Section: .. / 0508-exploits /

Page 1 of 5
<< 1 2 3 4 5 >> Files 1 - 25 of 105

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	0508-exploits.tgz
Description:	New Packet Storm exploits for August, 2005.
Homepage:	http://packetstormsecurity.org/
File Size:	206356
Last Modified:	Aug 31 09:28:32 2005
MD5 Checksum:	02ccdc9a05ba0798d3558b6f698c0350

/// File Name:	linsql2.c
Description:	linsql2 is an updated version of the command line client for MS-SQL that can execute arbitrary SQL queries and OS commands, when the username/password of the MS-SQL server is known. This version supports the API of the latest freetds library.
Author:	solid, herbless
File Size:	29720
Last Modified:	Aug 5 09:41:56 2005
MD5 Checksum:	b933a852b1dbefb29d1a2d51fac664cb

/// File Name:	kavLocalRoot.txt
Description:	Due to the logs directory being 777 by default, Kaspersky AntiVirus 5.5 is susceptible to a local root exploit via a symlink attack. Details are provided.
Author:	Dr. Peter Bieringer
File Size:	15672
Last Modified:	Aug 13 08:56:49 2005
MD5 Checksum:	cb19145c1046533f786fc038e618534f

/// File Name:	funkboard066.txt
Description:	FunkBoard version 0.66CF suffers from multiple cross site scripting flaws, remote code execution, and more. Full exploitation details provided.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	15115
Last Modified:	Aug 10 07:33:54 2005
MD5 Checksum:	f4bed4c56ff83694efb27c8e811047bf

/// File Name:	HOD-ms05039-pnp-expl.c
Description:	Microsoft Windows Plug-and-Play remote overflow universal exploit that is related to MS05-039. Vulnerable systems include: Microsoft Windows Server 2003 SP1, Microsoft Windows XP SP1 and SP2, and Microsoft Windows 2000 SP4.
Author:	houseofdabus
Related Exploit:	ms05039.c"
File Size:	14264
Related CVE(s):	CAN-2005-1983
Last Modified:	Aug 13 09:01:08 2005
MD5 Checksum:	d6dc9aaaab54213702bd9facbedf2e7c

/// File Name:	sphpblog_vulns.pl.txt
Description:	Exploit that demonstrates a vulnerability in the comment_delete_cgi.php from SimplePHPBlog. The PHP script allows for the arbitrary deletion of files. This vulnerability, in combination with the fact that the installation scripts are left on the server after installation, allows an arbitrary user to reset the admin password to one of the attacker's choosing.
Author:	Kenneth F. Belva
Homepage:	http://www.ftusecurity.com
File Size:	13229
Last Modified:	Aug 31 07:41:06 2005
MD5 Checksum:	d5a02f6fa42800a232858d4f054b1541

/// File Name:	ventboom.zip
Description:	Exploit for the Ventrilo 2.3.0 malformed status packet vulnerability.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	ventboom.txt
File Size:	13154
Last Modified:	Aug 24 11:50:15 2005
MD5 Checksum:	229640659ca0f3ef62b355bbbbdc37e9

/// File Name:	ms05038.c
Description:	Microsoft Internet Explorer COM Object remote file down and execute exploit. Makes use of the vulnerability described in MS05-038.
Author:	ZwelL
Homepage:	http://www.donews.net/zwell
File Size:	12345
Related CVE(s):	CAN-2005-1990
Last Modified:	Aug 12 08:51:35 2005
MD5 Checksum:	87d23d7995cf25e628a75fa06f9295bc

/// File Name:	flatnuke.html
Description:	FlatNuke version 2.5.5 suffers from remote command execution, cross site scripting, and path disclosure flaws. Detailed exploitation provided.
Author:	rgod
Homepage:	http://www.rgod.altervista.org/
File Size:	11946
Last Modified:	Aug 7 07:47:49 2005
MD5 Checksum:	28e00967d918af40327814729eefae70

/// File Name:	bfccown.zip
Description:	Proof of concept exploit for the flaws relating to BFCC versions 1.22_A and below and BFVCC versions 2.14_B and below.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	bfccown.txt
File Size:	11110
Last Modified:	Aug 31 07:50:44 2005
MD5 Checksum:	0918b1298c512f28393bf9f2d5603a9b

/// File Name:	lantronixRoot.txt
Description:	Multiple Lantronix Secure Console Server local root exploits that make use of security issues allowing for unrestricted shell access.
Author:	c0ntex
File Size:	10696
Last Modified:	Aug 6 07:58:33 2005
MD5 Checksum:	8b24a3e766f3d0ae39e6caba270cd4d6

/// File Name:	gravityBad.txt
Description:	Gravity Board X version 1.1 suffers from multiple vulnerabilities that can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, or compromise a vulnerable system.
Author:	rgod
Homepage:	http://www.rgod.altervista.org/
File Size:	10106
Last Modified:	Aug 10 07:21:11 2005
MD5 Checksum:	aa6af3863ba0fbdd0fe94ab03da43d80

