Section: .. / 0501-exploits /

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 92

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	0501-exploits.tgz
Description:	Packet Storm new exploits for January, 2005.
File Size:	1102785
Last Modified:	Feb 1 07:20:20 2005
MD5 Checksum:	37bd4fdc8193b756cddbabeaa2a60f7e

/// File Name:	AWStatsVulnAnalysis.pdf
Description:	Detailed analysis of three different vulnerabilities that reside in AWStats which all allow for remote command execution.
Author:	newbug
Homepage:	http://www.chroot.org
File Size:	956729
Last Modified:	Jan 26 18:11:29 2005
MD5 Checksum:	b80c768c3977749e69e1d763168985e4

/// File Name:	veritasABS.c
Description:	Remote stack overflow exploit for Veritas Backup Exec. Works for versions 9.1.4691.SP1, 9.1.4691.SP0, and 8.5.3572. Allows for a shell to be bound to port 101 or it spawn a reverse shell as well.
Author:	class101
Related File:	12.16.04-5.txt
File Size:	38588
Related CVE(s):	CAN-2004-1172
Last Modified:	Jan 12 07:00:39 2005
MD5 Checksum:	72015033c9e98600771603805897d0be

/// File Name:	isec-0021-uselib.txt
Description:	Locally exploitable flaws have been found in the Linux binary format loaders' uselib() functions that allow local users to gain root privileges. Linux kernel versions 2.4 up to and including 2.4.29-pre3, 2.6 up to and including 2.6.10 are affected. Exploit included.
Author:	Paul Starzetz
Homepage:
File Size:	22989
Related CVE(s):	CAN-2004-1235
Last Modified:	Jan 7 17:27:00 2005
MD5 Checksum:	b8c1d99e53c3f8082e449457f5765447

/// File Name:	uselib24.c
Description:	Modified uselib() local exploit for the Linux kernel series. This version has been modified to also work on SMP kernels. Linux kernel versions 2.4 up to and including 2.4.29-pre3, 2.6 up to and including 2.6.10 are affected.
Author:	timhsu
Homepage:	http://www.chroot.org
File Size:	18743
Related CVE(s):	CAN-2004-1235
Last Modified:	Jan 27 05:55:09 2005
MD5 Checksum:	7d1888194c26d9c12a40a81c1aa3e184

/// File Name:	ex_gpsd.c
Description:	Remote format string exploit for Berlios gpsd, a remake of pygps. On Debian, it achieves uid of gpsd. On Redhat, it achieves root.
Author:	Johnh, KF
Homepage:	http://www.digitalmunition.com/
Related File:	DMA-2005-0125a.txt
File Size:	10828
Last Modified:	Jan 27 04:56:14 2005
MD5 Checksum:	827e4de2273f8b6087f440740e1ddaaf

/// File Name:	gbook.tgz
Description:	MPM Guestbook Pro remote exploit that performs arbitrary command execution and local file upload.
Author:	Robert Molnar
Related File:	ss11012005.txt
File Size:	8743
Last Modified:	Jan 25 07:47:47 2005
MD5 Checksum:	dcef1c46ec3752ba9327c5965ca5257e

/// File Name:	stackgrow2.c
Description:	Full version of the expand_stack SMP race proof of concept exploit that makes use of a locally exploitable flaw in the Linux page fault handler code.
Author:	Christophe Devine
Related File:	isec-0022-pagefault.txt
File Size:	8366
Related CVE(s):	CAN-2005-0001
Last Modified:	Jan 16 07:30:14 2005
MD5 Checksum:	4f314b5f96fa72c44fff19048f9962b6

/// File Name:	wins_ms04_045.pm
Description:	Remote Microsoft Windows WINS exploit created by the Metasploit Framework.
Author:	H.D. Moore
Homepage:	http://www.metasploit.com/
Related File:	sa13466.txt
File Size:	8275
Last Modified:	Jan 12 08:12:51 2005
MD5 Checksum:	3fbe335508354d4c720f728cfff557f6

/// File Name:	WC-ms05002-ani-expl-cb.c
Description:	Microsoft Internet Explorer .ANI file handling exploit. Modified version of the houseofdabus exploit. Universal version of the exploit. Tested on: Windows Server 2003, Windows XP SP0/SP1, Windows 2000 SP2/SP3/SP4.
Author:	WhiskyCoders
Homepage:	http://bennupg.ath.cx
Related Exploit:	HOD-ms05002-ani-expl.c "
File Size:	8176
Last Modified:	Jan 31 00:06:24 2005
MD5 Checksum:	d7655c62bf4f64164f7a24520e057746

/// File Name:	nodemgrPOC.cpp
Description:	NodeManager Professional 2.00 buffer overflow exploit that binds a shell to port 2001.
Author:	Tan Chew Keong
Related File:	nodemanager200.txt
File Size:	7972
Last Modified:	Jan 19 07:35:57 2005
MD5 Checksum:	d3ea564e89596c5826d835b8f712e9cc

/// File Name:	soldnersock.zip
Description:	Remote proof of concept exploit for Soldner that demonstrates a socket termination when an oversized UDP packet is sent to the server.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	soldersock.txt
File Size:	7920
Last Modified:	Jan 5 05:59:52 2005
MD5 Checksum:	97f85864195a95985c845b23f9848a3d

