Section: .. / 0511-exploits /

Page 2 of 6
<< 1 2 3 4 5 6 >> Files 25 - 50 of 132

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	flatfragz.zip
Description:	Proof of concept exploit for FlatFrag versions 0.3 and below which suffer from a null pointer crash and buffer overflow bugs.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	flatfragz.txt
File Size:	7464
Last Modified:	Nov 3 02:59:16 2005
MD5 Checksum:	60c1835fd969eb9fa52eb2805e9e30b0

/// File Name:	CuteNews1.4.1.txt
Description:	CuteNews 1.4.1 Arbitrary file inclusion and remote code execution exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	7411
Last Modified:	Nov 4 02:33:13 2005
MD5 Checksum:	c506f6d33b39493d17b3d6bc7f27f75c

/// File Name:	TKADV2005-11-004.txt
Description:	Versions 1.5.3 and below of phpMyFAQ contain multiple persistent cross site scripting vulnerabilities. Exploitation details provided.
Author:	Tobias Klein
File Size:	7196
Last Modified:	Nov 20 21:58:02 2005
MD5 Checksum:	05fc1697b2809adbe3c1454fc4daf576

/// File Name:	google.pm.txt
Description:	This Metasploit module exploits a feature in the Saxon XSLT parser used by the Google Search Appliance. This feature allows for arbitrary java methods to be called. Google released a patch and advisory to their client base in August of 2005 (GA-2005-08-m). The target appliance must be able to connect back to your machine for this exploit to work.
Author:	H D Moore
File Size:	7138
Last Modified:	Nov 20 20:29:43 2005
MD5 Checksum:	4f156a6909004d91eb34fe3bfb396d20

/// File Name:	gpsdrive-ex-long-ppc.pl.txt
Description:	Exploit for the format string vulnerability found in the friendsd server that comes with GpsDrive. PowerPC version.
Author:	Kevin Finisterre
Homepage:	http://www.digitalmunition.com
Related File:	DMA-2005-1104a.txt
File Size:	7065
Last Modified:	Nov 5 04:38:14 2005
MD5 Checksum:	5669d45ae60d36ec13e00422dc5e6863

/// File Name:	gliderbof.zip
Description:	Proof of concept exploit for the buffer overflow vulnerability discovered in Glider collect'n kill version 1.0.0.0.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	gliderbof.txt
File Size:	7036
Last Modified:	Nov 3 02:49:52 2005
MD5 Checksum:	a18ae12f5eebc73b1c269eedb5d6f902

/// File Name:	ggwbof.zip
Description:	Server related exploit for a buffer overflow discovered in the handshaking process for GO-Global for Windows versions 3.1.0.3270 and below.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related Exploit:	ggwbofc.zip"
File Size:	6755
Last Modified:	Nov 3 02:38:39 2005
MD5 Checksum:	71783d0afbcba6d5b0554a712014f175

/// File Name:	ggwbofc.zip
Description:	Client related exploit for a buffer overflow discovered in the handshaking process for GO-Global for Windows versions 3.1.0.3270 and below.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related Exploit:	ggwbof.zip"
File Size:	6589
Last Modified:	Nov 3 02:38:55 2005
MD5 Checksum:	7966dc701c134fc49ab2366ad54aaa2c

/// File Name:	SEC-20051125-0.txt
Description:	SEC-CONSULT Security Advisory 20051125-0 - vTiger versions 4.2 and below have been found susceptible to SQL injection, cross site scripting, code execution, directory traversal, and arbitrary file upload flaws.
Author:	Daniel Fabian
Homepage:	http://www.sec-consult.com
File Size:	6013
Last Modified:	Nov 30 20:59:33 2005
MD5 Checksum:	96d3cb698b8ebc4810a5d40fe39f7827

/// File Name:	fsigk_exp.py.txt
Description:	F-Secure Internet Gatekeeper for Linux local root exploit written in Python.
Author:	xavier
Homepage:	http://xavsec.blogspot.com
File Size:	5726
Last Modified:	Nov 10 06:41:36 2005
MD5 Checksum:	8fd32a41755b781105ed34dc1b1eae28

/// File Name:	TUVSA-0511-001.txt
Description:	Simple PHP Blog versions 0.4.5 and below are susceptible to multiple cross site scripting attacks.
Author:	Nenad Jovanovic
Homepage:	http://www.seclab.tuwien.ac.at
File Size:	5346
Last Modified:	Nov 3 02:11:16 2005
MD5 Checksum:	3636d3372789a162f31edbcfc6ee0e7c

/// File Name:	gmailbug.txt
Description:	A flaw in Google's G-Mail system allowed anyone access to any mailbox.
Homepage:	http://www.elhacker.net/
File Size:	5337
Last Modified:	Nov 30 08:11:03 2005
MD5 Checksum:	1e15a3835748c9b14ce6ad70691f2e45

/// File Name:	googleProxy.txt
Description:	The Google Search Appliance allows customization of the search interface through XSLT style sheets. Certain versions of the appliance allow a remote URL to be supplied as the path to the XSLT style sheet. This feature can be abused to perform cross-site scripting (XSS), file discovery, service enumeration, and arbitrary command execution.
Author:	H D Moore
Homepage:	http://metasploit.com/
File Size:	5264
Last Modified:	Nov 30 08:19:58 2005
MD5 Checksum:	197e33a1a1feb275398aab21c4d16687

