Section: .. / 0412-exploits /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 74

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	2bgalSQL.txt
Description:	2Bgal 2.5.1 is susceptible to a SQL injection vulnerability. Exploitation provided.
Author:	Romain Le Guen
Homepage:	http://coding.romainl.com
File Size:	1561
Last Modified:	Dec 31 20:26:09 2004
MD5 Checksum:	0612a1c5b2aca659adf176fcfd889d65

/// File Name:	AdobeMac.txt
Description:	Adobe Version Cue, which is setuid root on Mac OS X, allows for local compromise due to using an insecure PATH. Exploitation included.
Author:	Jonathan Bringhurst
File Size:	1751
Last Modified:	Dec 12 19:22:08 2004
MD5 Checksum:	1e3e129e1e8c48a48cbf75b23f9c38b1

/// File Name:	adv09-y3dips-2004.txt
Description:	paFileDB 3.1 has a couple vulnerabilities that allow for admin password hash retrieval and full path disclosure.
Author:	y3dips
Homepage:	http://y3dips.echo.or.id/
File Size:	4424
Last Modified:	Dec 12 19:30:26 2004
MD5 Checksum:	8f7a6d93c349ecfa1763b7da8de113bc

/// File Name:	angelDust.c
Description:	Snort 2.2.10 and below remote denial of service exploit that makes use of a flaw discovered by Marcin Zgorecki.
Author:	Antimatt3r
File Size:	2898
Last Modified:	Dec 31 20:50:49 2004
MD5 Checksum:	4bdcecd0e6e2dfbb74530258e04a2d4f

/// File Name:	ANI-DoS.txt
Description:	Simple html code that exploits the Microsoft Windows Kernel ANI file parsing denial of service vulnerability.
File Size:	139
Last Modified:	Jan 2 20:00:27 2005
MD5 Checksum:	75dcb2797164dd15d32e2e311ff56097

/// File Name:	aspSQL.txt
Description:	asp-rider is susceptible to a SQL injection attack.
File Size:	718
Last Modified:	Dec 30 08:55:49 2004
MD5 Checksum:	27a147d6819cff24a452c961326566f9

/// File Name:	bfcboom.zip
Description:	Denial of service exploit for Battlefield 1942 versions 1.6.19 and below and Battlefield Vietnam versions 1.2 and below.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	bfcboom.txt
File Size:	7110
Last Modified:	Dec 12 19:38:53 2004
MD5 Checksum:	0bae9b8ecfb01b57d09c8968c9989cdc

/// File Name:	blogtorrent.txt
Description:	Blogtorrent, a collection of PHP scripts written to be used in conjunction with bittorrent, fails to properly sanitize input on a variable allowing for directory traversal attacks.
Author:	Steve Kemp
File Size:	1542
Last Modified:	Dec 12 01:17:21 2004
MD5 Checksum:	57317fe60cdb03d48587d1d0639e98d6

/// File Name:	bruteforce.webmin.txt
Description:	Webmin remote bruteforce and command execution exploit.
Author:	Di42lo
File Size:	3492
Last Modified:	Dec 31 21:50:56 2004
MD5 Checksum:	c5fab111968a480a8eab88750e4deecf

/// File Name:	citadel_fsexp.c
Description:	Remote root exploit for Citadel/UX versions 6.27 and below that makes use of a format string vulnerability. Tested against Slackware 10.0.
Author:	CoKi
Homepage:	http://www.nosystem.com.ar
Related File:	nsg-advisory-09.txt
File Size:	9135
Last Modified:	Dec 12 20:57:44 2004
MD5 Checksum:	90c58521cf1c000af9e84004d8bb79b4

/// File Name:	CMDExe.txt
Description:	Internet Explorer remote command execution exploit that is a variant of the Auto SP2 RC exploit.
File Size:	1708
Last Modified:	Jan 2 20:04:22 2005
MD5 Checksum:	5c2251efedbcbdd1b6e5732e0a09cfcf

/// File Name:	crystalPoC.c
Description:	Crystal FTP Pro version 2.8 proof of concept exploit that makes use of a flaw in the LIST command.
Author:	cybertronic
Related File:	crystalftp.txt
File Size:	16647
Last Modified:	Dec 31 21:56:35 2004
MD5 Checksum:	384ea878b20d258c64dacd1a2c438f5d

/// File Name:	cscopesym.c
Description:	Local symlink exploit for cscope versions 15.5 and below.
Author:	Gangstuck / Psirac
Related File:	SSA-20041122-09.txt
File Size:	1066
Last Modified:	Dec 30 10:16:02 2004
MD5 Checksum:	b97606525a055bb667b0f5116855a42a

