Section:  .. / 0407-exploits  /

Page 2 of 2
<< 1 2 >> Files 25 - 38 of 38
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: sambaPoC.txt
Description:
Proof of concept exploit code for the Samba 3.x swat preauthentication buffer overflow vulnerability.
Author:Noam Rathaus
Homepage:http://www.beyondsecurity.com
Related File:sambaOverruns.txt
File Size:2487
Related CVE(s):CAN-2004-0600
Last Modified:Jul 24 01:29:16 2004
MD5 Checksum:eed17fdc529119040e1e6c6a7c44a8a6

 ///  File Name: serenaTeam.txt
Description:
Serena Software's TeamTrack version 6.1.1 is susceptible to a sensitive content disclosure vulnerability that can be exploited without having valid login credentials. Full exploit provided.
Author:Noam Rathaus
Homepage:http://www.securiteam.com/windowsntfocus/5SP0O0ADGG.html
File Size:5904
Last Modified:Jul 24 03:56:44 2004
MD5 Checksum:509e350a19a827535b2c3649d03ac249

 ///  File Name: sharex.c
Description:
Sharutils 4.2.1 local root exploit. Note: shar is NOT setuid by default, so this exploit is completely proof of concept if for some reason the binary was setuid.
Author:n30n
Homepage:http://n30n.byte-lab.com
Related File:sharutil.txt
File Size:2059
Last Modified:Jul 18 12:25:00 2004
MD5 Checksum:a0f331c55a88b263bc3a56d837299108

 ///  File Name: taskSched.c
Description:
Microsoft Windows 2K/XP Task Scheduler local exploit that will spawn notepad.exe.
Related File:mstaskjob.txt
File Size:6024
Related CVE(s):CAN-2004-0212
Last Modified:Jul 27 02:43:23 2004
MD5 Checksum:f49cbd2402c17cf6f8afe5bde0383382

 ///  File Name: unrealdecloak.tar.gz
Description:
Unreal Decloak Toolkit version 0.1 illustrates the weak hashing system vulnerability in Unreal ircd 3.2 and previous versions.
Author:bartavelle
Homepage:http://www.bandecon.com/
Related File:unreal.ircd.txt
File Size:6285
Last Modified:Jul 20 09:41:00 2004
MD5 Checksum:5512163169f37e6ffb23144310121895

 ///  File Name: utilmaned1.c
Description:
Local elevation of privileges exploit for the Microsoft Windows 2000 Utility Manager vulnerability. Gives a shell with SYSTEM privileges.
Author:kralor
Related File:msWinUtilMan.txt
File Size:6485
Related CVE(s):CAN-2004-0213
Last Modified:Jul 17 17:09:00 2004
MD5 Checksum:5533394db7076d191c3e49e83ef17f4e

 ///  File Name: utilmaned2.c
Description:
Local elevation of privileges exploit for the Microsoft Windows 2000 Utility Manager vulnerability. Updated version that can be executed via simple cmd.exe shells using a normal user account. Gives a shell with SYSTEM privileges.
Author:kralor
Related File:msWinUtilMan.txt
File Size:10846
Related CVE(s):CAN-2004-0213
Last Modified:Jul 17 23:33:00 2004
MD5 Checksum:278b3f6fd68eefedd079f0e699e5adb5

 ///  File Name: waraxe-2004-SA035.txt
Description:
PHP Nuke versions 6.x through 7.3 suffer from cross site scripting and SQL injection flaws.
Author:Janek Vind
Homepage:http://www.waraxe.us/index.php?modname=sa&id=35
File Size:4044
Last Modified:Jul 16 18:36:00 2004
MD5 Checksum:8b4e0f056d19cb7eca0688a30285f615

 ///  File Name: waraxe-2004-SA036.txt
Description:
The third advisory in a three part series discussing more flaws in PHP Nuke ranging from full patch disclosure and cross site scripting to SQL injection attacks.
Author:Janek Vind
Homepage:http://www.waraxe.us/
File Size:5888
Last Modified:Jul 18 17:35:00 2004
MD5 Checksum:d6045cd8d9461ee83afbb029ddfb0afd

 ///  File Name: webcenterSQL.txt
Description:
Internet Software Sciences's Web+Center version 4.0.1 suffers from a lack of sanity checking when parsing Cookie data and due to this is susceptible to a SQL injection attack. Full exploit provided.
Author:Noam Rathaus
Homepage:http://www.securiteam.com/windowsntfocus/5RP0N0ADGK.html
File Size:4802
Last Modified:Jul 24 04:23:55 2004
MD5 Checksum:4b63eac7ef59184eae48010a67fc6aa5

 ///  File Name: webstoreExec.txt
Description:
Web_Store.cgi allows for remote command execution due to a lack of variable sanitization.
Author:Zero-X
Homepage:http://www.Lobnan.de
File Size:268
Last Modified:Jul 17 15:05:00 2004
MD5 Checksum:1c5e520b29e2bf288d01ebd0b9d24539

 ///  File Name: wgetusr.c
Description:
Exploit that makes use of the mod_userdir vulnerability in various Apache 1.3 and 2.x servers. Ported to Windows by John Bissell.
Author:CoKi
Homepage:http://www.nosystem.com.ar
File Size:11144
Last Modified:Jul 24 00:40:11 2004
MD5 Checksum:f31b7dbf6a8e67ce8d301fa3f4d4e38b

 ///  File Name: wostok-setterm.c
Description:
Proof of concept exploit for setterm, which is not usually suid by default.
Author:poma
Homepage:http://wostok.org
File Size:1601
Last Modified:Jul 4 12:32:00 2004
MD5 Checksum:ec97ff10101fcbff283a4a793effb9cc