/// File Name:	waraxe-2005-SA043.txt
Description:	Phorum versions 5.0.0.alpha through 5.0.20 are susceptible to SQL injection attacks. Exploitation details provided.
Author:	Janek Vind aka waraxe
Homepage:	http://www.waraxe.us/
File Size:	5157
Last Modified:	Nov 8 15:35:05 2005
MD5 Checksum:	e177fce92c9484b06a17fa7f1524b966

/// File Name:	11.17.05.txt
Description:	iDEFENSE Security Advisory 11.17.05 - Remote exploitation of a directory transversal vulnerability in Qualcomm WorldMail IMAP Server allows attackers to read any email stored on the system. Exploitation details provided. Tested against Qualcomm Worldmail server version 3.0. Other versions may be vulnerable.
Homepage:	http://www.idefense.com/
File Size:	4317
Related CVE(s):	CAN-2005-3189
Last Modified:	Nov 20 20:39:32 2005
MD5 Checksum:	b35d6599c12f38d6dfa3fe349fee7afc

/// File Name:	affiliateNetwork.txt
Description:	Affiliate Network Pro version 7.2 suffers from SQL injection, code execution, and cross site scripting flaws.
Author:	Robin Verton
File Size:	4307
Last Modified:	Nov 20 05:17:59 2005
MD5 Checksum:	08ed6a55774004d3cf03f5ae1a1b54cf

/// File Name:	SA027.txt
Description:	PHPNuke version 7.8 is susceptible to SQL injection attacks. Exploitation details provided.
Author:	sp3x
Homepage:	http://securityreason.com/
File Size:	4255
Last Modified:	Nov 20 05:15:03 2005
MD5 Checksum:	cb25ca59e0415d952353fa8e988e938f

/// File Name:	mailenable154.pm.txt
Description:	This Metasploit module exploits a buffer overflow in the W3C logging functionality of the MailEnable IMAPD service. Logging is not enabled by default and this exploit requires a valid username and password to exploit the flaw. MailEnable Professional version 1.6 and prior and MailEnable Enterprise version 1.1 and prior are affected.
Author:	y0
Related Exploit:	mailenable.cpp"
File Size:	3986
Last Modified:	Nov 20 20:32:14 2005
MD5 Checksum:	e5740ecdc8ee4ed1a44f270d02a429e1

/// File Name:	freeFTPDoS.txt
Description:	freeFTPd version 1.0.10 is susceptible to a remote denial of service attack. Exploit included.
Author:	Stefan Lochbihler
File Size:	3945
Last Modified:	Nov 30 20:43:17 2005
MD5 Checksum:	176fe3a8f002cb7793292507b61b3c21

/// File Name:	walla30.txt
Description:	Walla Telesite versions 3.0 and below are susceptible to cross site scripting, SQL injection, and more. Details provided.
Author:	Rafi Nahum, Pokerface
File Size:	3599
Last Modified:	Nov 15 11:49:02 2005
MD5 Checksum:	f21e14564b8ffda884db2c8e22cdf2d9

/// File Name:	200511-asterisk.txt
Description:	A vulnerability in the voicemail retrieval system for the Asterisk PBX software allows an authenticated user to download any .wav/.WAV file from the system, including other users' voicemail messages. Versions affected: Asterisk versions 1.0.9 and below, Asterisk Beta versions 1.2.0-beta1 and below, Asterisk @ Home versions 1.5 and below, and Asterisk @ Home Beta versions 2.0 Beta 4 and below.
Author:	Adam Pointon
Homepage:	http://www.assurance.com.au/
File Size:	3541
Last Modified:	Nov 8 17:44:44 2005
MD5 Checksum:	75dd48e0ad893411c13943121f634111

/// File Name:	wizzSQL.txt
Description:	Wizz Forum is susceptible to multiple SQL injection attacks. Exploit provided.
Author:	HACKERS PAL
File Size:	3528
Last Modified:	Nov 15 07:12:53 2005
MD5 Checksum:	1d4890eeeaae878e9edbcc0b4f09ac81

/// File Name:	snort_bo_overflow_win32.pm.txt
Description:	Remote Snort Back Orifice preprocessor overflow Metasploit exploit for Win32 targets. Exploits Snort versions 2.4.0 through 2.4.2. Tested against Snort 2.4.2 Binary with Windows XP Professional SP1/SP2, Windows Server 2003 SP1, Windows Server 2000 SP0, and Windows 2000 Professional SP0.
Author:	Kira
File Size:	3507
Last Modified:	Nov 2 02:21:35 2005
MD5 Checksum:	64e0a9ba3164254f4a2ed9132d75616b

/// File Name:	spymacXSS.txt
Description:	Spymac Web OS 4.0 is susceptible to multiple cross site scripting vulnerabilities. Full exploitation details provided.
Author:	Lostmon
Homepage:	http://lostmon.blogspot.com/2005/11/
File Size:	3487
Last Modified:	Nov 5 03:12:16 2005
MD5 Checksum:	27cefc9d8d3de3e67378d98f45a27380

/// File Name:	up-imapproxy-exp.txt
Description:	A format string vulnerability exists in Imapproxy versions 1.2.4 and below. Proof of concept exploit included.
Author:	darkeagle
Homepage:	http://exploiterz.org/
File Size:	3388
Last Modified:	Nov 2 07:28:32 2005
MD5 Checksum:	c5d3a8768d8bb552161f87506e4c4e92