Section:  .. / 0412-exploits  /

Page 3 of 3
<< 1 2 3 >> Files 50 - 74 of 74
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: raptor_ldpreload.c
Description:
Local root exploit for a stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 that allows local users to gain root privileges via a long LD_PRELOAD environment variable.
Author:Marco Ivaldi
Homepage:http://www.0xdeadbeef.info/
File Size:8202
Related CVE(s):CAN-2003-0609
Last Modified:Dec 31 21:31:47 2004
MD5 Checksum:2bec716e5744a67019345db15bc0bc0d

 ///  File Name: raptor_libdthelp.c
Description:
Local root exploit for a buffer overflow in CDE libDtHelp library that allows local users to execute arbitrary code via a modified DTHELPUSERSEARCHPATH environment variable and the Help feature. Works against Solaris/SPARC 7/8/9.
Author:Marco Ivaldi
Homepage:http://www.0xdeadbeef.info
File Size:5275
Related CVE(s):CAN-2003-0834
Last Modified:Dec 31 21:34:25 2004
MD5 Checksum:f20ed4f52c6e15b57ab4429efee295fd

 ///  File Name: raptor_libdthelp2.c
Description:
Local root exploit for a buffer overflow in CDE libDtHelp library that allows local users to execute arbitrary code via a modified DTHELPUSERSEARCHPATH environment variable and the Help feature. Works against Solaris/SPARC 7/8/9. This is the ret-into-ld.so version of raptor_libdthelp.c, able to bypass the non-executable stack protection (noexec_user_stack=1 in /etc/system).
Author:Marco Ivaldi
Homepage:http://www.0xdeadbeef.info
File Size:9254
Related CVE(s):CAN-2003-0834
Last Modified:Dec 31 21:35:42 2004
MD5 Checksum:be55e3c1fd954ee10f92a9a1376a141e

 ///  File Name: raptor_passwd.c
Description:
Local root exploit for a vulnerability in the passwd circ() function under Solaris/SPARC 8/9. This exploit uses the ret-into-ld.so technique, to effectively bypass the non-executable stack protection (noexec_user_stack=1 in /etc/system).
Author:Marco Ivaldi
Homepage:http://www.0xdeadbeef.info
File Size:13960
Related CVE(s):CAN-2004-0360
Last Modified:Dec 31 21:38:36 2004
MD5 Checksum:9d4de237075ceb5ffa390f845ff73748

 ///  File Name: raptor_rlogin.c
Description:
Remote root exploit for rlogin on Solaris/SPARC 2.5.1/2.6/7/8. This remote root exploit uses the (old) System V based /bin/login vulnerability via the rlogin attack vector, returning into the .bss section to effectively bypass the non-executable stack protection (noexec_user_stack=1 in /etc/system).
Author:Marco Ivaldi
Homepage:http://www.0xdeadbeef.info/
File Size:12532
Related CVE(s):CVE-2001-0797
Last Modified:Dec 31 21:40:48 2004
MD5 Checksum:e6308246578fe5d9eb5dcd19eee0b260

 ///  File Name: raptor_udf.c
Description:
Local root exploit that makes use of the dynamic library for do_system() in MySQL UDF. Tested on MySQL 4.0.17.
Author:Marco Ivaldi
Homepage:http://www.0xdeadbeef.info/
File Size:2470
Last Modified:Dec 31 21:43:34 2004
MD5 Checksum:3793c024d44ae4873abb9da8a046b264

 ///  File Name: rpcl_icmpdos.c
Description:
RICOH Aficio 450/455 PCL 5e printer ICMP remote denial of service exploit.
Author:Kyong Joo
Related File:ricohICMP.txt
File Size:2401
Last Modified:Dec 30 09:34:48 2004
MD5 Checksum:bb7c27ed425ed8d8e49d8d016310e055

 ///  File Name: secunia.com-advisories-13415.c
Description:
Firstclass v7.1 and 8.0 remote denial of service exploit. More information available here.
Author:Anand Khare
File Size:6581
Last Modified:Dec 19 13:42:44 2004
MD5 Checksum:858b743a7cb04af9ba6387fc6e299484

 ///  File Name: shoutcast194.c
Description:
SHOUTcast DNAS/Linux version 1.9.4 format string remote exploit. Tested on slackware 9.1 and 10.0. Bind a shell to port 7000.
Author:Damian Put, Tomasz Trojanowski
Homepage:http://www.cc-team.org
File Size:5347
Last Modified:Dec 31 22:57:59 2004
MD5 Checksum:10a9677625a70dc41e3a961b0e06168d

 ///  File Name: SSA-20041214-14.txt
Description:
STG Security Advisory: GNUBoard versions 3.39 and below suffer from a PHP injection vulnerability that allows for arbitrary command execution.
Author:Jeremy Bae
Homepage:http://stgsecurity.com/
File Size:2101
Last Modified:Dec 30 09:09:35 2004
MD5 Checksum:0d87d5003e39e373092c0451a80606ab