/// File Name:	breedzero.zip
Description:	Remote denial of service proof of concept exploit for the Breed game server that crashes upon accepting an empty UDP packet.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	breedzero.txt
File Size:	7885
Last Modified:	Jan 16 06:51:16 2005
MD5 Checksum:	c0dd92ea735fe111ca2981664912df71

/// File Name:	amp2zero.zip
Description:	Proof of concept denial of service exploit for the Amp II 3D game engine that is susceptible to attack when receiving UDP datagrams of zero bytes.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	amp2zero.txt
File Size:	7757
Last Modified:	Jan 7 02:46:37 2005
MD5 Checksum:	e0f740ad12e3040bbf0fbbd29c3adecc

/// File Name:	HOD-ms05002-ani-expl.c
Description:	Proof of concept exploit for the Windows ANI File Parsing vulnerability that works against Microsoft Windows Server 2003, XP SP0/SP1, and all versions of Windows 2000.
Author:	houseofdabus
Related File:	AD_LAB-04005.txt
File Size:	7503
Last Modified:	Jan 25 08:06:23 2005
MD5 Checksum:	9b7991b399daaf8262fdb31bb26b6cd9

/// File Name:	scanner_ndde.c
Description:	Microsoft Windows NetDDE scanner that makes use of a remote code execution vulnerability due to an unchecked buffer.
Author:	Gogu Gigi
File Size:	7286
Last Modified:	Jan 5 05:46:04 2005
MD5 Checksum:	e35e458299ec6ed53336864a059dc467

/// File Name:	antivir.txt
Description:	An unnamed antivirus product can cause a denial of service on Microsoft Windows due to not closing open registry handles.
Author:	Vladimir Kraljevic
File Size:	7090
Last Modified:	Jan 28 07:03:27 2005
MD5 Checksum:	177efb9580b2cc67ffc17e1178af9692

/// File Name:	OutlookMuteX.txt
Description:	Exploit for Outlook that can press a button to verify it is okay to access protected contact data. Tested against Windows XP SP1. This functionality may be utilized in future worm creation.
Author:	Anand Khare
File Size:	6688
Last Modified:	Jan 28 07:14:47 2005
MD5 Checksum:	55f67af1a82aec066bc16a4846d93360

/// File Name:	Gallery134.txt
Description:	Gallery 1.3.4 suffers from remote script inclusion and cross site scripting vulnerabilities.
Author:	Rafel Ivgi
Homepage:	http://theinsider.deep-ice.com
File Size:	6489
Last Modified:	Jan 18 07:30:58 2005
MD5 Checksum:	d37ed0ca9947843db050dfbb5a219d54

/// File Name:	awexpl.c
Description:	AwStats exploit that makes use of a remote command execution vulnerability in versions 6.2 and below.
Author:	Thunder
File Size:	6206
Last Modified:	Jan 25 08:37:08 2005
MD5 Checksum:	ad96eacf2a2869f6c15ae4c2c84b43ee

/// File Name:	26012005-03.txt
Description:	Multiple versions of the Merak Mail Server with Icewarp Web Mail suffer from various flaws. Included are cross site scripting, path disclosure, arbitrary file manipulation/access, and weak password encryption vulnerabilities.
Author:	ShineShadow
File Size:	5957
Last Modified:	Jan 29 09:54:37 2005
MD5 Checksum:	22281f06d752d9deb5bb3663a37d1d5c

/// File Name:	ie_attack.htm
Description:	Pocket IE on a Windows Mobile Pocket PC suffers from Unicode URL obfuscation, local file access, and cross site scripting vulnerabilities.
Author:	Seth Fogie
Homepage:	http://www.airscanner.com
File Size:	5613
Last Modified:	Jan 27 06:26:01 2005
MD5 Checksum:	4a7aa53d0c4f547a8a6702e988be69d5

/// File Name:	DMA-2005-0127a.txt
Description:	Apple's OS X batch family of commands make poor use of setuid capabilities allowing for privilege escalation.
Author:	Kevin Finisterre
File Size:	5575
Related CVE(s):	CAN-2005-0125
Last Modified:	Jan 28 06:47:20 2005
MD5 Checksum:	56dcf81c83031240460012b3ba4d6624

/// File Name:	crafted.c
Description:	Funduc search and replace compressed file local buffer overflow exploit.
Author:	ATmaCA
Homepage:	http://www.atmacasoft.com/
File Size:	5567
Last Modified:	Jan 25 08:36:13 2005
MD5 Checksum:	844f3c4379637e8d9face8f6c77724a7

/// File Name:	itunesPLS.txt
Description:	Apple iTunes Playlist buffer overflow download shellcoded exploit. Versions up to 4.7 are affected. Tested with iTunes v4.7 on WinXP SP2 EN.
Author:	ATmaCA
Homepage:	http://www.atmacasoft.com/
Related File:	01.13.05.txt
File Size:	5447
Last Modified:	Jan 17 00:03:25 2005
MD5 Checksum:	708d91464c8f5f9de07c54ea32e04338