Section:  .. / 0410-exploits  /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 60
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: 0410-exploits.tgz
Packet Storm new exploits for October, 2004.
File Size:222413
Last Modified:Nov 1 04:12:19 2004
MD5 Checksum:3d6a17b42623dc477c45511f79f812b3

 ///  File Name: 101_shixx.cpp
Remote buffer overflow exploit for ShixxNote, which, according to the producers site, is "a personal organizer, desktop sticky notes (post-it) program, instant messaging application (LAN messanger) and a communications tool used across a local network (Intranet), Internet and via email. Perfect and ideal tool for your LAN or office communication." The exploit works against Win2k only, it will crash other platforms.
File Size:8087
Last Modified:Oct 23 17:16:00 2004
MD5 Checksum:bfc9fbad540e7cb9c5659b33bb662ecb

 ///  File Name: 101_ypops.cpp
YahooPOPS version 1.6 and prior SMTP port buffer overflow exploit version 0.1. Binds a shell to port 101.
Author:class101, Behrang Fouladi
File Size:5809
Last Modified:Oct 13 10:09:57 2004
MD5 Checksum:0d5056eaf4d9cdc2944e37a93bdd4e78

 ///  File Name: 85mod_include.c
Proof of concept exploit for the mod_include module in Apache 1.3.31 that is susceptible to a buffer overflow.
Author:Crazy Einstein
Related File:85mod_include.adv.txt
File Size:9024
Last Modified:Oct 26 05:59:01 2004
MD5 Checksum:3ab93c025f8b53e9adf2dbae1daf55c4

 ///  File Name: ability-ftpd-exploit.tar.bz2
Remote root exploit for the STOR buffer overflow vulnerability in Code-Crafters Ability FTPd version 2.34. The EIP address only works on Windows 2000 SP4. Two shellcodes are included. One binds a shell and another streams a file and executes.
Author:David Jungerson
Related Exploit:ability.c"
File Size:3595
Last Modified:Oct 30 00:41:37 2004
MD5 Checksum:fcd37a5c404065719a1feb126f7c5db3

 ///  File Name: ability.c
Ability FTP server 2.34 FTP STOR buffer overflow remote exploit that spawns a shell on port 4444 upon successful exploitation.
File Size:3682
Last Modified:Oct 27 05:40:11 2004
MD5 Checksum:cfbe27ffe3b1f3ea7ae63d764fa5d895

 ///  File Name:
Remote denial of service exploit for Alpha Black Zero: Intrepid Protocol versions 1.04 and below, which suffer from a denial of service flaw where the server does not limit how many clients can attempt to connect.
Author:Luigi Auriemma
Related File:alphaBlack104.txt
File Size:7719
Last Modified:Oct 7 05:38:37 2004
MD5 Checksum:20969c670e1ce185521d2b593ac46f65

 ///  File Name: adv07-y3dips-2004.txt
AJ-Fork version 1.67 is susceptible to path disclosure, directory listing, backup directory access, and other flaws that allow access to database files. Exploitation provided.
File Size:7165
Last Modified:Oct 7 07:23:43 2004
MD5 Checksum:1ab0bf1b031e247ea53908f257740974

 ///  File Name: advisory-07-nsg.txt
Proof of concept exploit for Socat versions and below that makes use of a format string vulnerability.
File Size:6043
Last Modified:Oct 27 04:08:22 2004
MD5 Checksum:8bb021b27d4f31ff6c9ba00a89a73505

 ///  File Name: alexPHP.txt
The Alex PHP Guestbook suffers from a remote file inclusion vulnerability due to a lack of proper sanitization in it's chem_absolu variable.
Author:Nourredine Himeur aka LostNoobs
File Size:784
Last Modified:Oct 1 17:15:02 2004
MD5 Checksum:50681ffb30663115d47d0831fcee8800

 ///  File Name:
Remote proof of concept exploit for Privateer's Bounty: Age of Sail II versions 1.04.151 and below that makes use of a buffer overflow.
Author:Luigi Auriemma
Related File:privateer104141.txt
File Size:7793
Last Modified:Oct 27 04:36:24 2004
MD5 Checksum:86aaf022caa2185ad119f2c4e5e1d1f3

 ///  File Name: blackboard.txt
BlackBoard version 1.5.1 is susceptible to full path disclosure and remote executable code inclusion.
File Size:1532
Last Modified:Oct 13 06:38:50 2004
MD5 Checksum:65e781fc819bc6cf64300ef109e3b604

