Section: .. / 0408-exploits /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 55

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	0408-exploits.tgz
Description:	Packet Storm new exploits for August, 2004.
File Size:	134354
Last Modified:	Sep 1 00:15:55 2004
MD5 Checksum:	e3ace716b8302d22fb2b673989fa063a

/// File Name:	dlinkdown.c
Description:	Remote exploit that will change an IP address for the D-Link DCS-900 IP camera, due to the fact that it listens for a 62976/udp broadcast packet telling it what IP address to use without any authentication.
Author:	anonymous
File Size:	2427
Last Modified:	Aug 31 05:26:49 2004
MD5 Checksum:	cda6badab6d0afdafacc7b3bff56b715

/// File Name:	neb-citadel.c
Description:	Remote exploit for Citadel/UX versions 6.23 and below that makes use of the USER directive overflow. Successful exploitation adds an account in /etc/passwd.
Author:	nebunu
Related Exploit:	citadel.advisory-04.txt"
File Size:	4397
Last Modified:	Aug 31 05:12:05 2004
MD5 Checksum:	20fc661867702ea3aa6a9c1ade96752b

/// File Name:	gc2boom.zip
Description:	Proof of concept exploit that makes use of a denial of service vulnerability in Ground Control II: Operation Exodus versions 1.0.0.7 and below.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	groundControl1007.txt
File Size:	9647
Last Modified:	Aug 31 02:56:29 2004
MD5 Checksum:	a9f5b15d52ca8d7951bf47812a819cc8

/// File Name:	keeneTraversal102.txt
Description:	Keene Digital Media Server version 1.0.2 is susceptible to a directory traversal attack due to a lack of sufficient input validation.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
File Size:	1573
Last Modified:	Aug 31 02:02:28 2004
MD5 Checksum:	8a2171fc611f46b35b2c5ec61ae7895a

/// File Name:	gaucho140poc.cpp.txt
Description:	Exploit that simulates POP3 server which sends a specially crafted email to a vulnerable Gaucho email client, triggering an overflow and binding a shell on port 2001. Version 1.4 build 145 is susceptible.
Author:	Tan Chew Keong
Homepage:	http://www.security.org.sg/
Related File:	gaucho140.html
File Size:	13688
Last Modified:	Aug 27 00:23:57 2004
MD5 Checksum:	c4c57886b7699669cec7822a1aa61409

/// File Name:	winampExploit.txt
Description:	Exploit that was found in the wild by k-otik.com that makes use of the Winamp vulnerability where insufficient restrictions on Winamp skin zip files (.wsz) allow a malicious attacker to place and execute arbitrary programs on a victim's system.
Homepage:	http://www.k-otik.com/
File Size:	1490
Last Modified:	Aug 27 00:00:19 2004
MD5 Checksum:	fb35990d5bd2f87809064c4d26d7a472

/// File Name:	gmailSurf.txt
Description:	Poor variable sanitization in Google's GMail system allows users to surf anonymously.
Author:	Punabi MC
File Size:	818
Last Modified:	Aug 26 23:40:37 2004
MD5 Checksum:	bd4339b67925bd9102e5324c16010ecf

/// File Name:	networkEverywhere.txt
Description:	NetworkEverywhere router Model NR041 suffers a script injection over DHCP vulnerability. Full exploitation provided.
Author:	Mathieu Lacroix
File Size:	3330
Last Modified:	Aug 26 22:14:45 2004
MD5 Checksum:	4e30ea5cc16c13a7d52355734ec9e5a1

/// File Name:	painkex.zip
Description:	Test exploit for Painkiller versions 1.3.1 and below that makes use of a memory corruption flaw.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	painkiller131.txt
File Size:	11053
Last Modified:	Aug 26 21:25:27 2004
MD5 Checksum:	ae28b5004823fe6e14ce53b57a383cf1

/// File Name:	efswsdos.pl
Description:	GulfTech Security Exploit - Easy File Sharing webserver version 1.25 denial of service exploit that consumes 99% of the CPU.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
Related Exploit:	00045-08242004.txt"
File Size:	1247
Last Modified:	Aug 26 21:22:08 2004
MD5 Checksum:	8a93ae7bc840615e0e2cbde7b9c5b413

/// File Name:	00045-08242004.txt
Description:	GulfTech Security Advisory - Easy File Sharing webserver version 1.25 is susceptible to denial of service and unauthorized system access vulnerabilities.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
Related Exploit:	efswsdos.pl"
File Size:	1954
Last Modified:	Aug 26 21:20:48 2004
MD5 Checksum:	15b7fdb4a5b6ad2e27e5534508113c39

