Section: .. / 0511-exploits /

Page 5 of 6
<< 1 2 3 4 5 6 >> Files 100 - 125 of 132

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	SEC-20051107-0.txt
Description:	SEC-CONSULT Security Advisory 20051107-0 - toendaCMS allows for theft of CMS usernames and passwords (XML database mode), session theft (XML database mode), directory traversal attacks (XML database mode), and arbitrary file uploads. Versions below 0.6.2 are affected.
Author:	Bernhard Mueller
Homepage:	http://www.sec-consult.com
File Size:	3223
Last Modified:	Nov 8 17:56:56 2005
MD5 Checksum:	6844189f4d71a6ff5a7e18d4ca8b49b4

/// File Name:	SEC-20051107-1.txt
Description:	SEC-CONSULT Security Advisory 20051107-1 - SEC Consult has found that parameters to ActionDefineFunction (ACTIONRECORD 0x9b) in the Macromedia Flash Plugin are not properly sanitized. Loading a specially crafted SWF leads to an improper memory access condition which can be used to crash flash player or may be exploited as a vector for code execution. This issue is similar to CAN-2005-2628 (as reported by eEye Digital Security on November 4, 2005) but affects a different function. Versions affected: flash.ocx 7.0.19.0 and earlier, libflashplayer.so before 7.0.25.0.
Author:	Bernhard Mueller
Homepage:	http://www.sec-consult.com
File Size:	3098
Last Modified:	Nov 8 17:59:22 2005
MD5 Checksum:	264599e1850c14e2756e29db80b22319

/// File Name:	SEC-20051125-0.txt
Description:	SEC-CONSULT Security Advisory 20051125-0 - vTiger versions 4.2 and below have been found susceptible to SQL injection, cross site scripting, code execution, directory traversal, and arbitrary file upload flaws.
Author:	Daniel Fabian
Homepage:	http://www.sec-consult.com
File Size:	6013
Last Modified:	Nov 30 20:59:33 2005
MD5 Checksum:	96d3cb698b8ebc4810a5d40fe39f7827

/// File Name:	SF_multi.pl.txt
Description:	Veritas Storage Foundation 4.0 local root exploit that takes advantage of a buffer overflow in the VCSI18N_LANG environment variable.
Author:	Kevin Finisterre
Homepage:	http://www.digitalmunition.com/
Related File:	DMA-2005-1112a.txt
File Size:	1977
Last Modified:	Nov 13 02:51:19 2005
MD5 Checksum:	63e0191fae3cce7687106f886bb488df

/// File Name:	SmartPPCProXSS.txt
Description:	SmartPPC Pro is susceptible to multiple cross site scripting flaws. Details provided.
Author:	BiPi_HaCk
Homepage:	http://www.NightmareSecurity.net
File Size:	1658
Last Modified:	Nov 30 20:40:21 2005
MD5 Checksum:	580e5066cf6ab7d39ab0c4a24b8f7931

/// File Name:	snort_bo_overflow_win32.pm.txt
Description:	Remote Snort Back Orifice preprocessor overflow Metasploit exploit for Win32 targets. Exploits Snort versions 2.4.0 through 2.4.2. Tested against Snort 2.4.2 Binary with Windows XP Professional SP1/SP2, Windows Server 2003 SP1, Windows Server 2000 SP0, and Windows 2000 Professional SP0.
Author:	Kira
File Size:	3507
Last Modified:	Nov 2 02:21:35 2005
MD5 Checksum:	64e0a9ba3164254f4a2ed9132d75616b

/// File Name:	spymacXSS.txt
Description:	Spymac Web OS 4.0 is susceptible to multiple cross site scripting vulnerabilities. Full exploitation details provided.
Author:	Lostmon
Homepage:	http://lostmon.blogspot.com/2005/11/
File Size:	3487
Last Modified:	Nov 5 03:12:16 2005
MD5 Checksum:	27cefc9d8d3de3e67378d98f45a27380

/// File Name:	sudo168p10.sh.txt
Description:	Local root exploit for sudo versions below 1.6.8p10 that makes use of the environment cleaning flaws with the SHELLOPTS and PS4 variables.
Author:	breno
Related File:	USN-213-1.txt
File Size:	992
Related CVE(s):	CAN-2005-2959
Last Modified:	Nov 10 06:32:06 2005
MD5 Checksum:	26689850763402295ae09b43b6f7fa81

/// File Name:	susechfn.sh.txt
Description:	Local root exploit for chfn under SuSE Linux 9.{1,2,3}/10.0, Desktop 1.0, UnitedLinux 1.0, and SuSE Linux Enterprise Server {8,9}.
Author:	Hunger
Related File:	SUSE-SA-2005-064.txt
File Size:	961
Last Modified:	Nov 10 06:43:38 2005
MD5 Checksum:	895756970d08459e693287e6f9526a5a

/// File Name:	TKADV2005-11-004.txt
Description:	Versions 1.5.3 and below of phpMyFAQ contain multiple persistent cross site scripting vulnerabilities. Exploitation details provided.
Author:	Tobias Klein
File Size:	7196
Last Modified:	Nov 20 21:58:02 2005
MD5 Checksum:	05fc1697b2809adbe3c1454fc4daf576

