Section: .. / 0409-exploits /

Page 2 of 3
<< 1 2 3 >> Files 25 - 50 of 56

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	lovethisgame.html
Description:	A file inclusion vulnerability exists in PerlDesk 1.x due to insufficient input validation.
Author:	Nikyt0x
Homepage:	http://nikyt0x.webcindario.com/
File Size:	3702
Last Modified:	Sep 17 09:03:55 2004
MD5 Checksum:	b1e71646dba001852482ea03fa889848

/// File Name:	MailWorks.txt
Description:	MailWorks Pro has a rather trivial session check that is easily bypassed within a cookie. The exploit allows an attacker to have full control over the administration section, without the need to authenticate and allowing the attacker to spoof the admin user functions.
Author:	Paul Craig
File Size:	2328
Last Modified:	Sep 9 06:16:30 2004
MD5 Checksum:	55988d7a3dd349776846061e35aca3f2

/// File Name:	mambo45.jose.txt
Description:	Mambo versions 4.5 and below are susceptible to cross site scripting and remote command execution flaws.
Author:	Joxean Koret
File Size:	3296
Last Modified:	Sep 21 11:04:56 2004
MD5 Checksum:	28348285c00be6936bce480a3500a65c

/// File Name:	mambo451.txt
Description:	Mambo versions 4.5.1 and below are susceptible to a SQL injection vulnerability.
Author:	khoai
Homepage:	http://www.xfrog.org
File Size:	1035
Last Modified:	Sep 21 09:43:39 2004
MD5 Checksum:	283ff13906e0284c2fd5d25332a7eca4

/// File Name:	mdaemon_imap.c
Description:	Remote proof of concept exploit for MDaemon IMAP server version 6.5.1 that makes use of an overflow in the LIST command.
Author:	D_BuG
File Size:	4183
Last Modified:	Sep 30 09:30:27 2004
MD5 Checksum:	70e53f1694ce2dc74788bb19d73ba65e

/// File Name:	mdaemon_rcpt.c
Description:	Remote denial of service proof of concept exploit that makes use of a buffer overflow in Mdaemon SMTP server version 6.5.1.
Author:	D_BuG
File Size:	3121
Last Modified:	Sep 30 09:31:36 2004
MD5 Checksum:	c739d6439f26297b8ad85526974ad8ab

/// File Name:	ms04-028-cmd.c
Description:	Microsoft Windows proof of concept JPEG GDI+ overflow shellcoded exploit that launches a local cmd.exe.
Author:	FoToZ
File Size:	7471
Related CVE(s):	CAN-2004-0200
Last Modified:	Sep 29 07:18:59 2004
MD5 Checksum:	fbed06712fd1e70c91a66c5074f84768

/// File Name:	ms04-028.sh
Description:	Proof of concept local exploit that creates a jpeg image to test for the buffer overrun vulnerability discovered under Microsoft Windows. Shellcode and valid addresses have been removed.
Author:	perplexy
Related File:	ms04-028.html
File Size:	4464
Last Modified:	Sep 22 00:34:10 2004
MD5 Checksum:	78666a3a509861cea8ca1d0780d0d134

/// File Name:	myServer07.txt
Description:	myServer version 0.7 is susceptible to a simple directory traversal attack.
Author:	Arnaud Jacques aka scrap
Homepage:	http://www.securiteinfo.com
File Size:	1549
Last Modified:	Sep 15 23:41:40 2004
MD5 Checksum:	42adf5a604114f09300054c638a14269

/// File Name:	neb-private.c
Description:	Private version of the remote exploit for Citadel/UX versions 6.23 and below that makes use of the USER directive overflow. Support for Red Hat 7.1, 7.2, 7.3, SuSE 8.0, Debian, Slackware 8.0, 9.0.0, 9.1.0.
Author:	nebunu
File Size:	4635
Last Modified:	Sep 9 09:30:59 2004
MD5 Checksum:	2f55e2a170df94483898721fbaaa2a69

/// File Name:	passprotect.txt
Description:	Password Protect is susceptible to cross site scripting and SQL injection attacks.
Homepage:	http://www.criolabs.net/
File Size:	2203
Last Modified:	Sep 2 09:32:42 2004
MD5 Checksum:	cf223bc0c91dd2c36814dea0b38eb5b4

/// File Name:	phpSQLnuke.pl
Description:	Perl exploit that makes use of a flaw in PHP-Nuke 7.4 where an attacker can post to global home-page messages.
Author:	bima tampan
Related File:	codelabs-04.txt
File Size:	2407
Last Modified:	Sep 10 07:16:54 2004
MD5 Checksum:	d3153083e777412eb3cfd2fd6b46eb4a