/// File Name:	nbSMTP_fsexp.c
Description:	nbSMTP version 0.99 remote format string exploit. Tested on Slackware Linux 9.0, 10.0, and 10.1.
Author:	CoKi
Homepage:	http://www.nosystem.com.ar
Related File:	glsa-200508-03.txt
File Size:	9664
Last Modified:	Aug 6 08:09:25 2005
MD5 Checksum:	7b03f489ef56c1c6f12b4ebe55f21c9e

/// File Name:	AD20050830.txt
Description:	BNBT EasyTracker is susceptible to a remote denial of service vulnerability when accepting a malformed HTTP request. Demonstration exploit provided. Versions 7.7r3.2004.10.27 and below are affected.
Author:	Sowhat
Homepage:	http://secway.org/advisory/AD20050830.txt
File Size:	8779
Last Modified:	Aug 31 08:09:09 2005
MD5 Checksum:	2ac337d4908927ed071926acbb6d4270

/// File Name:	JaxXSS.txt
Description:	Various Jax PHP scripts suffer from a multitude of cross site scripting vulnerabilities. Detailed exploitation provided.
Author:	Lostmon
File Size:	8728
Last Modified:	Aug 6 07:50:29 2005
MD5 Checksum:	a6d52131534c3d1d0580eef57b4f42ab

/// File Name:	save_yourself_from_savewebportal34...>
Description:	SaveWebPortal 3.4 suffers from remote code execution, admin check bypass, remote file inclusion, and cross site scripting flaws. Full exploitation details provided.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	8391
Last Modified:	Aug 24 06:32:55 2005
MD5 Checksum:	16d84af2d4d95a3df6ca4779a8b8d97b

/// File Name:	backupexec_dump.pm.txt
Description:	Veritas Backup Exec Agent remote file access exploit that makes use of a logic flaw. This exploit is part of the Metasploit framework and works against all current versions of this Agent.
File Size:	8044
Last Modified:	Aug 12 09:02:26 2005
MD5 Checksum:	ae93e11c686917a4a9744af5e2f5e9e3

/// File Name:	fudForum.txt
Description:	FUD Forum bulletin board software version 2.6.15 allows for unauthenticated access to messages.
Author:	Alexander Heidenreich
File Size:	7948
Last Modified:	Aug 12 09:10:59 2005
MD5 Checksum:	5f4359c950138e45d602dfc0f0ff159c

/// File Name:	chmpokbof.zip
Description:	Proof of concept buffer overflow exploit for Chris Moneymaker's World Poker Championship version 1.0.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	chmpokbof.txt
File Size:	7188
Last Modified:	Aug 18 09:40:03 2005
MD5 Checksum:	498f3ed082f15ff13e89436b61e6a3c2

/// File Name:	jagoff.txt
Description:	The JaguarControl ActiveX controller suffers from a buffer overflow exploit.
Author:	Tacettin Karadeniz
File Size:	7186
Last Modified:	Aug 17 06:39:41 2005
MD5 Checksum:	643f8b8022b4e721b3f4964731f4da5a

/// File Name:	netquery311.html
Description:	Netquery 3.11 remote command execution proof of concept exploit.
Author:	rgod
Homepage:	http://www.rgod.altervista.org/
File Size:	7124
Last Modified:	Aug 24 06:43:42 2005
MD5 Checksum:	83c1382cfd28ff684814dc00390654d1

/// File Name:	zorum.html
Description:	Zorum 3.5 is susceptible to remote code execution and directory traversal flaws. Exploit included.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	7108
Last Modified:	Aug 18 09:45:14 2005
MD5 Checksum:	75cc26e336a37497f66b8a6459a08d4b

/// File Name:	sakeru.txt
Description:	Sakeru version 0.1 is a URL filtering bypass proof of concept tool that takes advantage of weaknesses in Websense, etc.
Author:	sinhack research labs
File Size:	6956
Last Modified:	Aug 17 08:40:28 2005
MD5 Checksum:	27a51ade94086288debec3a7f8de6f40

/// File Name:	ms05039.c
Description:	Microsoft Windows 2000 Plug and Play universal remote exploit for the flaw discussed in MS05-039.
File Size:	6750
Related CVE(s):	CAN-2005-1983
Last Modified:	Aug 12 08:56:09 2005
MD5 Checksum:	dfe17f8473ec85618b91a9a7f181675a

/// File Name:	netquerypoc.html
Description:	Netquery 3.1 remote command execution proof of concept exploit.
Author:	rgod
Homepage:	http://www.rgod.altervista.org/
File Size:	6667
Last Modified:	Aug 5 08:22:33 2005
MD5 Checksum:	9f00edade0ac5d2b6e71b0f9b1abbc31