Section: .. / 0407-exploits /

Page 1 of 2
<< 1 2 >> Files 1 - 25 of 38

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	0407-exploits.tgz
Description:	Packet Storm new exploits for July, 2004.
File Size:	127806
Last Modified:	Aug 4 10:00:16 2004
MD5 Checksum:	b5572cacdd04c8411a4a0aa61741425c

/// File Name:	OpteronMicrocode.txt
Description:	This document details the procedure for performing microcode updates on the AMD K8 processors. It also gives background information on the K8 microcode design and provides information on altering the microcode and loading the altered update for those who are interested in microcode hacking. Source code is included for a simple Linux microcode update driver for those who want to update their K8's microcode without waiting for the motherboard vendor to add it to the BIOS. The latest microcode update blocks are included in the driver.
Author:	Anonymous
File Size:	28902
Last Modified:	Jul 23 01:52:47 2004
MD5 Checksum:	925bf1b56a160a7d79d11e38398da7d2

/// File Name:	floodworldRE2.zip
Description:	FloodWorld, the IRC tool, is susceptible to a denial of service attack due to a mishandling of special characters.
Author:	BoSSaLiNiE
File Size:	22409
Last Modified:	Jul 25 00:02:38 2004
MD5 Checksum:	6965bfc35580f8100f3f1777952fc2b1

/// File Name:	phpMyAdmin257.txt
Description:	phpMyAdmin version 2.5.7 is susceptible to allowing remote malicious users the ability to inject PHP code. Full exploit provided.
Author:	Nasir Simbolon
Homepage:	http://eagle.kecapi.com
File Size:	11896
Last Modified:	Jul 1 12:42:00 2004
MD5 Checksum:	efa2bc2daeaaf7a11623f78fae49fd53

/// File Name:	wgetusr.c
Description:	Exploit that makes use of the mod_userdir vulnerability in various Apache 1.3 and 2.x servers. Ported to Windows by John Bissell.
Author:	CoKi
Homepage:	http://www.nosystem.com.ar
File Size:	11144
Last Modified:	Jul 24 00:40:11 2004
MD5 Checksum:	f31b7dbf6a8e67ce8d301fa3f4d4e38b

/// File Name:	drcat.c
Description:	Exploit for a buffer overflow in drcatd 0.5.0 beta. This may allow for command execution when the system administrator has assumed that only read access to files has been granted, but as it requires a valid username and password, this is unlikely to ever be a high-risk exploit.
Author:	Taif
Related File:	zone-h-drcat.txt
File Size:	11047
Last Modified:	Jul 2 19:00:00 2004
MD5 Checksum:	7a0995e8f134b7911128d4430d4916c7

/// File Name:	utilmaned2.c
Description:	Local elevation of privileges exploit for the Microsoft Windows 2000 Utility Manager vulnerability. Updated version that can be executed via simple cmd.exe shells using a normal user account. Gives a shell with SYSTEM privileges.
Author:	kralor
Related File:	msWinUtilMan.txt
File Size:	10846
Related CVE(s):	CAN-2004-0213
Last Modified:	Jul 17 23:33:00 2004
MD5 Checksum:	278b3f6fd68eefedd079f0e699e5adb5

/// File Name:	eSeSIX.txt
Description:	eSeSIX Thintune with a firmware equal to or below 2.4.38 is susceptible to multiple vulnerabilities. These include having a backdoored service on a high port with an embedded password giving a remote root shell, various other passwords being stored locally in clear text, and a local root shell vulnerability.
Author:	Dirk Loss
Homepage:	http://www.it-consult.net
File Size:	10051
Last Modified:	Jul 26 18:46:47 2004
MD5 Checksum:	ed8d2018e1ac3d1f4a1ffa5deebcf6f7

/// File Name:	mohaabof.zip
Description:	Remote test code that verifies buffer overflows in the Medal of Honor games including Allied Assault version 1.11v9 and below, Breakthrough version 2.40b and below, and Spearhead version 2.15 and below.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	mohBufferOverflow.txt
File Size:	9965
Last Modified:	Jul 17 23:42:00 2004
MD5 Checksum:	3ce5ddcdc7eaff52426ebace15a4649c

/// File Name:	getusr.c
Description:	Exploit that makes use of the mod_userdir vulnerability in various Apache 1.3 and 2.x servers.
Author:	CoKi
Homepage:	http://www.nosystem.com.ar
File Size:	8800
Last Modified:	Jul 21 00:56:49 2004
MD5 Checksum:	8662511387d1c9dfabc4db3091ec50b0

/// File Name:	hlboom.zip
Description:	Remote denial of service exploit for a flaw in the Half-Life server on Linux and Windows where a write occurs to a read-only memory zone.
Author:	Luigi Auriemma, Terry Henning
Homepage:	http://aluigi.altervista.org
Related File:	memHalfLife.txt
File Size:	7979
Last Modified:	Jul 12 18:55:00 2004
MD5 Checksum:	d1fdd00f30e4c58a069834cc783da62f

/// File Name:	netsupportDNA.txt
Description:	NetSupport DNA Helpdesk 1.x is susceptible to a SQL injection vulnerability. Full exploit provided.
Author:	Noam Rathaus
Homepage:	http://www.securiteam.com/windowsntfocus/5PP0L0ADGE.html
File Size:	7667
Last Modified:	Jul 24 03:53:37 2004
MD5 Checksum:	874f8cd71853aef7d01e6755da0430f5

/// File Name:	citadel.advisory-04.txt
Description:	Citadel/UX versions 6.23 and below are vulnerable to a buffer overflow that occurs when more than 97 bytes are sent with the USER directive to port 504.
Author:	CoKi
Homepage:	http://www.nosystem.com.ar
File Size:	7357
Last Modified:	Jul 29 18:23:05 2004
MD5 Checksum:	19ca7f050f3b6e57f8fb51c2e642600d