 ///  File Name: SSA-20041220-16.txt
Description:
STG Security Advisory: An input validation flaw in ZeroBoard versions 4.1pl4 and below can allow malicious attackers the ability to run arbitrary commands with the privilege of the HTTPD process, which is typically run as the nobody user.
Author:Jeremy Bae
Homepage:http://stgsecurity.com/
File Size:3683
Last Modified:Dec 31 23:08:01 2004
MD5 Checksum:f266dea6fadc6bcb9dcc65dd55ae1090

 ///  File Name: sugarSales.txt
Description:
Multiple Vulnerabilities have been found in the open source customer relationship management software SugarSales. These vulnerabilities include full path disclosure, file inclusion, remote command execution, and SQL injection attacks. Versions up to 2.0.1c are susceptible.
Author:Daniel Fabian
File Size:6150
Last Modified:Dec 30 07:28:17 2004
MD5 Checksum:6a238c167b455bb722100e71b4d42187

 ///  File Name: ubbXSS.txt
Description:
UBBThreads versions 6.2.3 and 6.5 are susceptible to cross site scripting attacks.
File Size:2042
Last Modified:Dec 30 07:20:25 2004
MD5 Checksum:1717de580e10b0b0f2e97c14808ca3b3

 ///  File Name: ultrix_dxterm_4.5_exploit.c
Description:
Ultrix 4.5/MIPS dxterm local root exploit.
Author:ztion
File Size:1990
Last Modified:Dec 30 11:16:36 2004
MD5 Checksum:3a2b768b8b6ae7f1e1c85e2551a8e6fe

 ///  File Name: un-aftpd.c
Description:
Ability ftpd version 2.34 remote root exploit that spawns a shell.
Author:Dark Eagle
Homepage:http://unl0ck.void.ru/
Related Exploit:ability.c"
File Size:5237
Last Modified:Dec 30 09:43:10 2004
MD5 Checksum:48bb322231bed83f5b66b558015635fc

 ///  File Name: WebLibs10.txt
Description:
WebLibs 1.0 is susceptible to arbitrary file access due to a lack of input validation for a hidden variable. Exploitation details included.
Author:John Bissell
File Size:3056
Last Modified:Dec 12 19:52:09 2004
MD5 Checksum:9f9c94b9d1b26a97f71ded009e986b66

 ///  File Name: wget18x.txt
Description:
wget versions 1.8 and below allow for arbitrary overwriting, creating, and appending to files on the underlying system with the permissions of the user executing the binary. The files to be written to can be anywhere regardless of what the end user has requested. The primary flaw is a failure to sanitize redirection data.
Author:Jan Minar
File Size:8366
Last Modified:Dec 12 20:07:01 2004
MD5 Checksum:88a6d3d3f49ea2cb29e920e0c504eaf6

 ///  File Name: wgettrap.txt
Description:
Proof of concept exploit for the wget directory traversal vulnerability that affects versions 1.8 and below.
Author:Jan Minar
Related File:wget18x.txt
File Size:2554
Last Modified:Dec 30 09:31:59 2004
MD5 Checksum:81e842b6caff9bc3e4ddb975bd37cea2

 ///  File Name: WHM-autopilot.txt
Description:
WHM AutoPilot version 2.4.6.5 and below suffer from information disclosure, cross site scripting, and file inclusion vulnerabilities.
Author:James Bercegay
Homepage:http://www.gulftech.org/
File Size:3899
Last Modified:Jan 2 20:54:26 2005
MD5 Checksum:90e228da786478f8e243ab912ca962f1

 ///  File Name: winrar341.txt
Description:
WinRAR proof of concept buffer overflow exploit for version 3.41 and below.
Author:Vafa Khoshaein
File Size:4418
Last Modified:Dec 30 10:14:22 2004
MD5 Checksum:1e628e892fbc61241ba032079e35f687

 ///  File Name: wins.c
Description:
Remote Microsoft Windows 2000 WINS exploit that has connectback shellcode. Works on SP3/SP4.
Author:zuc
File Size:4260
Related CVE(s):CAN-2004-1080
Last Modified:Jan 2 21:43:36 2005
MD5 Checksum:bca4ce46995ede27531c85fe556c98c2

 ///  File Name: woolchat.txt
Description:
WoolChat IRC client is susceptible to a buffer overflow when a DCC send query is sent with more than 260 bytes.
Author:White E
Homepage:http://nogimmick.org/
File Size:1333
Last Modified:Dec 12 08:33:54 2004
MD5 Checksum:6659b1bb546b1aa6aa358bf13ab3af85

 ///  File Name: WPkontakt.txt
Description:
WPKontakt versions 3.0.1 and below suffer from a parsing error that allows for remote script execution.
Author:Blazej Miga, Jaroslaw Sajko
Homepage:http://www.man.poznan.pl/security/wpkontakt.html
File Size:840
Last Modified:Dec 31 22:09:01 2004
MD5 Checksum:c2467df336a25f30ca56b0e86b287451

 ///  File Name: yacyXSS.txt
Description:
yacy version 0.31 is susceptible to a cross site scripting attack.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1383
Last Modified:Jan 1 03:35:15 2005
MD5 Checksum:6f7bf1db4751a945aa301c29170cbf16