Section: .. / 0508-exploits /

Page 4 of 5
<< 1 2 3 4 5 >> Files 75 - 100 of 105

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	fudForum.txt
Description:	FUD Forum bulletin board software version 2.6.15 allows for unauthenticated access to messages.
Author:	Alexander Heidenreich
File Size:	7948
Last Modified:	Aug 12 09:10:59 2005
MD5 Checksum:	5f4359c950138e45d602dfc0f0ff159c

/// File Name:	backupexec_dump.pm.txt
Description:	Veritas Backup Exec Agent remote file access exploit that makes use of a logic flaw. This exploit is part of the Metasploit framework and works against all current versions of this Agent.
File Size:	8044
Last Modified:	Aug 12 09:02:26 2005
MD5 Checksum:	ae93e11c686917a4a9744af5e2f5e9e3

/// File Name:	NAePolicy.txt
Description:	A privilege escalation flaw exists in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3). Exploitation details provided.
Author:	Reed Arvin
Homepage:	http://reedarvin.thearvins.com/
File Size:	1748
Last Modified:	Aug 12 09:00:22 2005
MD5 Checksum:	3ca0a4e98d960f6e2e41e2b844bed4f7

/// File Name:	ms05039.c
Description:	Microsoft Windows 2000 Plug and Play universal remote exploit for the flaw discussed in MS05-039.
File Size:	6750
Related CVE(s):	CAN-2005-1983
Last Modified:	Aug 12 08:56:09 2005
MD5 Checksum:	dfe17f8473ec85618b91a9a7f181675a

/// File Name:	cpan.c
Description:	Remote code execution exploit for cPanel versions 9.x and below that binds a shell to port 1666.
Author:	PakBraiN
File Size:	1602
Last Modified:	Aug 12 08:53:10 2005
MD5 Checksum:	e4eb40e742dcd986e712f8dc6e4568e2

/// File Name:	ms05038.c
Description:	Microsoft Internet Explorer COM Object remote file down and execute exploit. Makes use of the vulnerability described in MS05-038.
Author:	ZwelL
Homepage:	http://www.donews.net/zwell
File Size:	12345
Related CVE(s):	CAN-2005-1990
Last Modified:	Aug 12 08:51:35 2005
MD5 Checksum:	87d23d7995cf25e628a75fa06f9295bc

/// File Name:	ContivitySystem.txt
Description:	When the Nortel Contivity VPN Client client is running as a service, it is possible to manipulate the interface of the client and escalate privileges to that of the LocalSystem account. Version 05_01.030 is affected.
Author:	Jeff Peadro
File Size:	1266
Last Modified:	Aug 11 07:06:44 2005
MD5 Checksum:	2dc8e01c10369e2582e95e1f7055f609

/// File Name:	linksysWLAN20.txt
Description:	The Linksys WLAN Monitor service (WLSVC) that is used to configure settings for various Linksys wireless network cards runs under the context of the LocalSystem account. It is possible to manipulate the administrative interface of the Linksys WLAN Monitor and escalate privileges to that of the LocalSystem account. Linksys WLAN Monitor version 2.0 is susceptible.
Author:	Reed Arvin
Homepage:	http://reedarvin.thearvins.com/
File Size:	1746
Last Modified:	Aug 11 06:52:21 2005
MD5 Checksum:	880c6418dd76abab4214c0e9146f60e3

/// File Name:	FreznoShopSQL.txt
Description:	Versions of FreznoShop below 1.4.1 are vulnerable to SQL injection attacks due to a lack of input validation on parameters used in database queries. Sample exploitation provided.
Author:	Mike Shema
Homepage:	http://www.ntobjectives.com/
File Size:	2363
Last Modified:	Aug 11 06:50:07 2005
MD5 Checksum:	251e4d680f2039a7188789d03c74e266

/// File Name:	ezuploadRemote.txt
Description:	Ezupload suffers from remote file inclusion vulnerabilities.
Author:	Johnnie Walker
File Size:	1136
Last Modified:	Aug 11 06:33:06 2005
MD5 Checksum:	8994b31bf62bab8495333a8df8e1f673

/// File Name:	funkboard066.txt
Description:	FunkBoard version 0.66CF suffers from multiple cross site scripting flaws, remote code execution, and more. Full exploitation details provided.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	15115
Last Modified:	Aug 10 07:33:54 2005
MD5 Checksum:	f4bed4c56ff83694efb27c8e811047bf

/// File Name:	openSQL.txt
Description:	Open Bulletin Board is susceptible to multiple SQL injection attacks. All versions are affected. Sample exploitation provided.
Author:	Abducter
Homepage:	http://www.s4a.cc
File Size:	890
Last Modified:	Aug 10 07:29:36 2005
MD5 Checksum:	e05ba222117ffe789e97f548d5aae8e8

