Section: .. / 0409-exploits /

Page 2 of 3
<< 1 2 3 >> Files 25 - 50 of 56

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	advisory-05-glFTPd.txt
Description:	The dupescan binary from glFTPd versions 2.00RC3 and below suffers from a stack overflow that can be exploited locally. Full exploit included.
Author:	CoKi
Homepage:	http://www.nosystem.com.ar
File Size:	4328
Last Modified:	Sep 21 10:09:39 2004
MD5 Checksum:	373e7c82d4e8791105b347c2dc1e2f45

/// File Name:	mdaemon_imap.c
Description:	Remote proof of concept exploit for MDaemon IMAP server version 6.5.1 that makes use of an overflow in the LIST command.
Author:	D_BuG
File Size:	4183
Last Modified:	Sep 30 09:30:27 2004
MD5 Checksum:	70e53f1694ce2dc74788bb19d73ba65e

/// File Name:	adv06-y3dips-2004.txt
Description:	1n BBS E-Market Professional is susceptible to remote command execution vulnerabilities via remote file inclusion and also has a full path disclosure flaw.
Author:	y3dips
Homepage:	http://y3dips.echo.or.id/
File Size:	4104
Last Modified:	Sep 10 20:51:18 2004
MD5 Checksum:	e03ea9d6a54e8faeae3be555ce7dc52e

/// File Name:	torrent_exp.php.txt
Description:	Proof of concept PHP exploit that makes use of a SQL injection vulnerability in TorrentTrader version 1.0 RC2.
Author:	acidbits
File Size:	3813
Last Modified:	Sep 9 06:26:19 2004
MD5 Checksum:	ffaccf612344c9607315a6a6e4a820ed

/// File Name:	lovethisgame.html
Description:	A file inclusion vulnerability exists in PerlDesk 1.x due to insufficient input validation.
Author:	Nikyt0x
Homepage:	http://nikyt0x.webcindario.com/
File Size:	3702
Last Modified:	Sep 17 09:03:55 2004
MD5 Checksum:	b1e71646dba001852482ea03fa889848

/// File Name:	sudoedit.txt
Description:	Local exploit for sudo version 1.6.8p1 that makes use of a flaw in sudoedit.
Author:	Angelo Rosiello
Homepage:	http://www.rosiello.org/
Related File:	sudo168.txt
File Size:	3473
Last Modified:	Sep 21 09:57:03 2004
MD5 Checksum:	fdc1b829ba7147a4d81881f9024a77e2

/// File Name:	x_hpux_11i_nls_ping.c
Description:	Local format string exploit for /usr/sbin/ping under HP-UX.
Author:	watercloud
Homepage:	http://www.xfocus.org
File Size:	3350
Last Modified:	Sep 29 08:10:19 2004
MD5 Checksum:	7e1d1355b210a0d35793c8ab4027be3e

/// File Name:	x_hpux_11i_nls_cu.c
Description:	Local format string exploit for /usr/bin/cu under HP-UX.
Author:	watercloud
Homepage:	http://www.xfocus.org
File Size:	3336
Last Modified:	Sep 29 08:09:21 2004
MD5 Checksum:	b748cf28bffa5f4f981fde36ce42112c

/// File Name:	mambo45.jose.txt
Description:	Mambo versions 4.5 and below are susceptible to cross site scripting and remote command execution flaws.
Author:	Joxean Koret
File Size:	3296
Last Modified:	Sep 21 11:04:56 2004
MD5 Checksum:	28348285c00be6936bce480a3500a65c

/// File Name:	mdaemon_rcpt.c
Description:	Remote denial of service proof of concept exploit that makes use of a buffer overflow in Mdaemon SMTP server version 6.5.1.
Author:	D_BuG
File Size:	3121
Last Modified:	Sep 30 09:31:36 2004
MD5 Checksum:	c739d6439f26297b8ad85526974ad8ab

/// File Name:	00047-08302004.txt
Description:	Xedus version 1.0 is susceptible to denial of service, cross site scripting, and directory traversal vulnerabilities.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
File Size:	3083
Last Modified:	Sep 2 09:19:42 2004
MD5 Checksum:	567d28a9c99e91567a36cf57d7e8b74a

/// File Name:	EmuliveVuln.txt
Description:	Emulive Server4 Commerce Edition Build 7560 suffers from a denial of service vulnerability and allows for unauthorized administrative access due to insufficient input verification.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
File Size:	3007
Last Modified:	Sep 22 00:54:52 2004
MD5 Checksum:	473a1647cd41c7d4d3c4eb2f29e8aa3d

