Section: .. / 0501-exploits /

Page 2 of 4
<< 1 2 3 4 >> Files 25 - 50 of 92

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	HOD-ms05002-ani-expl.c
Description:	Proof of concept exploit for the Windows ANI File Parsing vulnerability that works against Microsoft Windows Server 2003, XP SP0/SP1, and all versions of Windows 2000.
Author:	houseofdabus
Related File:	AD_LAB-04005.txt
File Size:	7503
Last Modified:	Jan 25 08:06:23 2005
MD5 Checksum:	9b7991b399daaf8262fdb31bb26b6cd9

/// File Name:	goldenSploit.pl
Description:	Golden FTP server exploit that binds a shell on port 4444 after making use of a buffer overflow using RNTO.
Author:	Barabas
File Size:	2442
Last Modified:	Jan 25 07:59:58 2005
MD5 Checksum:	b897ef652675f3288b9d4d8be0a7a4b8

/// File Name:	IEurlflaw.txt
Description:	This code calls a URL in the browser window but fails to update the address bar in Internet Explorer. It appears that the form submission is suspended with the interrupt of the 'window.alert' call.
Author:	Graeme Stewart
File Size:	1527
Last Modified:	Jan 25 07:55:50 2005
MD5 Checksum:	5786b1d98471a885d0588c08908ee348

/// File Name:	gbook.tgz
Description:	MPM Guestbook Pro remote exploit that performs arbitrary command execution and local file upload.
Author:	Robert Molnar
Related File:	ss11012005.txt
File Size:	8743
Last Modified:	Jan 25 07:47:47 2005
MD5 Checksum:	dcef1c46ec3752ba9327c5965ca5257e

/// File Name:	divxplayerbug.dps
Description:	Proof of concept exploit for DivX player versions 2.6 and below that allow for arbitrary file overwriting via a flaw in handling skins.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org/
Related File:	divxplayerbug.txt
File Size:	390
Last Modified:	Jan 25 07:31:15 2005
MD5 Checksum:	9cf43a1b2697117eee6f044731ad48e9

/// File Name:	siteman.txt
Description:	Siteman version 1.0.x is susceptible to administrative account injection due to a lack of variable sanitization.
Author:	amironline452
Homepage:	http://www.PersianHacker.NET
File Size:	2214
Last Modified:	Jan 25 06:57:48 2005
MD5 Checksum:	e7f1d769b91cd789605ad132f89bee9c

/// File Name:	xfkey.c
Description:	fkey version 0.0.2 local file accessibility exploit.
Author:	vade79
Homepage:	http://fakehalo.us/
File Size:	3636
Last Modified:	Jan 25 06:21:05 2005
MD5 Checksum:	2afe0de2da98e6a863a419723fd42326

/// File Name:	SSA-20050120-22.txt
Description:	STG Security Advisory: JSBoard versions 2.0.9 and below suffer from an input validation flaw that allows for arbitrary file reading.
Author:	Jeremy Bae
Homepage:	http://stgsecurity.com/
File Size:	1557
Last Modified:	Jan 25 06:18:39 2005
MD5 Checksum:	3b1609ac471d68125c376daa4ee846e6

/// File Name:	SSA-20050120-24.txt
Description:	STG Security Advisory: GForge versions 3.3 and below are susceptible to directory traversal attacks.
Author:	Jeremy Bae
Homepage:	http://stgsecurity.com/
File Size:	3073
Last Modified:	Jan 25 06:18:06 2005
MD5 Checksum:	fd452561768d50aeceeb2481b57d86e1

/// File Name:	fm-nacho.c
Description:	Mac OSX versions 10.3.x with a Darwin Kernel equal to or below 7.7.0 are susceptible to a denial of service flaw that may allow for possible privilege escalation.
Author:	nemo
File Size:	3090
Last Modified:	Jan 22 20:50:59 2005
MD5 Checksum:	c75586bd9e285adb8bba510e652200ac

/// File Name:	nodemgrPOC.cpp
Description:	NodeManager Professional 2.00 buffer overflow exploit that binds a shell to port 2001.
Author:	Tan Chew Keong
Related File:	nodemanager200.txt
File Size:	7972
Last Modified:	Jan 19 07:35:57 2005
MD5 Checksum:	d3ea564e89596c5826d835b8f712e9cc

/// File Name:	netegrity.txt
Description:	The Netegrity SiteMinder smpwservicescgi.exe is susceptible to a remote data inclusion vulnerability that allows for phishing attacks.
Author:	Marc Ruef
Homepage:	http://www.computec.ch/projekte/atk/
File Size:	2490
Last Modified:	Jan 19 07:19:16 2005
MD5 Checksum:	2d8ada3ab66ec8268d82e552fa2e164c

/// File Name:	exim-exploit.c
Description:	Proof of concept local exploit for Exim version 4.41.
Related File:	01.14.05.txt
File Size:	1475
Last Modified:	Jan 19 07:06:41 2005
MD5 Checksum:	a710a65db5bce4ca9cedd2b3d59cc373

