File Size:6972
Last Modified:Jun 22 09:38:53 2004
MD5 Checksum:6a0710b14b0f121eb374ed868255d400

 ///  File Name: linksysDoS2.txt
Description:
Multiple denial of service attacks exist against various Linksys routers, causing them to need a factory reset in order to function again. Version affected: Linksys BEFSR41, BEFSR41 v3, BEFSRU31, BEFSR11, BEFSX41, BEFSR81 v2/v3, BEFW11S4 v3, BEFW11S4 v4.
Author:b0f aka Alan McCaig
Homepage:http://www.b0f.net
File Size:6376
Last Modified:Jun 3 19:17:24 2004
MD5 Checksum:0be46427267a6b41f9e15a64458137df

 ///  File Name: blackboardLS.txt
Description:
A bug in Blackboard Learning System release 6 allows users to steal documents out of the digital dropbox of other users. Remote perl exploit included.
Author:killer
Homepage:http://www.mostly-harmless.nl/
File Size:6326
Last Modified:Jun 14 09:07:12 2004
MD5 Checksum:24664bee21865c591e5ebeacf907e0f8

 ///  File Name: dnsPoison.cpp.txt
Description:
Symantec Enterprise Firewall dnsd proxy, versions 8 and later, is vulnerable to cache poisoning attacks when acting as a caching nameserver. Full proof of concept exploit included.
Author:fryxar
File Size:5814
Last Modified:Jun 18 02:32:34 2004
MD5 Checksum:ff4e422f5bdf7ce95c8bbba21561cd14

 ///  File Name: imperva.crystal2.txt
Description:
Imperva's Application Defense Center has announced that several vulnerabilities exist in BusinessObject's Crystal Reports' Web Interface. These vulnerabilities allow a potential hacker to retrieve and delete any file from the file system of the server on which it runs, as well as causing a complete denial of service to the server. Affected versions: Crystal Reports version 9 and 10, Crystal Enterprise version 9 and 10. Exploitation details included.
Author:Moran Surf, Amichai Shulman
Homepage:http://www.imperva.com/adc/
File Size:5379
Last Modified:Jun 9 08:08:58 2004
MD5 Checksum:f8951acf73da7282b9b8a4924fe4e0a8

 ///  File Name: priv8ibserver.pl
Description:
Remote exploit for Borland Interbase 7.1 SP2 and below that spawns a shell under the uid running the database. Targets included for Linux Interbase 7.1 SP 2 and Linux Interbase 6.01 InterBaseSS_LI-V6.0-1.i386.rpm.
Author:Priv8 Security Research
Homepage:http://Priv8security.com
Related File:firebirdDB.txt
File Size:4823
Last Modified:Jun 9 07:52:29 2004
MD5 Checksum:64cc7abc7e92b0bb8f0e92b931e73d99

 ///  File Name: vpasp5x.txt
Description:
VP-ASP Shopping Cart version 5.x is remote susceptible to cross site scripting and SQL injection attacks.
Author:Thomas Ryan
Homepage:http://www.providesecurity.com/research/advisories/06142004-01.asp
File Size:4507
Last Modified:Jun 18 02:12:41 2004
MD5 Checksum:83b28a51651383ae29607899b22eac1c

 ///  File Name: dlink614.txt
Description:
The DI-614+ SOHO DLINK router suffers a script injection vulnerability that uses DHCP as a vector of attack.
Author:Gregory Duchemin
File Size:4505
Last Modified:Jun 23 00:52:26 2004
MD5 Checksum:bb1d151b3ef002c744a87226efe46e37

 ///  File Name: argoxp.c
Description:
New UPNP exploit that affects Microsoft Windows XP SP0. Binds a shell on port 1981.
Author:JoCaNoR
File Size:4242
Last Modified:Jun 25 13:14:00 2004
MD5 Checksum:4e4dbfcd6f6f4bdaeb0f815289d6dc24

 ///  File Name: subexp.c
Description:
Subversion 1.0.2 remote exploit that makes use of a stack overflow in the svn_time_from_cstring() function. Binds a shell to port 36864. Tested against RedHat 8.0 Psyche build.
Author:Gyan Chawdhary
File Size:3899
Last Modified:Jun 7 22:50:27 2004
MD5 Checksum:ba7bc719419799acd815ca5164cd3a69

 ///  File Name: rlprd.py.exploit
Description:
Remote exploit that makes use of a format string vulnerability in rlpr version 2.x.
Author:Andrew Griffiths
Homepage:http://www.felinemenace.org
Related File:rlpr204.txt
File Size:3798
Last Modified:Jun 25 14:18:00 2004
MD5 Checksum:b99e7c2ea67fa9b371ccb64ad4add409

 ///  File Name: pdp11mkdir.c
Description:
A vulnerability in the mkdir system utility can allow an unprivileged user to gain root privileges in UNIX 7th Edition systems. Exploit for /bin/mkdir Unix V7 PDP-11 included.
Author:Tim Newsham
File Size:3748
Last Modified:Jun 3 19:10:22 2004
MD5 Checksum:aa7a376a389ca2ae20714b4961d0ce46

 ///  File Name: mollensoftLightweight.txt
Description:
A security vulnerability have been discovered in the Mollensoft Lightweight FTP Server version 3.6. A buffer overflow can be committed via the CWD command allowing for a denial of service attack. Full exploitation included.
Author:Storm
Homepage:http://www.SecuriTeam.com
File Size:3661
Last Modified:Jun 2 09:54:36 2004
MD5 Checksum:ee8c7bb9f62f9592fe6be4e8f094cc9a

 ///  File Name: p_atari800.c
Description:
Exploit for the atari800 atari emulator. This exploit is local, and may in some circumstances give local root.
Homepage:http://www.pi3.int.pl
File Size:3008
Related CVE(s):CAN-2003-0630
Last Modified:Jun 29 13:50:00 2004
MD5 Checksum:c80b76a6307ff17e08717de2e6550916

 ///  File Name: freebsd.local.txt
Description:
It is possible to crash the kernel on FreeBSD/Alpha by passing an unaligned memory address as a 2nd or 3rd argument to execve() syscall. Affected versions: FreeBSD 5.1-RELEASE/Alpha and possibly others. Not affected: FreeBSD 5.1-RELEASE/IA32.
Author:Marceta Milos
File Size:2583
Last Modified:Jun 25 11:59:00 2004
MD5 Checksum:3c696b8a9038e16be09743c489490177

 ///  File Name: pivot1.1.0SoundwaveAdv.txt
Description:
Pivot 1.10 Soundwave is susceptible to a remote file inclusion and execution vulnerability that enables a remote attacker to execute anything they want in the context of the user id running the web server.
Author:Alex Buck aka loofus
Homepage:http://www.0x90.org/
File Size:2175
Last Modified:Jun 18 09:11:48 2004
MD5 Checksum:1f673326a66b16d650c42b4c15f179a3