/// File Name:	pigeonx.zip
Description:	Remote denial of service exploit for Pigeon versions 3.02.0143 and below.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	pigeon302.txt
File Size:	6372
Last Modified:	Sep 21 02:22:24 2004
MD5 Checksum:	c3f7120052e9f64d8c48787b8d6bbbb7

/// File Name:	popmsgboom.zip
Description:	Denial of service exploit for PopMessenger versions 1.60 that makes use of a flaw when handling dialog boxes in relation to illegal characters.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org/
Related File:	popMessenger.txt
File Size:	7025
Last Modified:	Sep 29 05:57:36 2004
MD5 Checksum:	fa8e6ccb5da245d2006d941cb65672f3

/// File Name:	qnx-pppoed-multiple-flaws.txt
Description:	rfdslabs security advisory - QNX PPPoEd is susceptible to multiple local root vulnerabilities. QNX RTP 6.1 is affected.
Author:	Julio Cesar Fort
File Size:	2540
Last Modified:	Sep 9 08:17:53 2004
MD5 Checksum:	b4d755ce675fdcc25488f06f4aacdd6a

/// File Name:	readcd_exp.sh
Description:	Local root exploit for readcd that comes setuid default on some Linux distributions.
Author:	newbug
Homepage:	http://www.chroot.org/
Related Exploit:	cdr_exp.sh"
File Size:	707
Related CVE(s):	CAN-2004-0806
Last Modified:	Sep 13 23:06:57 2004
MD5 Checksum:	b910357957ab5b4ae3b38b1cb1d41633

/// File Name:	regulus.htm
Description:	Various vulnerabilities exist in Regulus 2.x that allow for an attacker to gain access to sensitive information and to bypass certain security restrictions.
Author:	masud_libra
File Size:	23922
Last Modified:	Sep 14 23:07:53 2004
MD5 Checksum:	a1c677c4c39a8a5a097c8909a1a39863

/// File Name:	rsynxOSX.txt
Description:	RsyncX version 2.1, the frontend for rsync on OS X, fails to drop a group id of wheel and allows for arbitrary program execution.
Author:	Matt Johnston
File Size:	2503
Last Modified:	Sep 21 05:24:26 2004
MD5 Checksum:	aeee8859225c9e39d64b96750688797a

/// File Name:	sharexploit.c
Description:	GNU sharutils versions 4.2.1 and below local format string vulnerability proof of concept exploit.
Author:	n4rk0tix
File Size:	9144
Last Modified:	Sep 29 06:11:25 2004
MD5 Checksum:	9ecf1cbfab55330974d86f8b8bb291ea

/// File Name:	sitenewsAuth.txt
Description:	A vulnerability in Site News 1.1 allows anyone to add or edit messages without having to authenticate as an administrator.
Homepage:	http://securitytracker.com/id?1011159
File Size:	897
Last Modified:	Sep 9 10:22:53 2004
MD5 Checksum:	243bc90aaf6a5c62ee4e1e6e98048646

/// File Name:	sm00ny-courier_imap_fsx.c
Description:	courier-imap 3.0.2-r1 and below remote format string vulnerability exploit. Tested on FreeBSD 4.10-RELEASE with courier-imap-3.0.2.
Author:	ktha
Related File:	08.18.04.txt
File Size:	10720
Related CVE(s):	CAN-2004-0777
Last Modified:	Sep 13 23:19:56 2004
MD5 Checksum:	2be4977b3a40a417cf34df9469212028

/// File Name:	subjects2.txt
Description:	The PostNuke Subjects module 2.x is vulnerable to multiple SQL injection attacks. Detailed exploitation provided.
Homepage:	http://www.criolabs.net
File Size:	1955
Last Modified:	Sep 10 21:16:10 2004
MD5 Checksum:	0c969699cb503a22d429b43ec459d072

/// File Name:	sudoedit.txt
Description:	Local exploit for sudo version 1.6.8p1 that makes use of a flaw in sudoedit.
Author:	Angelo Rosiello
Homepage:	http://www.rosiello.org/
Related File:	sudo168.txt
File Size:	3473
Last Modified:	Sep 21 09:57:03 2004
MD5 Checksum:	fdc1b829ba7147a4d81881f9024a77e2

/// File Name:	titanftp.c
Description:	Exploit that makes use of the heap overflow in Titan FTP server versions 3.21 and below.
Author:	lion
Homepage:	http://www.cnhonker.com/
Related File:	TitanFTPheap.txt
File Size:	5636
Last Modified:	Sep 2 08:58:44 2004
MD5 Checksum:	c6fe80918c327af4a9357f173c94bd9c

/// File Name:	torrent_exp.php.txt
Description:	Proof of concept PHP exploit that makes use of a SQL injection vulnerability in TorrentTrader version 1.0 RC2.
Author:	acidbits
File Size:	3813
Last Modified:	Sep 9 06:26:19 2004
MD5 Checksum:	ffaccf612344c9607315a6a6e4a820ed