/// File Name:	webapp.traversal.txt
Description:	WebAPP is susceptible to a directory traversal attack and another flaw that allows an attacker the ability to retrieve the DES encrypted password hash of the administrator.
File Size:	2039
Last Modified:	Aug 26 21:14:47 2004
MD5 Checksum:	d6c340b9a08828edc0ca782e1187cade

/// File Name:	PST_chpasswd_exp-v_b.c
Description:	Squirrelmail chpasswd local root bruteforce exploit.
Author:	Bytes
Homepage:	http://www.ph4nt0m.net
File Size:	2579
Last Modified:	Aug 26 20:24:30 2004
MD5 Checksum:	0ba65553e32acb0b39e0e99b0cfc8e50

/// File Name:	gallery-php.txt
Description:	PHP based exploit for Gallery versions 1.4.4 and below that makes use of an arbitrary file upload flaw.
Author:	acidbits
File Size:	7122
Last Modified:	Aug 26 20:11:45 2004
MD5 Checksum:	05693fb275ee8e9d64e65892054a950b

/// File Name:	hafiye.txt
Description:	Hafiye 1.0 has a terminal escape sequence injection vulnerability that can result in a denial of service and remote root compromise. Exploit included.
Author:	Serkan Akpolat
Homepage:	http://deicide.siyahsapka.org
File Size:	4474
Last Modified:	Aug 24 10:29:43 2004
MD5 Checksum:	ba176c1917a8df85b3c7f22bfd54e958

/// File Name:	musicDaemon.txt
Description:	MusicDaemon versions 0.0.3 and below suffer from a remote denial of service and flaw where /etc/shadow can be extracted. Exploit included.
Author:	Tal0n
File Size:	5205
Last Modified:	Aug 24 10:22:26 2004
MD5 Checksum:	d6c7ee7b0ef2783d63261d968b4b0338

/// File Name:	axisFlaws.txt
Description:	Axis versions 2100, 2110, 2120, 2420, and 2130 Network Camera along with the 2400 and 2401 Video Servers are susceptible to passwd file retrieval vulnerabilities, unauthenticated admin user additions, and hardcoded login/password flaws.
Author:	bashis
File Size:	5432
Last Modified:	Aug 24 09:31:14 2004
MD5 Checksum:	3e83d84a0274030f1df56173ebf03200

/// File Name:	qt_bmpslap.c
Description:	Heap overflow exploit for the qt BMP parsing bug foundd in versions 3.3.2.
Author:	infamous42md
Related File:	CESA-2004-004.txt
File Size:	5509
Last Modified:	Aug 24 09:08:09 2004
MD5 Checksum:	5e8e6c1e1eec51f034ae2b8459d28bb4

/// File Name:	MyDMS.txt
Description:	MyDNS is susceptible to a SQL injection and directory traversal attack that allows for arbitrary file download. Version 1.4.2 fixes the SQL injection bug while the other bug is in all releases.
Author:	Joxean Koret
File Size:	1892
Last Modified:	Aug 24 08:54:18 2004
MD5 Checksum:	aec2e2241221fc1f8af47d957188900d

/// File Name:	00042-08202004.txt
Description:	GulfTech Security Advisory - BadBlue Webserver version 2.5 is susceptible to a denial of service attack when multiple connections are made to it from a single host. Exploit provided.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
File Size:	3967
Last Modified:	Aug 24 08:39:24 2004
MD5 Checksum:	6e4e79c4f7dc7d86b591731ad5519977

/// File Name:	xv_bmpslap.c
Description:	Local exploit for xv that makes use of the BMP parsing buffer overflow. Binds a shell to port 7000.
Author:	infamous42md
File Size:	3623
Last Modified:	Aug 21 00:18:46 2004
MD5 Checksum:	a68b2cc8dc45b9278a02169bd6afb026

/// File Name:	yapig-php.txt
Description:	PHP based exploit for YaPiG 0.x that allows for an attacker to create arbitrary files on a vulnerable server.
Author:	acidbits
File Size:	3904
Last Modified:	Aug 19 09:50:16 2004
MD5 Checksum:	3f8dea802eb03868e89ce6af0fd8bf18

/// File Name:	merak527.txt
Description:	Merak Webmail server version 5.2.7 has cross site scripting, full path disclosure, exposure of PHP files, and SQL injection vulnerabilities.
Homepage:	http://www.criolabs.net
File Size:	6690
Last Modified:	Aug 19 08:49:48 2004
MD5 Checksum:	d99db9f9afb9b41de3696570604d53af

/// File Name:	Imailpwdump.cpp
Description:	IpSwitch IMail Server versions 8.1 and below password decryption utility. This server uses the polyalphabetic Vegenere cipher to encrypt its user passwords. This encryption scheme is relatively easy to break.
Author:	Adik
File Size:	10140
Last Modified:	Aug 18 02:44:02 2004
MD5 Checksum:	354e62a6cba4b1329c0352f7595bb2dc