/// File Name:	vegadns-dyn0.txt
Description:	VegaDNS suffers from a cross site scripting flaw, amongst others.
Author:	dyn0
Homepage:	http://0xdeadface.co.uk
File Size:	964
Last Modified:	Aug 10 07:22:56 2005
MD5 Checksum:	d2a1b335b860cf7775deef38a3410981

/// File Name:	gravityBad.txt
Description:	Gravity Board X version 1.1 suffers from multiple vulnerabilities that can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, or compromise a vulnerable system.
Author:	rgod
Homepage:	http://www.rgod.altervista.org/
File Size:	10106
Last Modified:	Aug 10 07:21:11 2005
MD5 Checksum:	aa6af3863ba0fbdd0fe94ab03da43d80

/// File Name:	dvbbsXSS.txt
Description:	DVBBS version 7.1 suffers from a cross site scripting flaw.
Author:	Lostmon
File Size:	1651
Related OSVDB(s):	18512
Last Modified:	Aug 9 11:11:31 2005
MD5 Checksum:	09e5aeaf1577072e5cc026aa88052bab

/// File Name:	cfbbxss.txt
Description:	CFBB version 1.1.10 suffers from a cross site scripting vulnerability.
Author:	stormhacker
Homepage:	Http://www.security-arab.com
File Size:	253
Last Modified:	Aug 9 10:47:39 2005
MD5 Checksum:	e06de2ff9c58f6cfaa80b3686a759a4b

/// File Name:	OS2A-1001.txt
Description:	ePing is a ping utility plugin for e107, a PHP-based content management system that uses a MySQL backend database. ePing versions 1.02 and prior are vulnerable to a file creation vulnerability caused by improper validation of user-supplied input in the doping.php script.
File Size:	2122
Last Modified:	Aug 9 10:46:58 2005
MD5 Checksum:	cd56bc67a5d28cae77bfe3fd1a9d2063

/// File Name:	flatnuke.html
Description:	FlatNuke version 2.5.5 suffers from remote command execution, cross site scripting, and path disclosure flaws. Detailed exploitation provided.
Author:	rgod
Homepage:	http://www.rgod.altervista.org/
File Size:	11946
Last Modified:	Aug 7 07:47:49 2005
MD5 Checksum:	28e00967d918af40327814729eefae70

/// File Name:	nbSMTP_fsexp.c
Description:	nbSMTP version 0.99 remote format string exploit. Tested on Slackware Linux 9.0, 10.0, and 10.1.
Author:	CoKi
Homepage:	http://www.nosystem.com.ar
Related File:	glsa-200508-03.txt
File Size:	9664
Last Modified:	Aug 6 08:09:25 2005
MD5 Checksum:	7b03f489ef56c1c6f12b4ebe55f21c9e

/// File Name:	lantronixRoot.txt
Description:	Multiple Lantronix Secure Console Server local root exploits that make use of security issues allowing for unrestricted shell access.
Author:	c0ntex
File Size:	10696
Last Modified:	Aug 6 07:58:33 2005
MD5 Checksum:	8b24a3e766f3d0ae39e6caba270cd4d6

/// File Name:	JaxXSS.txt
Description:	Various Jax PHP scripts suffer from a multitude of cross site scripting vulnerabilities. Detailed exploitation provided.
Author:	Lostmon
File Size:	8728
Last Modified:	Aug 6 07:50:29 2005
MD5 Checksum:	a6d52131534c3d1d0580eef57b4f42ab

/// File Name:	comdevInclusion.txt
Description:	Comdev eCommerce 3.0 is susceptible to a remote file inclusion flaw.
File Size:	307
Last Modified:	Aug 6 07:48:08 2005
MD5 Checksum:	3351b2ff267b0c563e160ad9b37dd854

/// File Name:	comdevTraversal.txt
Description:	Comdev eCommerce 3.0 is susceptible to a directory traversal flaws.
File Size:	336
Last Modified:	Aug 6 07:47:08 2005
MD5 Checksum:	39c136ae1565af349c02026c09da31da

/// File Name:	PortailPHP.txt
Description:	PortailPHP 2.4 allows for SQL injection attacks.
Author:	Abducter
File Size:	955
Last Modified:	Aug 5 09:54:04 2005
MD5 Checksum:	8d9c05c26e0316e763484783b8947b19

/// File Name:	silvernews203.txt
Description:	Silvernews versions 2.0.3 and below suffer from SQL injection, login bypass, remote command execution, and cross site scripting flaws.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	1403
Last Modified:	Aug 5 09:45:38 2005
MD5 Checksum:	cd2b1d924a6824ef896db080f1dc72d7