Section: .. / 0510-exploits /

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 76

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	0510-exploits.tgz
Description:	New Packet Storm exploits for October, 2005.
Homepage:	http://packetstormsecurity.org/
File Size:	247312
Last Modified:	Nov 1 07:04:19 2005
MD5 Checksum:	818f8615584dabdd06b6c482230fcbf7

/// File Name:	mg2-image.txt
Description:	The MG2 Image Gallery system suffers from a password bypass flaw that allows remote viewing of any images.
Author:	Preben Nylokken
File Size:	658
Last Modified:	Oct 31 01:01:37 2005
MD5 Checksum:	d65a81ffc0e3fd98c87873459cca106e

/// File Name:	swisscom-XSS.txt
Description:	Swisscom EuroSpot wireless service suffers from multiple cross site scripting vulnerabilities. Details provided.
Author:	deepquest
File Size:	2911
Last Modified:	Oct 31 00:52:48 2005
MD5 Checksum:	9741d277e2403db9c5b6f2c1ee4ff94b

/// File Name:	ethereal_slimp3_bof.py.txt
Description:	Ethereal SLIMP3 protocol dissector remote buffer overflow proof of concept exploit that crashes the program. Tested with Ethereal 0.10.12, WinPcap 3.1 beta4, WinXP SP2.
Author:	Sowhat
Homepage:	http://secway.org
Related File:	ethereal-0.10.13.tar.bz2
File Size:	5906
Last Modified:	Oct 31 00:48:44 2005
MD5 Checksum:	8079fdf507021e269a350b1e0f4f8dd2

/// File Name:	VERITAS-OSX.pl.txt
Description:	VERITAS Netbackup remote format string exploit for Mac OS-X.
Author:	johnh
Homepage:	http://www.digitalmunition.com/
File Size:	3772
Last Modified:	Oct 31 00:44:40 2005
MD5 Checksum:	a99cc0cea55e300e8b4870f2a1456aa5

/// File Name:	VERITAS-Win32.pl.txt
Description:	VERITAS Netbackup remote format string exploit for Win32.
Author:	johnh
Homepage:	http://www.digitalmunition.com/
File Size:	5795
Last Modified:	Oct 31 00:43:29 2005
MD5 Checksum:	11ed9502250aaf16e593f90f9b662354

/// File Name:	VERITAS-Linux.pl.txt
Description:	VERITAS Netbackup remote format string exploit for Linux.
Author:	johnh
Homepage:	http://www.digitalmunition.com/
File Size:	3257
Last Modified:	Oct 31 00:42:00 2005
MD5 Checksum:	3337b74b703e0c9d2f85a5a4e04a70e0

/// File Name:	mirabilis.c
Description:	Mirabilis ICQ 2003a buffer overflow download shellcoded exploit. Affected versions: Mirabilis ICQ Pro versions 2003a and below.
Author:	ATmaCA
Homepage:	http://www.atmacasoft.com
File Size:	4199
Last Modified:	Oct 31 00:32:53 2005
MD5 Checksum:	68429a8c319db0ab0a22dff8987e36a7

/// File Name:	ong_bak-0.9.c
Description:	Updated and improved version of the local root exploit for the Linux kernel code that has the Bluetooth related flaw.
Author:	qobaiashi
Related File:	adv1.pdf
File Size:	6221
Last Modified:	Oct 31 00:27:24 2005
MD5 Checksum:	07d7f431a44a04e36697686663a1216b

/// File Name:	Rockliffe.txt
Description:	During an audit of a client, Security-Assessment.com discovered multiple critical vulnerabilities within the RockLiffe MailSite Express WebMail software. The vulnerabilities include the retrieval of arbitrary files from the web server, and bypassing attachment validation routines allowing for remote code execution. Exploitation details included. All versions of RockLiffe MailSite Express WebMail prior to version 6.1.22 are affected.
Author:	Paul Craig
Homepage:	http://www.security-assessment.com/
File Size:	4335
Last Modified:	Oct 31 00:13:59 2005
MD5 Checksum:	3ff38e4d684180018f4aebab2106f220

/// File Name:	XH-Hasbani-HTTPD-DoS.c
Description:	Exploit for a remote denial of service flaw for HTTP GET in Hasbani-WindWeb version 2.0.
Author:	Expanders
Homepage:	http://www.x0n3-h4ck.org
File Size:	8772
Last Modified:	Oct 31 00:12:27 2005
MD5 Checksum:	62411e2cbf277383b98e1096a7b2e2c7

/// File Name:	MS05-047-DoS.c
Description:	Remote denial of service exploit that makes of a length checking issue in the Microsoft UMPNPMGR PNP_GetDeviceList. This code crashes services.exe.
Author:	Winny Thomas
File Size:	19026
Last Modified:	Oct 30 23:51:10 2005
MD5 Checksum:	d44d6f25706a4763f50ad2705945e957

/// File Name:	secunia-ATutor.txt
Description:	Secunia Research has discovered some vulnerabilities in ATutor, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and compromise a vulnerable system. The vulnerabilities have been confirmed in version 1.5.1-pl1. Other versions may also be affected.
Author:	Andreas Sandblad
Homepage:	http://www.secunia.com
File Size:	4841
Last Modified:	Oct 30 23:44:51 2005
MD5 Checksum:	cb2e39612b6178817ab884e23fe1aab3