/// File Name:	cuteftpexpl.c
Description:	CuteFTP Professional version 6.0 local denial of service exploit that makes use of a flaw in the client.
Author:	priestmaster
Homepage:	http://www.priestmaster.org
Related File:	cuteftp60.txt
File Size:	4535
Last Modified:	Dec 31 19:58:32 2004
MD5 Checksum:	0b67c5da6899c42ae95b2fb1f3707b6a

/// File Name:	DilAurDimag-Advisory-07-20-12-2004...>
Description:	ChangePassword, YP/Samba/Squid password-changing tool has a local vulnerability which allows attackers to seize control of the computer. Exploit information included.
Author:	Anand Khare
File Size:	1985
Last Modified:	Dec 20 22:44:13 2004
MD5 Checksum:	98bbf911eb59661e2c14ecbc2369c6b1

/// File Name:	e107.pl.txt
Description:	e107 remote exploit that makes use of an unsanitized include().
Author:	sysbug
File Size:	5505
Last Modified:	Dec 31 20:53:57 2004
MD5 Checksum:	85b58f0938dbca16f27c00f26bbca6eb

/// File Name:	eboard40.txt
Description:	e_Board version 4.0 is susceptible to a directory traversal attack.
Author:	White_E
Homepage:	http://nogimmick.org/
File Size:	875
Last Modified:	Dec 31 19:27:25 2004
MD5 Checksum:	5287f4e4751603f171090e2ceac7eaea

/// File Name:	ex_MERCURY2.c
Description:	Universal remote exploit for the buffer overflow vulnerability in Mercury Mail 4.01 (Pegasus) IMAP server. Second version loaded with 14 types of attacks.
Author:	John H.
Homepage:	http://www.secnetops.com
File Size:	7762
Last Modified:	Dec 12 01:05:33 2004
MD5 Checksum:	9aafca56ed08e82a2d67bf3fdd5546a5

/// File Name:	exploitphpbb.zip
Description:	Perl script exploit extracted from the phpBB worm. This code attempts to deface htmls found on a target machine and attempts to use google to find more machines to attack.
File Size:	8704
Last Modified:	Dec 31 10:56:02 2004
MD5 Checksum:	0bebd43e2dea960bfe8e66831ea79d75

/// File Name:	firstclass.txt
Description:	OpenText FirstClass version 8.0 httpd /Search remote denial of service exploit that makes use of large requests.
Homepage:	http://milw0rm.com/
File Size:	6607
Last Modified:	Dec 30 08:53:19 2004
MD5 Checksum:	4454a8916856db202a09da2b6e930c89

/// File Name:	ftpd-iexpl.c
Description:	Proof of concept exploit for Internet Explorer version 6.0.3790.0 that demonstrates an FTP download path disclosure flaw.
Author:	Albert Puigsech Galicia
Related File:	7a69-17.txt
File Size:	3350
Last Modified:	Jan 2 21:25:38 2005
MD5 Checksum:	c396765c5b95db527753b59b0cb4cfcb

/// File Name:	hijack_apache-0.1a.tar.gz
Description:	A year after the flaw's discovery, this tool has been released to hijack HTTP connections under Apache and Apache2 with mod_php.
Author:	EmirAga
Homepage:	http://projects.emiraga.com/
File Size:	244758
Last Modified:	Dec 31 20:05:30 2004
MD5 Checksum:	8ee6c5e434322cab0a08624aa930a887

/// File Name:	HOD-ms04031-netdde-expl.c
Description:	Remote proof of concept exploit for the NetDDE buffer overflow vulnerability as described in MS04-031. Tested on: Windows XP Professional SP0, Windows XP Professional SP1, Windows 2000 Professional SP2, Windows 2000 Professional SP3, Windows 2000 Professional SP4, Windows 2000 Advanced Server SP4.
Author:	houseofdabus
File Size:	19637
Last Modified:	Jan 2 21:35:26 2005
MD5 Checksum:	d8d4090c728f4295d8bb51908e941671

/// File Name:	hostingControl.txt
Description:	Hosting Controller web automation tools suffer from a lack of input validation, allowing any remote attacker the ability to browse the hard drive. Versions 6.1 and below are susceptible.
Author:	Mouse, s7az2mm, bl2k
Homepage:	http://Shabgard.org
File Size:	1692
Last Modified:	Dec 12 18:49:21 2004
MD5 Checksum:	34dcdac2baef555dde93ba23d19edc65

/// File Name:	ibod_bof.c
Description:	IBOD 1.5.0 and below local proof of concept buffer overflow exploit.
Author:	CoKi
Homepage:	http://www.nosystem.com.ar
File Size:	1696
Last Modified:	Dec 31 19:24:27 2004
MD5 Checksum:	fbd27c4895e287d344b946fd54d9ae56