 ///  File Name:
This is a simple local exploit for FreeBSD/OpenBSD with bmon < 1.2.1_2 installed. It depends on the fact that bmon doesn't use an absolute path to commands that it calls. This particular exploit uses 'netstat'.
Author:Idan Nahoum
File Size:1272
Last Modified:Oct 16 20:53:00 2004
MD5 Checksum:24051a401b01dcceae1c193312a62e4a

 ///  File Name: cabarc.txt
Microsoft cabarc suffers from a directory traversal attack.
File Size:371
Last Modified:Oct 13 10:42:09 2004
MD5 Checksum:20a56be84b1b67938e5b260c392522ac

 ///  File Name: carboncopy.txt
Altiris Carbon Copy Version 6.0.5257 allows for a user to browse to cmd.exe and spawn a shell as SYSTEM.
File Size:1809
Last Modified:Oct 27 05:26:46 2004
MD5 Checksum:1dbe8495ef844e3797ff6c95465c3dba

 ///  File Name:
Remote denial of service exploit that makes use of a memory allocation flaw in Chatman versions 1.5.1 RC1 and below.
Author:Luigi Auriemma
Related File:chatman151.txt
File Size:8533
Last Modified:Oct 1 16:58:27 2004
MD5 Checksum:8c96d31c3538cedc5a2eb018eb7fd74c

 ///  File Name: chmremote.txt
Full write up and exploitation walk-thru for the Microsoft Internet Explorer ms-its scheme/CHM remote code execution vulnerability.
Author:Michael Evanchik
File Size:7194
Last Modified:Oct 27 06:26:53 2004
MD5 Checksum:5ca0c04c559068e1c0db0165b0b03be1

 ///  File Name: cht-security.txt
CoolPHP 1.0-stable is susceptible to cross site scripting, path disclosure, and directory traversal attacks.
File Size:2362
Last Modified:Oct 26 04:55:05 2004
MD5 Checksum:ac658b34e75b8705189dd21e78417e1e

 ///  File Name: coldfusionmx61.txt
There is a vulnerability in ColdFusion MX 6.1 when a user can create a cold fusion template on a ColdFusion server with CreateObject or cfobject tags enabled.
Author:Eric Lackey
File Size:2826
Last Modified:Oct 7 06:44:53 2004
MD5 Checksum:1e8c513ba7c2a4621b1aa7faaa220e0d

 ///  File Name: dc_ifenslave.c
Local root exploit for /sbin/ifenslave.
Author:Diabolic Crab
File Size:1156
Last Modified:Oct 26 05:35:29 2004
MD5 Checksum:7e68f47a92a772438255870a518529e6

 ///  File Name: dc_iwconfig.c
Local root exploit for /usr/sbin/iwconfig.
Author:Diabolic Crab
File Size:3262
Last Modified:Oct 26 05:36:10 2004
MD5 Checksum:555d29db0258393ea5dec03437dadbac

 ///  File Name:
Remote proof of concept exploit that demonstrates a denial of service attack against Flash Messaging versions 5.2.0g and below.
Author:Luigi Auriemma
Related File:flash520g.txt
File Size:10009
Last Modified:Oct 13 08:50:10 2004
MD5 Checksum:c2afd2aa414330b3e82bae1e1872fc0a

 ///  File Name: gd-graphics.c
There is an integer overflow when allocating memory in the routine that handles loading PNG image files with the GD graphics library versions 2.0.28 and below. This later leads to heap data structures being overwritten. If an attacker tricked a user into loading a malicious PNG image, they could leverage this into executing arbitrary code in the context of the user opening image. Exploit to create a working PNG for this enclosed.
File Size:7674
Last Modified:Oct 27 07:23:44 2004
MD5 Checksum:a9ef50ba7e6bf0c378184aaf0ff1ca30

 ///  File Name: gosmart.txt
Multiple vulnerabilities were found in the GoSmart Message Board. A remote user can conduct SQL injection and cross site scripting attacks. Exploitation examples provided.
Author:Positive Technologies
File Size:2097
Last Modified:Oct 13 09:52:09 2004
MD5 Checksum:4e91f441bdeec979428455ee684755e9

 ///  File Name: HOD-ms04032-emf-expl2.c
Exploit that creates crafted metadata files to exploit IE6.0 display of such, as well as Explorer.exe's display of thumbnails of such. Created by houseofdabus. Exploit will connect back to set host/port.
Author:houseofdabus HOD
File Size:9057
Related OSVDB(s):10692
Related CVE(s):CAN-2004-0209
Last Modified:Oct 19 23:31:00 2004
MD5 Checksum:c21900c641c0ce9dfd32a3e3341273c7