Section: .. / 0701-exploits /

Page 1 of 8
<< 1 2 3 4 5 6 7 8 >> Files 1 - 25 of 195

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	0701-exploits.tgz
Description:	Packet Storm new exploits for January, 2007.
Homepage:	http://packetstormsecurity.org/
File Size:	2459388
Last Modified:	Feb 1 06:29:26 2007
MD5 Checksum:	95724f85c8e7c3ede5c7034235ed9230

/// File Name:	galeria-lfi.txt
Description:	Local file inclusion exploit for zd_numer.php in Galeria Zdjec versions 3.0 and below.
Author:	ajann
File Size:	3259
Last Modified:	Jan 31 05:16:04 2007
MD5 Checksum:	ed0e666593ebe110ce6d291e86dd7173

/// File Name:	phpfootball16-disclose.txt
Description:	PHPFootball version 1.6 suffers from a remote database disclosure flaw in show.php.
Author:	ajann
File Size:	733
Last Modified:	Jan 31 05:14:30 2007
MD5 Checksum:	96487c2eea99217b0f2ffc08d5e59b1f

/// File Name:	cascadianfaq-sql.txt
Description:	CascadianFAQ versions 4.1 and below suffer from a remote SQL injection vulnerability in index.php.
Author:	ajann
File Size:	1040
Last Modified:	Jan 31 05:13:15 2007
MD5 Checksum:	b1e7140613128993a9d09d391615c462

/// File Name:	mynews-rfi.txt
Description:	MyNews versions 4.2.2 and below suffer from a remote file inclusion vulnerability.
Author:	GolD_M
File Size:	1163
Last Modified:	Jan 31 05:12:09 2007
MD5 Checksum:	46cde9b29df8c857c2a41d7ae5ae08e6

/// File Name:	phpbb2-rfi.txt
Description:	phpBB2 MODificat versions 0.2.0 and below suffer from a remote file inclusion vulnerability.
Author:	XORON
File Size:	865
Last Modified:	Jan 31 05:10:47 2007
MD5 Checksum:	20df6be9bc350ee80a75ca9bee5b1aa6

/// File Name:	devc4992.py.txt
Description:	Dev-C++ version 4.9.9.2 CPP file parsing local stack overflow proof of concept exploit.
Author:	shinnai
Homepage:	http://shinnai.altervista.org/
File Size:	1983
Last Modified:	Jan 31 05:09:05 2007
MD5 Checksum:	3b200e9a5cfbe00a7c1ee6305f3aab23

/// File Name:	MOAB-29-01-2007.rb.txt
Description:	Month of Apple Bugs - Apple iChat Bonjour functionality is affected by several remotely exploitable denial of service flaws which can be triggered via advertising presence services over multicast DNS. This is the denial of service proof of concept exploit.
Author:	LMH
Homepage:	http://projects.info-pull.com/moab/
File Size:	3488
Last Modified:	Jan 31 05:07:42 2007
MD5 Checksum:	3c46cb42934dba072146951e4a6e1324

/// File Name:	phpgenlib-rfi.txt
Description:	Generic PHP remote file inclusion exploit framework.
Author:	X-Turk
File Size:	2945
Last Modified:	Jan 31 04:54:18 2007
MD5 Checksum:	ba3e49e8bcc3b517ab2b46f3ec2a4cb1

/// File Name:	rblasp-sql.txt
Description:	RBL ASP suffers from a SQL injection vulnerability in its login/password fields.
Author:	sn0oPy
File Size:	371
Last Modified:	Jan 31 04:50:56 2007
MD5 Checksum:	9b073e4919e53d41e8b63eca597b6f77

/// File Name:	Universal_printer_provider_exploit...>
Description:	Universal exploit for vulnerable EnumPrintersW() calls related to the spooler service. Allows code execution with SYSTEM privileges. Affected includes DiskAccess NFS Client (dapcnfsd.dll version 0.6.4.0), Citrix Metaframe - cpprov.dll, and Novell - nwspool.dll.
Author:	Andres Tarasco
Homepage:	http://www.514.es/
File Size:	17700
Related CVE(s):	CVE-2006-5854
Last Modified:	Jan 30 02:58:34 2007
MD5 Checksum:	7772176447738b443f1b8706a46460e0

/// File Name:	mdpro-sql.txt
Description:	MDPro version 1.0.76 suffers from multiple SQL injection vulnerabilities.
Author:	adexior
File Size:	239
Last Modified:	Jan 30 02:40:10 2007
MD5 Checksum:	e894e03ee3be6b21b1b86f63a4c38d29

/// File Name:	MOAB-28-01-2007.rb.txt
Description:	Month of Apple Bugs - crashdump follows symlinks within the /Library/Logs/CrashReporter/ directory, allowing admin-group users to execute arbitrary code and overwrite files with elevated privileges. In couple with a specially crafted Mach-O binary, this can be used to write a malicious crontab entry, which will run with root privileges. This ruby code demonstrates this vulnerability.
Author:	LMH,Kevin Finisterre
Homepage:	http://projects.info-pull.com/moab/
File Size:	1848
Related CVE(s):	CVE-2007-0467
Last Modified:	Jan 29 17:59:01 2007
MD5 Checksum:	d2a1cdd08b0f39cc9d815a3572650b30

