Section:  .. / 0612-exploits  /

Page 1 of 5
<< 1 2 3 4 5 >> Files 1 - 25 of 116
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: 0612-exploits.tgz
Description:
Packet Storm new exploits for December, 2006.
Homepage:http://packetstormsecurity.org/
File Size:257778
Last Modified:Jan 2 03:19:32 2007
MD5 Checksum:2e487886474fdabd76ea4f1207c9fdd6

 ///  File Name: adwords-crlf-injection.pdf
Description:
Multiple CRLF injection aka HTTP response splitting vulnerabilities have been identified in Google AdWords which may be exploited to inject arbitrary HTTP headers.
Author:Debasis Mohanty
Homepage:http://hackingspirits.com/
File Size:123143
Last Modified:Dec 15 11:14:08 2006
MD5 Checksum:489827dac405b8f825bc0e35c68a8d75

 ///  File Name: BTP00012P004AO.zip
Description:
Demonstration exploit that shows how Outpost Firewall Pro version 4.0 fails to protect against advanced DLL injection.
Author:Matousec - Transparent Security Research
Homepage:http://www.matousec.com/
Related File:outpostFP.txt
File Size:14669
Last Modified:Dec 6 05:00:43 2006
MD5 Checksum:b7640c59db45772f4088da18e2439f0e

 ///  File Name: envolution.txt
Description:
Remote code execution exploit for Envolution versions 1.1.0 and below.
Author:Kacper
Homepage:http://www.rahim.webd.pl/
File Size:13954
Last Modified:Dec 6 07:11:07 2006
MD5 Checksum:1e8dcd6da9786a4e9e8c12f659ad841f

 ///  File Name: hlstats-sql.txt
Description:
HLStats versions between 1.34 and 1.20 suffer from a SQL injection vulnerability. Exploit included.
Author:Michael Brooks
File Size:13387
Last Modified:Dec 28 01:28:27 2006
MD5 Checksum:ad6c9c262da52bf4c358930ad1be5fe4

 ///  File Name: openldap-kbind-p00f.c
Description:
Exploit for a buffer overflow in the Kerberos KBIND authentication code in the OpenLDAP slapd server for versions 2.4.3 and below. Note that the vulnerable code only exists in versions compiled with the --enabled-kbind option.
Author:Solar Eclipse
Homepage:http://www.phreedom.org/solar/
Related File:openLDAPslapd.txt
File Size:10773
Last Modified:Dec 15 09:47:44 2006
MD5 Checksum:b23616b663333deb2fb8aa86d6dceb05

 ///  File Name: csrssexe.txt
Description:
Microsoft Windows NTRaiseHardError Csrss.exe proof of concept memory disclosure exploit.
Author:Ruben Santamarta
Homepage:http://www.reversemode.com
File Size:7318
Last Modified:Dec 28 02:07:57 2006
MD5 Checksum:cfd2b9646a35f64abc832c2dfac18df5

 ///  File Name: ixprim12-sql.txt
Description:
Ixprim version 1.2 remote blind SQL injection exploit.
Author:DarkFig
File Size:7282
Last Modified:Dec 22 04:08:03 2006
MD5 Checksum:6fc316346c50c165c7912d9525431184

 ///  File Name: phpicalendar-xss.txt
Description:
PHP icalendar versions 2.23rc1 and below are susceptible to multiple cross site scripting vulnerabilities.
Author:Lostmon
Homepage:http://lostmon.blogspot.com/
File Size:6547
Last Modified:Dec 28 02:09:23 2006
MD5 Checksum:2ed45962cad1d5d30334480bf58c9883

 ///  File Name: winamp7513.txt
Description:
Winamp Web Interface versions 7.5.13 and below suffer from buffer overflow, directory traversal, and file extension bypass vulnerabilities.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
File Size:5854
Last Modified:Dec 11 17:32:11 2006
MD5 Checksum:6034a6713743d88c6680e177e23daed0

 ///  File Name: blazevideo.txt
Description:
BlazeVideo HDTV Player versions 2.1 and below malformed PLF buffer overflow proof of concept exploit.
Author:Greg Linares
File Size:5619
Last Modified:Dec 6 07:07:52 2006
MD5 Checksum:5f17838629967b7725af835c06997f18

 ///  File Name: thinkedit-rfi.txt
Description:
ThinkEdit version 1.9.2 remote file inclusion exploit that makes use of render.php.
Author:r0ut3r
File Size:5605
Last Modified:Dec 9 00:32:33 2006
MD5 Checksum:21bc1dde0ace199aab870e0c235683d4

 ///  File Name: orkut-xss.txt
Description:
Google's Orkut suffers from multiple cross site scripting vulnerabilities.
Author:Rajesh Sethumadhavan
File Size:5098
Last Modified:Dec 8 23:47:00 2006
MD5 Checksum:9d9636427cbc206069e7fb1134dc9b4a