/// File Name:	torrentialTraverse.txt
Description:	Torrential version 1.2 is susceptible to directory traversal attacks.
Author:	Shell
File Size:	1010
Last Modified:	Nov 30 19:39:33 2005
MD5 Checksum:	860ca089844b7b9cbca1185332388974

/// File Name:	TUVSA-0511-001.txt
Description:	Simple PHP Blog versions 0.4.5 and below are susceptible to multiple cross site scripting attacks.
Author:	Nenad Jovanovic
Homepage:	http://www.seclab.tuwien.ac.at
File Size:	5346
Last Modified:	Nov 3 02:11:16 2005
MD5 Checksum:	3636d3372789a162f31edbcfc6ee0e7c

/// File Name:	twiki20030201.pl.txt
Description:	TWiki 20030201 VIEW string remote command execution exploit.
Author:	rUnViRuS
Homepage:	http://www.worlddefacers.net
File Size:	3144
Last Modified:	Nov 8 17:49:44 2005
MD5 Checksum:	704505f7f84b2632546beef86fb51138

/// File Name:	unb153pl3_xpl.html
Description:	Unclassified NewsBoard version 1.5.3 patch level 3 DateFrom and DateUntil blind SQL injection remote exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org/
File Size:	15791
Last Modified:	Nov 15 11:40:43 2005
MD5 Checksum:	2f3468836bec63bf9e67e4be450370b0

/// File Name:	up-imapproxy-exp.txt
Description:	A format string vulnerability exists in Imapproxy versions 1.2.4 and below. Proof of concept exploit included.
Author:	darkeagle
Homepage:	http://exploiterz.org/
File Size:	3388
Last Modified:	Nov 2 07:28:32 2005
MD5 Checksum:	c5d3a8768d8bb552161f87506e4c4e92

/// File Name:	upnp-dos.c
Description:	Denial of service exploit that makes use of a memory leak when sending a specially crafted upnp_getdevicelist request.
Author:	Winny Thomas
File Size:	27398
Last Modified:	Nov 15 11:24:16 2005
MD5 Checksum:	58267d81c23e18f5d4b0113c23e8cbb9

/// File Name:	vbullXSS.txt
Description:	vBulletin 3.5.1 suffers from a cross site scripting flaw due to the control panel not properly sanitizing variables.
Author:	[N] Shell
Homepage:	http://nshell.h15.ru
File Size:	941
Last Modified:	Nov 30 21:50:51 2005
MD5 Checksum:	1f755609ff408f9dc279f7f2367305c9

/// File Name:	VHCSXSS.txt
Description:	VHCS version 2.x is susceptible to cross site scripting attacks.
Author:	Moritz Naumann
Homepage:	http://moritz-naumann.com/
File Size:	2673
Last Modified:	Nov 30 20:26:46 2005
MD5 Checksum:	8d6b5fb521260765932fd6061bd26bd1

/// File Name:	vubbXSS.txt
Description:	VUBB Alpha RC1 is susceptible to cross site scripting and path disclosure flaws. Details provided.
Author:	trueend5
File Size:	1460
Last Modified:	Nov 2 02:23:29 2005
MD5 Checksum:	b80d48302db0771038800f4f8ec48fbe

/// File Name:	walla30.txt
Description:	Walla Telesite versions 3.0 and below are susceptible to cross site scripting, SQL injection, and more. Details provided.
Author:	Rafi Nahum, Pokerface
File Size:	3599
Last Modified:	Nov 15 11:49:02 2005
MD5 Checksum:	f21e14564b8ffda884db2c8e22cdf2d9

/// File Name:	waraxe-2005-SA043.txt
Description:	Phorum versions 5.0.0.alpha through 5.0.20 are susceptible to SQL injection attacks. Exploitation details provided.
Author:	Janek Vind aka waraxe
Homepage:	http://www.waraxe.us/
File Size:	5157
Last Modified:	Nov 8 15:35:05 2005
MD5 Checksum:	e177fce92c9484b06a17fa7f1524b966

/// File Name:	webistanbul.txt
Description:	Webistanbul is susceptible to SQL injection attacks.
Author:	khc
File Size:	191
Last Modified:	Nov 30 21:44:23 2005
MD5 Checksum:	66729c603bbb08dfcdb14f44ee49ef61

/// File Name:	wizzSQL.txt
Description:	Wizz Forum is susceptible to multiple SQL injection attacks. Exploit provided.
Author:	HACKERS PAL
File Size:	3528
Last Modified:	Nov 15 07:12:53 2005
MD5 Checksum:	1d4890eeeaae878e9edbcc0b4f09ac81

/// File Name:	wzdFTPd.pm.txt
Description:	Wzdftpd SITE command arbitrary command execution Metasploit plugin exploit for versions 0.5.4 and below.
Author:	David Maciejak
Related Exploit:	wzdftpdwarez.pl.txt"
File Size:	3272
Last Modified:	Nov 5 05:02:01 2005
MD5 Checksum:	4525076feb9a2471acc5fd1a9ca7255c

/// File Name:	x_dtsuids.pl.txt
Description:	Solaris 10 DtPrintinfo/Session exploit for x86.
Author:	core
File Size:	2103
Last Modified:	Nov 8 16:05:18 2005
MD5 Checksum:	3eac0baa42e886142249fb50bf8cc94b