/// File Name:	peer2mail.c
Description:	Peer2Mail Encrypt passdumper exploit version 1.0. Versions 1.4 and below are affected. Tested on Win XP SP2.
Author:	ATmaCA
Homepage:	http://www.atmacasoft.com/
File Size:	3681
Last Modified:	Jan 19 07:01:44 2005
MD5 Checksum:	e6376162f2a711928b65864775d81550

/// File Name:	kazaaDoS.txt
Description:	Flaws in Kazaa allow for arbitrary code execution and for remote execution of code.
Author:	Rafel Ivgi
Homepage:	http://theinsider.deep-ice.com
File Size:	3280
Last Modified:	Jan 18 07:32:34 2005
MD5 Checksum:	d4de1222dbe0a8a0779c4454dcdffaa0

/// File Name:	Gallery134.txt
Description:	Gallery 1.3.4 suffers from remote script inclusion and cross site scripting vulnerabilities.
Author:	Rafel Ivgi
Homepage:	http://theinsider.deep-ice.com
File Size:	6489
Last Modified:	Jan 18 07:30:58 2005
MD5 Checksum:	d37ed0ca9947843db050dfbb5a219d54

/// File Name:	FVS318.txt
Description:	The Netgear FVS318 version 2.4 router is susceptible to filter bypass when the URL is hex encoded and it also have a cross site scripting flaw.
Author:	Paul Kurczaba
Homepage:	http://www.securinews.com/
File Size:	1555
Last Modified:	Jan 18 06:47:40 2005
MD5 Checksum:	06661f61e9927239230a8edbf0e44e0c

/// File Name:	sparkleBlog.txt
Description:	Direct access to administrative pages in SparkleBlog do not require any authentication. Additionally, is it susceptible to cross site scripting flaws.
Author:	Kovacs Laszlo
File Size:	1336
Last Modified:	Jan 18 06:36:42 2005
MD5 Checksum:	12b17d789a87a73a6e5108db00648558

/// File Name:	auth_radius.c
Description:	Apache mod_auth_radius denial of service exploit that makes use of an integer overflow. All versions up to 1.5.4/1.5.7 are affected.
Author:	Leon Juranic
Homepage:	http://security.lss.hr
Related File:	LSS-2005-01-02.txt
File Size:	3430
Last Modified:	Jan 18 06:32:19 2005
MD5 Checksum:	bc6de626e823ef2cea445857d58fa6fc

/// File Name:	itunesPLS-local.txt
Description:	Proof of concept exploit for iTunes 4.3.7 on OS X 10.3.7. Shellcode binds a shell to port 4444.
Author:	nemo
Related File:	01.13.05.txt
File Size:	3611
Last Modified:	Jan 17 00:05:22 2005
MD5 Checksum:	2ec510bd1e7504720e2969ebeccde787

/// File Name:	itunesPLS.txt
Description:	Apple iTunes Playlist buffer overflow download shellcoded exploit. Versions up to 4.7 are affected. Tested with iTunes v4.7 on WinXP SP2 EN.
Author:	ATmaCA
Homepage:	http://www.atmacasoft.com/
Related File:	01.13.05.txt
File Size:	5447
Last Modified:	Jan 17 00:03:25 2005
MD5 Checksum:	708d91464c8f5f9de07c54ea32e04338

/// File Name:	MinisTraverse.txt
Description:	Minis 0.2.1 suffers from a directory traversal flaw that allows for viewing of files outside of the webroot. If the server does not have access to the file, it enters into a loop causing a denial of service.
Author:	Madelman
File Size:	3879
Last Modified:	Jan 16 20:13:00 2005
MD5 Checksum:	d3aedc1d21e4c6f53b73e22762727c7d

/// File Name:	phpGiftReq.txt
Description:	phpGiftReq 1.4.0 suffers from multiple SQL injection flaws that allow for manipulation of the database.
Author:	Madelman
File Size:	2259
Last Modified:	Jan 16 20:11:13 2005
MD5 Checksum:	7c0a1e1bb740848737f21d9abdbd4990

/// File Name:	froogleCookie.txt
Description:	A cross site scripting vulnerability in Froogle allows for theft of the Google GMail cookie.
Author:	Nir Goldshlager
File Size:	1776
Last Modified:	Jan 16 10:27:10 2005
MD5 Checksum:	47c5c30fb8e4ac424d9837135fe87121

/// File Name:	stackgrow2.c
Description:	Full version of the expand_stack SMP race proof of concept exploit that makes use of a locally exploitable flaw in the Linux page fault handler code.
Author:	Christophe Devine
Related File:	isec-0022-pagefault.txt
File Size:	8366
Related CVE(s):	CAN-2005-0001
Last Modified:	Jan 16 07:30:14 2005
MD5 Checksum:	4f314b5f96fa72c44fff19048f9962b6