/// File Name:	bbsEMarket.txt
Description:	BBS E-Market Professional suffers from path disclosure, file download, file disclosure, user authentication bypass, and php source injection vulnerabilities. BBS E-Market patch level bf_130, version 1.3.0, and below is affected.
Author:	Jeong Jin-Seok
Related Exploit:	adv06-y3dips-2004.txt"
File Size:	2984
Last Modified:	Sep 15 22:20:40 2004
MD5 Checksum:	133a5b60174c02fa4e4fd6daf7653f09

/// File Name:	qnx-pppoed-multiple-flaws.txt
Description:	rfdslabs security advisory - QNX PPPoEd is susceptible to multiple local root vulnerabilities. QNX RTP 6.1 is affected.
Author:	Julio Cesar Fort
File Size:	2540
Last Modified:	Sep 9 08:17:53 2004
MD5 Checksum:	b4d755ce675fdcc25488f06f4aacdd6a

/// File Name:	aspWebCalendar.txt
Description:	Both aspWebCalendar and aspWebAlbum are susceptible to SQL injection attacks.
Author:	cybercide
File Size:	2514
Last Modified:	Sep 29 09:30:18 2004
MD5 Checksum:	07b2490102b9e85da521cac1613b0434

/// File Name:	rsynxOSX.txt
Description:	RsyncX version 2.1, the frontend for rsync on OS X, fails to drop a group id of wheel and allows for arbitrary program execution.
Author:	Matt Johnston
File Size:	2503
Last Modified:	Sep 21 05:24:26 2004
MD5 Checksum:	aeee8859225c9e39d64b96750688797a

/// File Name:	phpSQLnuke.pl
Description:	Perl exploit that makes use of a flaw in PHP-Nuke 7.4 where an attacker can post to global home-page messages.
Author:	bima tampan
Related File:	codelabs-04.txt
File Size:	2407
Last Modified:	Sep 10 07:16:54 2004
MD5 Checksum:	d3153083e777412eb3cfd2fd6b46eb4a

/// File Name:	MailWorks.txt
Description:	MailWorks Pro has a rather trivial session check that is easily bypassed within a cookie. The exploit allows an attacker to have full control over the administration section, without the need to authenticate and allowing the attacker to spoof the admin user functions.
Author:	Paul Craig
File Size:	2328
Last Modified:	Sep 9 06:16:30 2004
MD5 Checksum:	55988d7a3dd349776846061e35aca3f2

/// File Name:	passprotect.txt
Description:	Password Protect is susceptible to cross site scripting and SQL injection attacks.
Homepage:	http://www.criolabs.net/
File Size:	2203
Last Modified:	Sep 2 09:32:42 2004
MD5 Checksum:	cf223bc0c91dd2c36814dea0b38eb5b4

/// File Name:	getinternet.txt
Description:	getInternet is susceptible to multiple SQL injection attacks and remote command execution. Full exploitation details provided.
Homepage:	http://www.criolabs.net
File Size:	2078
Last Modified:	Sep 14 23:04:46 2004
MD5 Checksum:	a4193072d03ff26e8d4c85fde0fc6ce2

/// File Name:	subjects2.txt
Description:	The PostNuke Subjects module 2.x is vulnerable to multiple SQL injection attacks. Detailed exploitation provided.
Homepage:	http://www.criolabs.net
File Size:	1955
Last Modified:	Sep 10 21:16:10 2004
MD5 Checksum:	0c969699cb503a22d429b43ec459d072

/// File Name:	myServer07.txt
Description:	myServer version 0.7 is susceptible to a simple directory traversal attack.
Author:	Arnaud Jacques aka scrap
Homepage:	http://www.securiteinfo.com
File Size:	1549
Last Modified:	Sep 15 23:41:40 2004
MD5 Checksum:	42adf5a604114f09300054c638a14269

/// File Name:	cdrdao.sh
Description:	Local root exploit for an old flaw in cdrdao.
File Size:	1539
Last Modified:	Sep 9 10:19:48 2004
MD5 Checksum:	f80b8adc52886012cdc4bfaced9de4be

/// File Name:	x_hpux_11_swinstall.c
Description:	Local root exploit that makes use of a buffer overflow in the Software Distributor utilities for HP-UX.
Author:	watercloud
Homepage:	http://www.xfocus.org
File Size:	1515
Last Modified:	Sep 29 08:12:14 2004
MD5 Checksum:	bf7861c01af82d7529cd185de3d067c3

/// File Name:	dynalink.Backdoor.txt
Description:	Dynalink RTA 230 ADSL router has a hardcoded backdoor account with root privileges.
Author:	fabio
File Size:	1118
Last Modified:	Sep 9 08:19:16 2004
MD5 Checksum:	424a644cf4136a9f72e7291fe02fa681