Section: .. / 0512-exploits /

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 83

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	0512-exploits.tgz
Description:	Packet Storm new exploits for December, 2005.
Homepage:	http://packetstormsecurity.org/
File Size:	173367
Last Modified:	Jan 1 22:36:42 2006
MD5 Checksum:	fda394a1e54f4abf73962ed66d26dc3b

/// File Name:	ie_xp_pfv_metafile.pm.txt
Description:	This Metasploit module exploits a vulnerability in the Windows Picture and Fax Viewer found in Windows XP and 2003. This vulnerability uses a corrupt Windows Metafile to execute arbitrary code.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	50588
Last Modified:	Dec 31 09:59:58 2005
MD5 Checksum:	41f7cfba418309a3d955d808ee079bd6

/// File Name:	k-rad3.c
Description:	Linux kernel 2.6.11 and below CPL 0 local exploit. Third version/variant of this exploit.
Author:	sd, alert7
Homepage:	http://www.xfocus.org/
File Size:	17113
Last Modified:	Dec 31 10:05:55 2005
MD5 Checksum:	fe97c08a01073659a768232db8f502ef

/// File Name:	zencart_126d_xpl.html
Description:	Zen-Cart versions 1.2.6d and below are susceptible to blind SQL injection and remote command execution attacks. Exploit included.
Author:	rgod
Homepage:	http://rgod.altervista.org/
File Size:	16138
Last Modified:	Dec 3 07:22:36 2005
MD5 Checksum:	a507099ecbfb1ccd22d23ed6ed3eca57

/// File Name:	PHPGedView.php.txt
Description:	PHPGedView versions less than or equal to 3.3.7 arbitrary local and remote code execution and php injection exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	15014
Last Modified:	Dec 28 21:40:01 2005
MD5 Checksum:	1c536361235cf3a330b3e3b7f98d107f

/// File Name:	wbaker_260_xpl.txt
Description:	Website Baker versions 2.6.0 and below suffer from SQL injection, login bypass, and remote code execution flaws. Exploit included.
Author:	rgod
Homepage:	http://rgod.altervista.org/
File Size:	14910
Last Modified:	Dec 14 05:57:16 2005
MD5 Checksum:	f51d6a97733a1d4570932cc029123f2c

/// File Name:	Bb_6.zip
Description:	Blackboard versions 6.3.1.424 and 6.2.3.23 (and possibly earlier versions) are susceptible to login bypass, spoofing of announcements, and proxying flaws.
Author:	dr_insane
File Size:	13454
Last Modified:	Dec 14 07:36:44 2005
MD5 Checksum:	7113f857a7b23c9e90395e557919c2c2

/// File Name:	phpcoin_122_sql_xpl.html
Description:	PhpCOIN version 1.2.2 blind SQL injection and remote code execution exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org
Related Exploit:	phpcoin122.html"
File Size:	12956
Last Modified:	Dec 14 08:38:12 2005
MD5 Checksum:	4e5c4c0841e7cf1d1c5715cd43bc271a

/// File Name:	flatnuke256_xpl.txt
Description:	Flatnuke version 2.5.6 privilege escalation and remote command execution exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	12931
Last Modified:	Dec 14 07:31:26 2005
MD5 Checksum:	0b914d4061a58677e535436986fc8701

/// File Name:	Dev_15_sql_xpl.php.txt
Description:	Dev Web versions less than of equal to 1.5 'cat' SQL injection and admin MD5 password hash disclosure exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	12762
Last Modified:	Dec 29 01:47:54 2005
MD5 Checksum:	4e8ecca6f99911710c2e7703c1042181

/// File Name:	limbo1042_xpl.txt
Description:	LIMBO CMS versions 1.0.4.2 and below suffer from blind SQL injection, cross site scripting, local file inclusion, remote code execution, and other fun flaws. Exploit provided.
Author:	rgod
Homepage:	http://rgod.altervista.org/
File Size:	12178
Last Modified:	Dec 15 07:56:37 2005
MD5 Checksum:	7ffea299a93e6527c9cced8875eb9513

/// File Name:	mambo452_xpl.html
Description:	Mambo versions 4.5.2 and below Globals overwrite and remote command execution exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	10846
Last Modified:	Dec 9 17:14:28 2005
MD5 Checksum:	6d5cda257b3443d29067a4e7e9e83872

/// File Name:	phpcoin_122_incl_xpl.html
Description:	PhpCOIN version 1.2.2 remote code execution exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org
Related Exploit:	phpcoin_122_sql_xpl.html"
File Size:	10778
Last Modified:	Dec 14 08:37:06 2005
MD5 Checksum:	8daca9cd0eaad6f3477b12ed9e24d536

/// File Name:	phpdocumentor_130rc4_incl_expl.txt
Description:	Remote command execution exploit for phpDocumentor versions 1.3.0 rc4 and below.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	10691
Last Modified:	Dec 31 03:26:14 2005
MD5 Checksum:	2fd6773ad972fc55747644a9248f2869