/// File Name:	cirt-39-advisory.pdf
Description:	The Novell ZENworks Patch Management Server version 6.0.0.52 is vulnerable to SQL injection attacks in the management console. Details provided.
Author:	Dennis Rand
Homepage:	http://www.cirt.dk/
File Size:	132240
Last Modified:	Oct 30 23:43:06 2005
MD5 Checksum:	57b33786dec8c9d43b1c15a0cd5614d7

/// File Name:	PBLang465.txt
Description:	PBLang versions 4.65 and below suffer from file inclusion and cross site scripting flaws. Details provided.
Author:	Abducter
Homepage:	http://www.s4c.cc
File Size:	770
Last Modified:	Oct 30 22:19:29 2005
MD5 Checksum:	d57d9fec88333ad0eab54f49eaff02ae

/// File Name:	vCard29.txt
Description:	vCard 2.9 is susceptible to a remote file inclusion vulnerability. Details provided.
Author:	[ x ]
File Size:	444
Last Modified:	Oct 30 22:10:05 2005
MD5 Checksum:	3a0f64528ea5cc82b7f15ce0998a12e8

/// File Name:	cpanelBlank.txt
Description:	The latest version of cPanel comes with a blank remote MySQL user password.
Author:	sup3r_linux
File Size:	910
Last Modified:	Oct 30 22:08:30 2005
MD5 Checksum:	018dc7e828206ceb26636bc38595dd07

/// File Name:	advisory-103.txt
Description:	Various Techno Dreams scripts are susceptible to sql injection flaws. Proof of concept examples provided.
Author:	Farhad Koosha
Homepage:	http://www.kapda.ir/
File Size:	3108
Last Modified:	Oct 27 08:23:41 2005
MD5 Checksum:	9dfaf6f058204304f8c96c9a17cffee7

/// File Name:	secunia-Mantis.txt
Description:	Secunia Research has discovered a vulnerability in Mantis, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the t_core_path parameter in bug_sponsorship_list_view_inc.php is not properly verified before it used to include files. This can be exploited to include arbitrary files from external and local resources. Affected versions: Mantis 0.19.2 and 1.0.0rc2. Other versions may also be affected.
Author:	Andreas Sandblad
Homepage:	http://www.secunia.com
File Size:	3787
Last Modified:	Oct 27 08:21:45 2005
MD5 Checksum:	a80126dd9202835f1f33d9100084b167

/// File Name:	WoltlabSQL.txt
Description:	Woltlab Burning Board info_db.php is susceptible to multiple sql injection flaws. Versions 2.7 and below are affected.
Author:	[R]
Homepage:	http://www.batznet.com
File Size:	1056
Last Modified:	Oct 27 08:19:23 2005
MD5 Checksum:	ec97c539d271cd59c541a54b02a795b6

/// File Name:	mybbpr2.pl.txt
Description:	MyBB Preview Release 2 sql injection proof of concept exploit.
Author:	cOre
File Size:	4972
Last Modified:	Oct 27 08:18:01 2005
MD5 Checksum:	40b801a07add54caa862ba4d1f969fe0

/// File Name:	PHP-Nuke-XSS.txt
Description:	PHP-Nuke is susceptible to cross site scripting attacks.
Author:	bhfh01
File Size:	823
Last Modified:	Oct 27 08:02:51 2005
MD5 Checksum:	f6cd8a88ef6a2719b0a48477f4da38c0

/// File Name:	flysprayXSS.txt
Description:	Flyspray versions 0.9.7, 0.9.8, and 0.9.8-devel are susceptible to cross site scripting. Exploitation details included.
Author:	Lostmon
Homepage:	http://lostmon.blogspot.com/
File Size:	2104
Last Modified:	Oct 27 07:36:15 2005
MD5 Checksum:	ea71179354fed766b45b5fc6c8e73f36

/// File Name:	SEC-20051025-1.txt
Description:	SEC-CONSULT Security Advisory 20051025-1 - RSA Authentication Agent for Web 5.1 is prone to a cross site scripting vulnerability. Please note that this is issue is different from CAN-2003-0389. Affected versions: This flaw was discovered in version 5.1 of RSA Agent for Web. No other versions were available for testing. Web Agents greater than 5.1 may also be vulnerable.
Homepage:	http://www.sec-consult.com
File Size:	2302
Last Modified:	Oct 27 07:16:15 2005
MD5 Checksum:	07936548503e95a84c2ec606f8e734e8

/// File Name:	SEC-20051025-0.txt
Description:	SEC-CONSULT Security Advisory 20051025-0 - The Snoop PHP web client is susceptible to a remote command execution vulnerability when a specially crafted URL is supplied. Versions 1.2 and earlier are affected.
Author:	Daniel Fabian
Homepage:	http://www.sec-consult.com
File Size:	2566
Last Modified:	Oct 27 07:13:55 2005
MD5 Checksum:	907f0220f39742e9598e02d67bfe5f84