 ///  File Name: ISAA-2006-011.txt
Description:
Improper command and information validation transmitted by Hastymail to the mail servers during the normal use of this application facilitates that an authenticated malicious user could inject arbitrary IMAP/SMTP commands into the mail servers used by Hastymail across parameters used by the webmail front-end in its communication with these mail servers. This vulnerability has been found in development version 1.5 and stable version 1.0.2.
Author:Vicente Aguilera Diaz
File Size:5044
Last Modified:Dec 6 06:12:33 2006
MD5 Checksum:04f55c3688204ba691e9c3cae8912fdf

 ///  File Name: coldfusionMX7.txt
Description:
ColdFusion MX7 suffers from path disclosure, internal IP address disclosure, and cross site scripting vulnerabilities.
Author:Brett Moore
Homepage:http://security-assessment.com/
File Size:4846
Last Modified:Dec 11 17:34:50 2006
MD5 Checksum:322c3712bf4de287ed212dab6fd76933

 ///  File Name: intel-race.txt
Description:
The Intel 2200BG card suffers from a race condition vulnerability. Proof of concept code included.
Author:Breno Silva, Johnny Cache
File Size:4440
Last Modified:Dec 22 00:09:35 2006
MD5 Checksum:6c40fbf83154c14c190a6c246566af79

 ///  File Name: fprot-dos.txt
Description:
Two vulnerabilities in F-Prot Antivirus version 4.6.6 for Unix platforms could allow a remote attacker to cause a denial of service or execute arbitrary code. Exploit included.
Author:Evgeny Legerov
Homepage:http://gleg.net/
File Size:4284
Last Modified:Dec 6 06:50:34 2006
MD5 Checksum:ae96141504b7e9a401df8956712104e1

 ///  File Name: rateme-rfi.txt
Description:
All versions of RateMe suffer from a remote file inclusion vulnerability.
Author:Al7ejaz Hacker
File Size:4190
Last Modified:Dec 22 00:14:57 2006
MD5 Checksum:c9abc4ebacea73533118716b0fb91d77

 ///  File Name: XD100098.txt
Description:
Google's Orkut suffers a cross site scripting vulnerability in Friends.aspx.
Author:Rajesh Sethumadhavan
File Size:3824
Last Modified:Dec 11 17:41:15 2006
MD5 Checksum:500564613c5f12020ff40f7565f639b5

 ///  File Name: SEC-20061220-0.txt
Description:
SEC-CONSULT Security Advisory - Typo3 CMS versions 4.0.0 through 4.0.3 (along with other variants) suffer from a remote command execution flaw. Proof of concept included.
Author:D. Fabian, J. Greil
Homepage:http://www.sec-consult.com
File Size:3804
Last Modified:Dec 22 01:08:31 2006
MD5 Checksum:fbc0a250ce78efccab4739344f3e35ce

 ///  File Name: dc-arbitrary.txt
Description:
deV!L`z Clanportal version 1.3.6 allows arbitrary files to be uploaded and stored on the server's filesystem, which enables anyone, even without a user account, to upload PHP code and execute it, leading to arbitrary code execution.
Author:Tim Weber
File Size:3691
Last Modified:Dec 6 04:55:56 2006
MD5 Checksum:7bcadbd2176548538534f8ccfa098a29

 ///  File Name: osc303.txt
Description:
osCommerce version 3.0a3 is susceptible to classic directory traversal and cross site scripting attacks.
Author:lostmon
Homepage:http://lostmon.blogspot.com/
File Size:3354
Last Modified:Dec 7 10:53:44 2006
MD5 Checksum:d0ee74a9e590252d178c6e30c41b75cd

 ///  File Name: ibmwebsphere-bypass.txt
Description:
IBM WebSphere Host On-Demand (HOD) versions 6.0 through 9.0 suffer from a URL manipulation flaw that allows for administrative bypass. Version 10.0 may also be susceptible.
Author:Dave Ferguson
File Size:3336
Last Modified:Dec 12 16:32:03 2006
MD5 Checksum:8d1f77ce243e309da8c4cb17e3c8d82c

 ///  File Name: ISAA-2006-010.txt
Description:
ISMail version 2.0 is vulnerable to a cross site scripting attack.
Author:Vicente Aguilera Diaz
File Size:3334
Last Modified:Dec 6 06:10:29 2006
MD5 Checksum:2e7ceb53b334e4eea7a4ae911a0112e9

 ///  File Name: dc-sql.txt
Description:
deV!L`z Clanportal version 1.3.6 suffers from a remote SQL injection vulnerability.
Author:Tim Weber
File Size:3327
Last Modified:Dec 6 04:55:01 2006
MD5 Checksum:6e7e07915f98325ca784d98455dd8eab