Section: .. / 0501-exploits /

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 92

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	0501-exploits.tgz
Description:	Packet Storm new exploits for January, 2005.
File Size:	1102785
Last Modified:	Feb 1 07:20:20 2005
MD5 Checksum:	37bd4fdc8193b756cddbabeaa2a60f7e

/// File Name:	WC-ms05002-ani-expl-cb.c
Description:	Microsoft Internet Explorer .ANI file handling exploit. Modified version of the houseofdabus exploit. Universal version of the exploit. Tested on: Windows Server 2003, Windows XP SP0/SP1, Windows 2000 SP2/SP3/SP4.
Author:	WhiskyCoders
Homepage:	http://bennupg.ath.cx
Related Exploit:	HOD-ms05002-ani-expl.c "
File Size:	8176
Last Modified:	Jan 31 00:06:24 2005
MD5 Checksum:	d7655c62bf4f64164f7a24520e057746

/// File Name:	imd_advisory.txt
Description:	The webmail portion of Infinite Mobile Delivery 2.6 from Captaris, Inc. contains a Cross Site Scripting vulnerability. In addition to the XSS, an even smaller issue exists where a user can determine the installation path of the client and where e-mails are stored.
Author:	Steven
Homepage:	http://www.lovebug.org/
File Size:	1741
Last Modified:	Jan 31 00:02:06 2005
MD5 Checksum:	73bf8815871d7d252113b66d4b21f75e

/// File Name:	26012005-03.txt
Description:	Multiple versions of the Merak Mail Server with Icewarp Web Mail suffer from various flaws. Included are cross site scripting, path disclosure, arbitrary file manipulation/access, and weak password encryption vulnerabilities.
Author:	ShineShadow
File Size:	5957
Last Modified:	Jan 29 09:54:37 2005
MD5 Checksum:	22281f06d752d9deb5bb3663a37d1d5c

/// File Name:	WebAdmin302.txt
Description:	Alt-N WebAdmin, the web application used to administer MDaemon and RelayFax, is susceptible to cross site scripting, html injection, and unauthenticated account modification vulnerabilities. Versions 3.0.2 and below are susceptible.
Author:	David Alonso Perez
File Size:	2634
Last Modified:	Jan 29 09:37:08 2005
MD5 Checksum:	b3c073f533c811a3079686b8142631ff

/// File Name:	WebWasherCONNECT.txt
Description:	WebWasher Classic has a design flaw weakness where the CONNECT method allows remote attackers to connect to any server listening on the localhost interface of the proxy server.
Author:	Oliver Karow
Homepage:	http://www.oliverkarow.de/
File Size:	1406
Last Modified:	Jan 29 09:14:25 2005
MD5 Checksum:	73ddc497f3ae9999b4e962bbea99a087

/// File Name:	exploits-winamp.tgz
Description:	Two exploits for Winamp 5.05 and 5.08. They make use of the buffer overflow vulnerability discovered by NSFOCUS.
Author:	Rojodos
Related File:	SA2005-01.txt
File Size:	314
Related CVE(s):	CAN-2004-1150
Last Modified:	Jan 28 21:01:24 2005
MD5 Checksum:	b7230f0d8cc7a676a94142a80a56e9d4

/// File Name:	OutlookMuteX.txt
Description:	Exploit for Outlook that can press a button to verify it is okay to access protected contact data. Tested against Windows XP SP1. This functionality may be utilized in future worm creation.
Author:	Anand Khare
File Size:	6688
Last Modified:	Jan 28 07:14:47 2005
MD5 Checksum:	55f67af1a82aec066bc16a4846d93360

/// File Name:	antivir.txt
Description:	An unnamed antivirus product can cause a denial of service on Microsoft Windows due to not closing open registry handles.
Author:	Vladimir Kraljevic
File Size:	7090
Last Modified:	Jan 28 07:03:27 2005
MD5 Checksum:	177efb9580b2cc67ffc17e1178af9692

/// File Name:	DMA-2005-0127a.txt
Description:	Apple's OS X batch family of commands make poor use of setuid capabilities allowing for privilege escalation.
Author:	Kevin Finisterre
File Size:	5575
Related CVE(s):	CAN-2005-0125
Last Modified:	Jan 28 06:47:20 2005
MD5 Checksum:	56dcf81c83031240460012b3ba4d6624

/// File Name:	ie_attack.htm
Description:	Pocket IE on a Windows Mobile Pocket PC suffers from Unicode URL obfuscation, local file access, and cross site scripting vulnerabilities.
Author:	Seth Fogie
Homepage:	http://www.airscanner.com
File Size:	5613
Last Modified:	Jan 27 06:26:01 2005
MD5 Checksum:	4a7aa53d0c4f547a8a6702e988be69d5

/// File Name:	uselib24.c
Description:	Modified uselib() local exploit for the Linux kernel series. This version has been modified to also work on SMP kernels. Linux kernel versions 2.4 up to and including 2.4.29-pre3, 2.6 up to and including 2.6.10 are affected.
Author:	timhsu
Homepage:	http://www.chroot.org
File Size:	18743
Related CVE(s):	CAN-2004-1235
Last Modified:	Jan 27 05:55:09 2005
MD5 Checksum:	7d1888194c26d9c12a40a81c1aa3e184