/// File Name:	polarHelp.txt
Description:	Polar HelpDesk version 3.0 does not adequately verify whether the user logged onto the system has proper administrative access when performing administrative duties.
Author:	Noam Rathaus
Homepage:	http://www.securiteam.com/windowsntfocus/5OP0K0ADGA.html
File Size:	6968
Last Modified:	Jul 24 04:20:47 2004
MD5 Checksum:	bd7719f2d67ec7995c2955a53167f60b

/// File Name:	LBEhelpdesk.txt
Description:	Leigh Business Enterprises's (LBE) Web HelpDesk versions 4.0.80 and below suffer from a SQL injection attack vulnerability. Full exploit included.
Author:	Noam Rathaus
Homepage:	http://www.securiteam.com/windowsntfocus/5QP0M0ADGI.html
File Size:	6578
Last Modified:	Jul 24 03:48:31 2004
MD5 Checksum:	3eb0d573f0b7fc9ee79cad8841b5498a

/// File Name:	utilmaned1.c
Description:	Local elevation of privileges exploit for the Microsoft Windows 2000 Utility Manager vulnerability. Gives a shell with SYSTEM privileges.
Author:	kralor
Related File:	msWinUtilMan.txt
File Size:	6485
Related CVE(s):	CAN-2004-0213
Last Modified:	Jul 17 17:09:00 2004
MD5 Checksum:	5533394db7076d191c3e49e83ef17f4e

/// File Name:	unrealdecloak.tar.gz
Description:	Unreal Decloak Toolkit version 0.1 illustrates the weak hashing system vulnerability in Unreal ircd 3.2 and previous versions.
Author:	bartavelle
Homepage:	http://www.bandecon.com/
Related File:	unreal.ircd.txt
File Size:	6285
Last Modified:	Jul 20 09:41:00 2004
MD5 Checksum:	5512163169f37e6ffb23144310121895

/// File Name:	taskSched.c
Description:	Microsoft Windows 2K/XP Task Scheduler local exploit that will spawn notepad.exe.
Related File:	mstaskjob.txt
File Size:	6024
Related CVE(s):	CAN-2004-0212
Last Modified:	Jul 27 02:43:23 2004
MD5 Checksum:	f49cbd2402c17cf6f8afe5bde0383382

/// File Name:	serenaTeam.txt
Description:	Serena Software's TeamTrack version 6.1.1 is susceptible to a sensitive content disclosure vulnerability that can be exploited without having valid login credentials. Full exploit provided.
Author:	Noam Rathaus
Homepage:	http://www.securiteam.com/windowsntfocus/5SP0O0ADGG.html
File Size:	5904
Last Modified:	Jul 24 03:56:44 2004
MD5 Checksum:	509e350a19a827535b2c3649d03ac249

/// File Name:	waraxe-2004-SA036.txt
Description:	The third advisory in a three part series discussing more flaws in PHP Nuke ranging from full patch disclosure and cross site scripting to SQL injection attacks.
Author:	Janek Vind
Homepage:	http://www.waraxe.us/
File Size:	5888
Last Modified:	Jul 18 17:35:00 2004
MD5 Checksum:	d6045cd8d9461ee83afbb029ddfb0afd

/// File Name:	applePanther.txt
Description:	Apple OSX Panther 10.3.4 with Internet Connect version 1.3 by default appends to ppp.log in /tmp if the file already exists. If a symbolic link is made to any file on the system, it automatically writes to it as root allowing for an easy local compromise. Detailed exploitation given.
Author:	B-r00t
File Size:	5887
Last Modified:	Jul 25 19:44:35 2004
MD5 Checksum:	ce17ecd81b9eb0c5d05363684b7fb20c

/// File Name:	webcenterSQL.txt
Description:	Internet Software Sciences's Web+Center version 4.0.1 suffers from a lack of sanity checking when parsing Cookie data and due to this is susceptible to a SQL injection attack. Full exploit provided.
Author:	Noam Rathaus
Homepage:	http://www.securiteam.com/windowsntfocus/5RP0N0ADGK.html
File Size:	4802
Last Modified:	Jul 24 04:23:55 2004
MD5 Checksum:	4b63eac7ef59184eae48010a67fc6aa5

/// File Name:	bitlanceOpera.txt
Description:	A vulnerability in the Opera 7.x series allows phishing attacks due to not updating the address bar if a web page is opened using the window.open function and then replaced using the location.replace function.
Author:	bitlance winter
File Size:	4323
Last Modified:	Jul 28 01:37:01 2004
MD5 Checksum:	c14ba26335be0774fdde44f2ac60d3c4

/// File Name:	IRM-009.txt
Description:	IRM Security Advisory 009 - RiSearch version 1.0.01 and RiSearch Pro 3.2.06 are susceptible to open FTP/HTTP proxying, directory listings, and file disclosure vulnerabilities.
Homepage:	http://www.irmplc.com/advisories
File Size:	4125
Last Modified:	Jul 29 01:59:12 2004
MD5 Checksum:	1b9d106a4cfb851b8104f1d39a7e039c

/// File Name:	waraxe-2004-SA035.txt
Description:	PHP Nuke versions 6.x through 7.3 suffer from cross site scripting and SQL injection flaws.
Author:	Janek Vind
Homepage:	http://www.waraxe.us/index.php?modname=sa&id=35
File Size:	4044
Last Modified:	Jul 16 18:36:00 2004
MD5 Checksum:	8b4e0f056d19cb7eca0688a30285f615