Section:  .. / 0406-exploits  /

Page 2 of 2
<< 1 2 >> Files 25 - 34 of 34
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: roundUP.txt
Description:
 Roundup is susceptible to a directory traversal attack that will permit an attacker to view files outside of the web root.
Author:Vickenty Fesunov
File Size:1796
Last Modified:Jun 10 10:09:25 2004
MD5 Checksum:751d0c8016c146f80cc191a6fe075334

 ///  File Name: phpEscape.txt
Description:
 PHP offers the function escapeshellarg() to escape arguments to shell commands in a way that makes it impossible for an attacker to execute additional commands. However due to a bug in the function, this does not work with the windows version of PHP. Versions 4.3.6 and below are susceptible.
Author:Daniel Fabian
Homepage:http://www.sec-consult.com
File Size:1634
Last Modified:Jun 8 01:16:45 2004
MD5 Checksum:4c2259467e77e624482ad84e2fe1c526

 ///  File Name: usr8003.txt
Description:
 USR Robotics Broadband Router 8003 has a flawed password checking functionality where the password is first verified by a javascript function that has the real administrator password embedded and easily viewable in the source code, allowing any malicious remote attacker to take full control of the device. Tested against firmware v1.04 08. USR Robotics has claimed the problem is not that serious and has not taken any steps to remedy the situation.
Author:Fernando Sanchez
File Size:1464
Last Modified:Jun 9 08:04:44 2004
MD5 Checksum:c4938d18d1cff57950f3c87e7661cd54

 ///  File Name: sambar.txt
Description:
 Sambar Server version 6.x has been found susceptible to directory traversal, direct file access, and cross site scripting attacks
Author:Oliver Karow
Homepage:http://www.oliverkarow.de/research/sambar.txt
File Size:1381
Last Modified:Jun 3 23:28:18 2004
MD5 Checksum:6574f9f30fe358ae4cb1db893e3bb9f9

 ///  File Name: WinAgentsTFTP.txt
Description:
 When an overly long filename is requested via the WinAgents TFTP server, a denial of service occurs due to an error in the handling of the request. Tested against version 3.0, other versions may be susceptible. Exploitation included.
Author:Ziv Kamir
File Size:1224
Last Modified:Jun 14 11:03:37 2004
MD5 Checksum:e9030ba21e5ba0c96dbfd3e2f3056239

 ///  File Name: code.zip
Description:
 Some bits of code that show how modified URL encoding can easily bypass restricted zones via Microsoft Internet Explorer.
Author:Jelmer
Homepage:http://jelmer.homedns.org/code.zip
File Size:1073
Last Modified:Jun 22 09:44:18 2004
MD5 Checksum:5b1945a52edc14026d5441544d608175

 ///  File Name: edimaxBackdoor.txt
Description:
 Edimax 7205APL with a firmware of 2.40a-00 has a huge flaw where a guest account is hard-coded into the firmware allowing anyone to perform a backup with the same privileges of the administrator.
Author:msl
File Size:899
Last Modified:Jun 14 08:57:47 2004
MD5 Checksum:920cbf76ffc52c5242a7de9605b4317b

 ///  File Name: tn-linksys.txt
Description:
 Linksys Web Camera versions 2.12 and below are vulnerable to a file inclusion vulnerability.
Author:Andrew
File Size:830
Last Modified:Jun 23 02:05:11 2004
MD5 Checksum:8644bec47b491078fb0b317d247134a8

 ///  File Name: cpanelInject.txt
Description:
 Reseller accounts used with Cpanel are able to change all passwords without verification.
Author:verb0s
File Size:569
Last Modified:Jun 10 09:08:06 2004
MD5 Checksum:f1426a10b54aadf67391f001ffad1b4b