/// File Name:	sugar_suite_40beta.txt
Description:	SugarSuite Open Source versions 4.0beta and below suffer from remote code execution and file inclusion flaws. Exploit provided.
Author:	rgod
Homepage:	http://rgod.altervista.org/
File Size:	10408
Last Modified:	Dec 14 05:19:41 2005
MD5 Checksum:	ff2fa3cc8d3377e7cc559a9c0fb94fc3

/// File Name:	simplebbs_11_xpl.html
Description:	SimpleBBS versions 1.1 and below remote command execution exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org/
File Size:	10354
Last Modified:	Dec 9 17:57:22 2005
MD5 Checksum:	7d6b52b146bc413dfd0bc3e8bba319be

/// File Name:	SEC-20051211-0.txt
Description:	SEC-CONSULT Security Advisory 20051211-0 - Horde versions 3.0.7 and below, Kronolith versions 2.0.5 and below, Mnemo version 2.0.2 and below, Nag versions 2.0.3 and below, and Turba versions 2.0.4 and below are susceptible to cross site scripting attacks.
Author:	Johannes Greil
Homepage:	http://www.sec-consult.com
File Size:	8439
Last Modified:	Dec 14 08:16:06 2005
MD5 Checksum:	cd3e50c6d30cf26aab9c6ebd6280f69c

/// File Name:	mIRCexploitXPSP2eng.c
Description:	mIRC exploit for versions 6.16 and below. Proof of concept exploit that does not actually increase privileges but could be useful in restricted environments.
Author:	Jordi Corrales
File Size:	7749
Last Modified:	Dec 28 23:23:55 2005
MD5 Checksum:	f42e9afc57363d0249b6b3aa0790d5ed

/// File Name:	gmailXSSinject.txt
Description:	Google's GMailSite script is susceptible to cross site scripting attacks. Details provided. Versions 1.0.4 and below are affected.
Author:	Lostmon
Homepage:	http://lostmon.blogspot.com/
File Size:	7393
Last Modified:	Dec 31 03:24:35 2005
MD5 Checksum:	b30b60462a746c3ee07d8b8ef9512402

/// File Name:	appfluent.txt
Description:	Appfluent Database IDS version 2.0 suffers from an environment variable overflow that can be manipulated using sudo as an attack vector. Exploit provided.
Author:	c0ntex
Homepage:	http://www.open-security.org
File Size:	6908
Last Modified:	Dec 14 05:21:23 2005
MD5 Checksum:	32c5b58d9d21114244ca445df9985b02

/// File Name:	bypassXSSnuke.txt
Description:	PHPNUKE versions 7.9 and below suffer from a cross site scripting filter bypass vulnerability. Details provided.
Author:	Maksymilian Arciemowicz
Homepage:	http://securityreason.com/
File Size:	6191
Last Modified:	Dec 15 07:43:20 2005
MD5 Checksum:	eb14def6f8b872d7c1f7296074010db0

/// File Name:	lyris-listmanager.txt
Description:	The Lyris ListManager software versions 5.0 through 8.8a are vulnerable to numerous SQL injection, source code disclosure, and authentication bypass flaws. Full details provided.
Author:	H D Moore
Homepage:	http://metasploit.com/
Related Exploit:	lyris_attachment_mssql.pm.txt"
File Size:	6050
Last Modified:	Dec 14 07:11:49 2005
MD5 Checksum:	82ab2ed7706e828cab1028eedd58814c

/// File Name:	BluePIMped.diff
Description:	Patch for ussp-push that allows you to exploit the overflows discovered in the Widcomm BTStackServer.
Author:	Kevin Finisterre
Homepage:	http://www.digitalmunition.com
Related File:	BluePIMped.txt
File Size:	5992
Last Modified:	Dec 7 07:22:59 2005
MD5 Checksum:	8626543797f1b6290b90c1e8c0a180fc

/// File Name:	cerberusHelp.txt
Description:	Cerberus HelpDesk is susceptible to SQL injection and cross site scripting flaws. cerberus-gui 2.649 is affected. support-center 2.649 through 3.2.0pr2 is also affected. Full exploitation details provided.
Author:	A. Ramos
Homepage:	http://www.unsec.net
File Size:	5752
Last Modified:	Dec 27 09:31:57 2005
MD5 Checksum:	4e8068a82c40d05baeb62691157db870

/// File Name:	mailenable-imap-examine.py.txt
Description:	Python exploit for a remote buffer overflow that exists in the MailEnable Enterprise 1.1 IMAP EXAMINE command. This vulnerability affects MailEnable Enterprise 1.1 without the ME-10009.EXE patch.
Author:	Mati Aharoni
Related Exploit:	muts_mailenable_imap_examine.pm.txt"
File Size:	5147
Last Modified:	Dec 28 06:10:21 2005
MD5 Checksum:	4d2052261c05aa5f9b5f8999662a166c