Section:  .. / 0509-exploits  /

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 78
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: 0509-exploits.tgz
Description:
New Packet Storm exploits for September, 2005.
Homepage:http://packetstormsecurity.org/
File Size:409181
Last Modified:Oct 4 17:10:31 2005
MD5 Checksum:c80e08cbbf88fb228a911a8ab30005b2

 ///  File Name: cirt-37-advisory.pdf
Description:
TAC Vista version 3.0 is susceptible to a directory traversal vulnerability. Exploitation details provided.
Author:Dennis Rand
Homepage:http://www.cirt.dk/
File Size:268783
Last Modified:Sep 22 08:44:26 2005
MD5 Checksum:0d5c93a833de403288cd99c2d07eafff

 ///  File Name: azdg.html
Description:
AzDGDatingLite version 2.1.3 suffers from a remote code execution flaw due to a directory traversal.
Author:rgod
Homepage:http://rgod.altervista.org
File Size:19312
Last Modified:Sep 13 10:46:42 2005
MD5 Checksum:240dc062a583983bde341cf9a5bff488

 ///  File Name: class1.html
Description:
Class-1 Forum version 0.24.4 SQL injection and remote code execution proof of concept exploit.
Author:rgod
Homepage:http://rgod.altervista.org/
File Size:17670
Last Modified:Sep 8 09:46:26 2005
MD5 Checksum:f905604086859d4e72ea47fb9568dbaa

 ///  File Name: pwnzilla.txt
Description:
PwnZilla 5 - Exploit for the IDN host name heap buffer overrun in Mozilla browsers such as Firefox, Mozilla, and Netscape.
Author:Berend-Jan Wever aka Skylined
File Size:13871
Related CVE(s):CAN-2005-2871
Last Modified:Sep 23 08:51:45 2005
MD5 Checksum:eef9337ee7cdaceb446572f6a20a0ea6

 ///  File Name: phpmyfuck151.html
Description:
PhpMyFaq version 1.5.1 is susceptible to SQL injection, board takeover, user information disclosure, and remote code execution flaws. Detailed exploitation provided. Earlier versions are also possibly vulnerable.
Author:rgod
Homepage:http://rgod.altervista.org
File Size:13868
Last Modified:Sep 23 09:41:09 2005
MD5 Checksum:7e4688c40fe3f1047e4d60351226021d

 ///  File Name: imap4d_FreeBSD_exploit.c
Description:
GNU Mailutils version 0.6 imap4d 'search' format string exploit. Written to be used against FreeBSD.
Author:Johnny Mast, Angelo Rosiello
Homepage:http://www.rosiello.org/
Related File:09.09.05.txt
File Size:12843
Last Modified:Sep 29 03:59:21 2005
MD5 Checksum:642b5fb9f407325048f6e9666e719172

 ///  File Name: OSG_Advisory_13.txt
Description:
RealPlayer and Helix Player remote format string exploit. This flaw makes use of the .rp and .rt file formats. Code tested on Debian 3.1 against RealPlayer 10 Gold's latest version.
Author:c0ntex
Homepage:http://www.open-security.org
File Size:10720
Last Modified:Sep 28 00:38:20 2005
MD5 Checksum:b753c5e729eb9c6216cb72df318e125c

 ///  File Name: mantis-poc.txt
Description:
Mantis Bugtracker versions less than 1.0.0RC2 and greater than 0.18.3 are vulnerable to XSS and variable poisoning attacks if register_globals is enabled.
Author:Joxean Guay del Paraguay
Related Exploit:mantis-poc.tar.gz"
File Size:10303
Last Modified:Sep 29 05:37:57 2005
MD5 Checksum:d3137f93b98019ab086082b975926888

 ///  File Name: cutenxpl.php.txt
Description:
CuteNews version 1.4.0 remote code execution exploit. Earlier versions may also be susceptible. Flaw makes use of a lack of user input sanitization.
Author:rgod
Homepage:http://rgod.altervista.org/
File Size:10303
Last Modified:Sep 22 08:47:34 2005
MD5 Checksum:7847b9e293a7818da7fa661313f9ec6e

 ///  File Name: mailitnow.html
Description:
The contact.php code from Mail-it Now! version 1.5 is susceptible to a remote code execution flaw. Exploit included.
Author:rgod
Homepage:http://rgod.altervista.org
File Size:9660
Last Modified:Sep 13 08:51:07 2005
MD5 Checksum:8a4541ed8f9025712b62efe9c1989d31

 ///  File Name: mercury_imap.c
Description:
Mercury Mail IMAP server versions 4.01a and below remote buffer overflow exploit.
Author:c0d3r
Homepage:http://www.ihsteam.com
File Size:9314
Last Modified:Sep 23 07:56:20 2005
MD5 Checksum:071e805167e5cc006d1d151ea6d12887

 ///  File Name: maildisgust.txt
Description:
MailGust 1.9 is vulnerable to a SQL injection attack that allows for board takeover. Exploit provided.
Author:rgod
Homepage:http://rgod.altervista.org
File Size:9176
Last Modified:Sep 26 06:49:54 2005
MD5 Checksum:2af5368ea3e4eb646f7368060ac87c62