/// File Name:	siteman.noam.txt
Description:	Siteman versions 1.1.10 and below remote administrative account addition exploit.
Author:	Noam Rathaus
Related Exploit:	siteman.txt"
File Size:	1375
Last Modified:	Jan 27 05:03:14 2005
MD5 Checksum:	23d964d6078eb95f5bdac2764881067c

/// File Name:	trn-test.txt
Description:	Local root exploit for /usr/bin/trn. Tested on Mandrake 9.2, Slackware 9.1.0/10.0.0.
Author:	ZzagorR
Homepage:	http://www.rootbinbash.com/
File Size:	2228
Last Modified:	Jan 27 04:58:35 2005
MD5 Checksum:	eccb9e46d859b8d7283889195634aa02

/// File Name:	ex_gpsd.c
Description:	Remote format string exploit for Berlios gpsd, a remake of pygps. On Debian, it achieves uid of gpsd. On Redhat, it achieves root.
Author:	Johnh, KF
Homepage:	http://www.digitalmunition.com/
Related File:	DMA-2005-0125a.txt
File Size:	10828
Last Modified:	Jan 27 04:56:14 2005
MD5 Checksum:	827e4de2273f8b6087f440740e1ddaaf

/// File Name:	phpEventCalendar.txt
Description:	phpEventCalendar version 0.2 does not check title and event text when the data is inserted in the database, allowing for arbitrary HTML injection.
Author:	Madelman
File Size:	1957
Last Modified:	Jan 27 04:33:50 2005
MD5 Checksum:	e9a569c32f80bca6c0ffb8d8af9ac8ff

/// File Name:	adv010-y3dips-2005.txt
Description:	Exponent CMS version 0.95 is susceptible to full path disclosure and cross site scripting vulnerabilities.
Author:	y3dips
Homepage:	http://y3dips.echo.or.id/
File Size:	3001
Last Modified:	Jan 26 18:15:44 2005
MD5 Checksum:	724c9736a6bc618a34641f4f77dcfcb6

/// File Name:	AWStatsVulnAnalysis.pdf
Description:	Detailed analysis of three different vulnerabilities that reside in AWStats which all allow for remote command execution.
Author:	newbug
Homepage:	http://www.chroot.org
File Size:	956729
Last Modified:	Jan 26 18:11:29 2005
MD5 Checksum:	b80c768c3977749e69e1d763168985e4

/// File Name:	codebug7.txt
Description:	Codebug Labs Advisory 07 - MercuryBoard version 1.1.1 suffers from full path disclosure, cross site scripting, and SQL injection vulnerabilities.
Homepage:	http://www.codebug.org/
File Size:	4768
Last Modified:	Jan 25 08:59:31 2005
MD5 Checksum:	4cd7f78f29b25991daec36c2ccd910d3

/// File Name:	w32dasmbof.disasm_me
Description:	Local proof of concept exploit for W32Dasm which suffers from a classic buffer overflow vulnerability when analyzing files.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	w32dasmbof.txt
File Size:	2560
Last Modified:	Jan 25 08:52:16 2005
MD5 Checksum:	c47e3a1d1537b77c56f9e8f526960c2f

/// File Name:	GHCaws.pl
Description:	AwStats exploit that makes use of a remote command execution vulnerability in versions 6.2 and below.
Author:	GHC
Homepage:	http://www.ghc.ru
File Size:	1937
Last Modified:	Jan 25 08:38:31 2005
MD5 Checksum:	cd4e6e2173c331307cd924b556c45421

/// File Name:	awexpl.c
Description:	AwStats exploit that makes use of a remote command execution vulnerability in versions 6.2 and below.
Author:	Thunder
File Size:	6206
Last Modified:	Jan 25 08:37:08 2005
MD5 Checksum:	ad96eacf2a2869f6c15ae4c2c84b43ee

/// File Name:	crafted.c
Description:	Funduc search and replace compressed file local buffer overflow exploit.
Author:	ATmaCA
Homepage:	http://www.atmacasoft.com/
File Size:	5567
Last Modified:	Jan 25 08:36:13 2005
MD5 Checksum:	844f3c4379637e8d9face8f6c77724a7

/// File Name:	siteman.pl.txt
Description:	Siteman version 1.0.x remote perl exploit that adds an administrative account.
Author:	shoaliesefid7
Related Exploit:	siteman.txt"
File Size:	1655
Last Modified:	Jan 25 08:12:37 2005
MD5 Checksum:	1b882d55dd0ffddcd81e52c52d19acba

/// File Name:	fm-iSink.c
Description:	Local root exploit for mRouter installed by iSync on Mac OS X 10.3.
Author:	nemo
File Size:	2441
Last Modified:	Jan 25 08:10:43 2005
MD5 Checksum:	9dd5712dae885584c97c7a9575e3d4f6