/// File Name:	MOAB-27-01-2007.tgz
Description:	Month of Apple Bugs - Flip4Mac fails to properly handle WMV files with a crafted ASF_File_Properties_Object size field, leading to an exploitable memory corruption condition, which can be abused remotely for arbitrary code execution. This tgz holds a malicious .wmv file that demonstrates this vulnerability.
Author:	LMH,Kevin Finisterre
Homepage:	http://projects.info-pull.com/moab/
File Size:	150157
Related CVE(s):	CVE-2007-0466
Last Modified:	Jan 29 17:57:21 2007
MD5 Checksum:	251f0955c2ec6f2f9ea3ea7160b05822

/// File Name:	MsgEng.py.txt
Description:	Heap overflow exploit for msgeng.exe in Computer Associates BrightStor ARCserve Backup.
Author:	Winny Thomas
Related File:	LS-20060313.pdf
File Size:	3279
Last Modified:	Jan 29 17:35:08 2007
MD5 Checksum:	007fb8db9780785af6cfbae92d4c03d4

/// File Name:	lcs11-rfi.txt
Description:	Local Calendar System version 1.1 suffers from a remote file inclusion flaw.
Author:	Tr_ZiNDaN
File Size:	1796
Last Modified:	Jan 29 17:29:32 2007
MD5 Checksum:	c1397db7851ddeaef4bb0baff9e654ad

/// File Name:	admentor-sql.txt
Description:	AdMentor suffers from a SQL injection vulnerability that allows for login bypass.
Author:	sn0oPy
File Size:	436
Last Modified:	Jan 29 17:27:52 2007
MD5 Checksum:	255ca22fc52604dc52d49c8054b99032

/// File Name:	MOAB-25-01-2007.rb.txt
Description:	Month of Apple Bugs - Ruby exploit that demonstrates how CFNetwork fails to handle certain HTTP responses properly, causing the _CFNetConnectionWillEnqueueRequests() function to dereference a NULL pointer, leading to a denial of service condition.
Author:	LMH
Homepage:	http://projects.info-pull.com/moab/
File Size:	690
Related CVE(s):	CVE-2007-0464
Last Modified:	Jan 27 05:28:46 2007
MD5 Checksum:	d7a1cfb7ab5a8a173db599dc81d957de

/// File Name:	MOAB-25-01-2007.c
Description:	Month of Apple Bugs - C exploit that demonstrates how CFNetwork fails to handle certain HTTP responses properly, causing the _CFNetConnectionWillEnqueueRequests() function to dereference a NULL pointer, leading to a denial of service condition.
Author:	LMH
Homepage:	http://projects.info-pull.com/moab/
File Size:	618
Related CVE(s):	CVE-2007-0464
Last Modified:	Jan 27 05:28:11 2007
MD5 Checksum:	ac9a8250d37eaab982f149693cdcbca0

/// File Name:	intel-dos.txt
Description:	The Intel wireless mini-pci driver provided with Intel 2200BG cards is vulnerable to a remote memory corruption flaw. Malformed disassociation packets can be used to corrupt internal kernel structures, causing a denial of service (BSOD). Proof of concept exploit included.
Author:	Breno Silva Pinto
File Size:	7187
Last Modified:	Jan 27 05:21:50 2007
MD5 Checksum:	3d71353fc88cf43b77b3b6cf44f6cb52

/// File Name:	tmvwall381v3_exp.c
Description:	Local root exploit for vscan/VSAPI in Trend Micro VirusWall version 3.81 on Linux.
Author:	Sebastian Wolfgarten
Related File:	tmvwall381v3_adv.txt
File Size:	4860
Last Modified:	Jan 27 05:08:56 2007
MD5 Checksum:	0ab083587b33449c1ee9e02dbb117db5

/// File Name:	siteman1111-disclose.txt
Description:	Siteman version 1.1.11 suffers from a remote password disclosure flaw.
Author:	CorryL
Homepage:	http://www.x0n3-h4ck.org
File Size:	1139
Last Modified:	Jan 27 04:33:54 2007
MD5 Checksum:	9b044235264b8a4eb132fc8a7df84185

/// File Name:	aztek41-sploit.txt
Description:	Aztek Forum version 4.1 exploit that demonstrates multiple vulnerabilities including SQL injection and filter bypas flaws.
Author:	DarkFig
File Size:	8607
Last Modified:	Jan 27 04:29:21 2007
MD5 Checksum:	bd590478d05ad6c99ce470ad94c2ffb4

/// File Name:	siteman-pass.txt
Description:	Siteman version 2.0.x2 suffers from a remote password disclosure flaw.
Author:	CorryL
Homepage:	http://www.x0n3-h4ck.org
File Size:	1150
Last Modified:	Jan 27 04:27:10 2007
MD5 Checksum:	5a31a127acf8c785249d78f747c33195

/// File Name:	uniforum4-sql.txt
Description:	uniForum versions 4 and below suffer from a remote SQL injection vulnerability in wbsearch.aspx.
Author:	ajann
File Size:	743
Last Modified:	Jan 27 04:26:09 2007
MD5 Checksum:	1dcdf1f915724c9910e127ed1693b232