 ///  File Name: pblang465.txt
Description:
PBLang 4.65 and possibly prior versions suffers from remote code execution, administrative credentials disclosure, system information disclosure, cross site scripting and path disclosure vulnerabilities.
Author:rgod
Homepage:http://rgod.altervista.org/pblang465.html
File Size:9064
Last Modified:Sep 7 09:02:45 2005
MD5 Checksum:51be931553378c61f187b04af3948651

 ///  File Name: phpfusion600109.txt
Description:
Exploit for PHP-Fusion v6.00.109 SQL Injection and admin credentials disclosure vulnerability.
Author:rgod
Homepage:http://rgod.altervista.org
File Size:8361
Last Modified:Sep 29 05:43:30 2005
MD5 Checksum:fb1f0fefc75ecddc016cd57da6a28642

 ///  File Name: mylittle15_16b.txt
Description:
My Little Forum 1.5 SQL injection exploit that retrieves an md5 password hash.
Author:rgod
Homepage:http://rgod.altervista.org
File Size:8164
Last Modified:Sep 23 08:38:47 2005
MD5 Checksum:c59af767c4a1416bec0a1e0907d82cb4

 ///  File Name: filezillaWeak.txt
Description:
The FileZilla client stores passwords using a weak XOR 'encryption'. The value of the cipher key is static and can be found in the source code. This vulnerability has been successfully tested on versions 2.2.14b and 2.2.15. However, it is suspected that most previous versions are also affected.
Author:Adrian Pastor
Homepage:http://www.ikwt.com
File Size:7849
Last Modified:Sep 5 09:01:17 2005
MD5 Checksum:b691adde53fbe91eb1abc1c237557b2d

 ///  File Name: phorum5x.txt
Description:
Phorum versions 5.0.17a and below suffer from multiple vulnerabilities. These include cross site scripting, session hijacking, and insecure creation of client cookies.
Author:Scott Dewey
File Size:7619
Last Modified:Sep 5 08:53:55 2005
MD5 Checksum:71806d1f033150bf32f3846613dcd53b

 ///  File Name: cubecart-3.0.3.txt
Description:
CubeCart 3.0.3 contains a flaw that allows a remote cross site scripting attack. Exploitation provided.
Author:Lostmon
Homepage:http://lostmon.blogspot.com/2005/09/
File Size:7126
Last Modified:Sep 29 05:43:04 2005
MD5 Checksum:d724af0688649985edd7703faad60ed9

 ///  File Name: urbanGame.txt
Description:
Urban 1.5.3_1, part of the FreeBSD ports collection, is vulnerable to a stack overflow when handling the $HOME environmental variable. Since urban is installed with setgid games privileges, privilege escalation is possible. Earlier versions may also be susceptible. Proof of concept exploit included.
Author:Shaun Colley
File Size:6738
Last Modified:Sep 7 08:18:43 2005
MD5 Checksum:7b58bfa9889fd92a18fb97d8fa8a63fb

 ///  File Name: mtaboom.zip
Description:
Proof of concept exploit for MultiTheftAuto versions 0.5 patch 1 and below. This causes Windows to crash.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:mtaboom.txt
File Size:6271
Last Modified:Sep 26 07:39:39 2005
MD5 Checksum:99976b5912749ccd7466e53d66e16d27

 ///  File Name: PTL_advisory_050825.txt
Description:
HP LaserJet printers have an extensive administrative user interface that is provided over SNMP. Pinion has discovered that HP LaserJet printers store information regarding recently printed documents. Information such as document name, title, number of pages, document size, user who has printed the document and the machine name where the print job was initiated can all be extracted via SNMP. Exploit provided. HP LaserJet 2430 is verified vulnerable.
Author:George Hedfors
Homepage:http://www.pinion.se
File Size:6173
Last Modified:Sep 22 07:49:16 2005
MD5 Checksum:b376f6008757846aea028cf6ad623110

 ///  File Name: 20050917-vbulletin-3.0.8.txt
Description:
vBulletin versions 3.0.9 and below suffer from multiple SQL injection, cross site scripting, and arbitrary file upload vulnerabilities. Detailed exploitation provided.
Author:deluxe, Thomas Waldegger
File Size:6137
Last Modified:Sep 22 08:50:47 2005
MD5 Checksum:a55c483d1d473d27f073633e4bc8d781

 ///  File Name: ms05-018.c
Description:
MS05-018 windows CSRSS.EXE stack overflow local exploit version 1.0. Systems affected: Windows 2000 SP3/SP4 (all languages).
Author:eyas
Homepage:http://www.xfocus.net/
File Size:5853
Last Modified:Sep 7 08:57:25 2005
MD5 Checksum:4fb30891a7dbd3754cf3c85610729680

 ///  File Name: subpro204409P.txt
Description:
Subscribe Me Pro versions 2.044.09P and below are prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An unauthorized user can retrieve arbitrary files by supplying directory traversal strings '../' to the vulnerable parameter.
Author:ShoCK FX, h4cky0u
Homepage:http://www.h4cky0u.org
File Size:5546
Last Modified:Sep 14 08:48:06 2005
MD5 Checksum:d219768d5e7915ef946e4bbbcaea8e1c