Section: .. / 0701-exploits /

Page 1 of 8
<< 1 2 3 4 5 6 7 8 >> Files 1 - 25 of 195

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	0701-exploits.tgz
Description:	Packet Storm new exploits for January, 2007.
Homepage:	http://packetstormsecurity.org/
File Size:	2459388
Last Modified:	Feb 1 06:29:26 2007
MD5 Checksum:	95724f85c8e7c3ede5c7034235ed9230

/// File Name:	MOAB-10-01-2007.dmg.gz
Description:	Month of Apple Bugs - Exploit for the ffs_mountfs() function. The ffs_mountfs() function, part of the UFS filesystem handling code (shared between FreeBSD and Mac OS X XNU) is affected by an integer overflow vulnerability, leading to an exploitable denial of service condition and potential arbitrary code execution.
Homepage:	http://projects.info-pull.com/moab/index.html
File Size:	900437
Last Modified:	Jan 13 23:46:40 2007
MD5 Checksum:	9fded174a03c49567839f12fb507720d

/// File Name:	MOAB-11-01-2007.dmg.gz
Description:	Month of Apple Bugs - Exploit for the byte_swap_sbin() function. The byte_swap_sbin() function, one of the UFS byte swapping routines (this code is not present in FreeBSD and it's Mac OS X XNU-specific; used for compatibility of filesystem streams between little and big-endian systems) is affected by a integer overflow vulnerability, leading to an exploitable denial of service condition.
Homepage:	http://projects.info-pull.com/moab/index.html
File Size:	835070
Last Modified:	Jan 13 23:47:37 2007
MD5 Checksum:	fe61ab655bf2a2ba55995d71e5e89eaa

/// File Name:	MOAB-13-01-2007.dmg.gz
Description:	Month of Apple Bugs - This is a specially crafted HFS+ filesystem in a DMG image that can cause the do_hfs_truncate() function to panic the kernel (denial of service), when attempting to remove a file from the mounted filesystem. This issue can't lead to arbitrary code execution, although there's a significant risk of local HFS+ filesystems corruption.
Author:	LMH
Homepage:	http://projects.info-pull.com/moab/
File Size:	209464
Related CVE(s):	CVE-2006-5482
Last Modified:	Jan 20 04:07:28 2007
MD5 Checksum:	bfca8d4401098b7bcee7f1364f4cf014

/// File Name:	MOAB-09-01-2007.dmg
Description:	Month of Apple Bugs - Exploit for a vulnerability in Finder. Finder is affected by a memory corruption vulnerability, which leads to an exploitable denial of service condition and potential arbitrary code execution, that can be triggered by DMG images. One of two exploits.
Author:	LMH
Homepage:	http://projects.info-pull.com/moab/index.html
Related Exploit:	MOAB-09-01-2007.rb.txt
File Size:	204800
Last Modified:	Jan 13 23:45:39 2007
MD5 Checksum:	a6a5c160414d7278e288b1c921280d61

/// File Name:	MOAB-27-01-2007.tgz
Description:	Month of Apple Bugs - Flip4Mac fails to properly handle WMV files with a crafted ASF_File_Properties_Object size field, leading to an exploitable memory corruption condition, which can be abused remotely for arbitrary code execution. This tgz holds a malicious .wmv file that demonstrates this vulnerability.
Author:	LMH,Kevin Finisterre
Homepage:	http://projects.info-pull.com/moab/
File Size:	150157
Related CVE(s):	CVE-2007-0466
Last Modified:	Jan 29 17:57:21 2007
MD5 Checksum:	251f0955c2ec6f2f9ea3ea7160b05822

/// File Name:	BTP00003P004AO.zip
Description:	Demonstration exploit code for a self-protection bypass flaw that exists in OutPost Firewall PRO 4.0.
Homepage:	http://www.matousec.com/
Related File:	outpost40-vuln.txt
File Size:	93232
Last Modified:	Jan 16 04:23:12 2007
MD5 Checksum:	4f9e83781ca72e1686f4ece1f8681b6e

/// File Name:	JvmGifVulPoc.java.txt
Description:	Sun Microsystems Java GIF file parsing memory corruption vulnerability proof of concept exploit.
Author:	luoluo
File Size:	43107
Last Modified:	Jan 24 06:07:17 2007
MD5 Checksum:	412821d74eeff2204657e555982ab394

/// File Name:	Universal_printer_provider_exploit...>
Description:	Universal exploit for vulnerable EnumPrintersW() calls related to the spooler service. Allows code execution with SYSTEM privileges. Affected includes DiskAccess NFS Client (dapcnfsd.dll version 0.6.4.0), Citrix Metaframe - cpprov.dll, and Novell - nwspool.dll.
Author:	Andres Tarasco
Homepage:	http://www.514.es/
File Size:	17700
Related CVE(s):	CVE-2006-5854
Last Modified:	Jan 30 02:58:34 2007
MD5 Checksum:	7772176447738b443f1b8706a46460e0

/// File Name:	ms07-004.txt
Description:	MS07-004 VML integer overflow exploit.
Author:	lifeasageek
File Size:	10088
Last Modified:	Jan 20 01:29:02 2007
MD5 Checksum:	d186c842b30e3d7fe7b2b296537cc80f

/// File Name:	mssploit.txt
Description:	Microsoft Visual C++ 6.0 is prone to a stack based memory corruption vulnerability during the processing of .RC resource files. Exploit included.
Author:	porkythepig
File Size:	8997
Last Modified:	Jan 24 06:56:36 2007
MD5 Checksum:	9f277dc650b5010dbe226aa45d3de9cd

/// File Name:	MOAB-12-01-2007.dmg.gz
Description:	Month of Apple Bugs - Exploit that demonstrates a denial of service in the UFS filesystem. A specially crafted UFS filesystem in a DMG image can cause the ufs_lookup() function to call ufs_dirbad() when a corrupted directory entry is being read, leading to a kernel panic (denial of service). This issue cannot be abused for remote code execution.
Homepage:	http://projects.info-pull.com/moab/index.html
File Size:	8828
Last Modified:	Jan 13 23:48:50 2007
MD5 Checksum:	5e7418b5e7e4398e8fadcdaf873b1bcf

/// File Name:	LS-20061102.rar
Description:	LSsec has discovered a vulnerability in Business Objects Crystal Reports XI Professional, which could be exploited by an attacker in order to execute arbitrary code on an affected system. The .RPT files in this rar archive will exploit this flaw.
Homepage:	http://www.lssec.com/
Related File:	LS-20061102.pdf
File Size:	8758
Last Modified:	Jan 5 08:24:27 2007
MD5 Checksum:	6bfbecdd427ac17223e345a6dd4c1247

/// File Name:	aztek41-sploit.txt
Description:	Aztek Forum version 4.1 exploit that demonstrates multiple vulnerabilities including SQL injection and filter bypas flaws.
Author:	DarkFig
File Size:	8607
Last Modified:	Jan 27 04:29:21 2007
MD5 Checksum:	bd590478d05ad6c99ce470ad94c2ffb4

/// File Name:	raise.c
Description:	Microsoft Vista NTRaiseHardError privilege escalation exploit.
Author:	erasmus
File Size:	8030
Last Modified:	Jan 14 00:58:06 2007
MD5 Checksum:	a5f59c0f262a7ee799d17a6b320d81c0

/// File Name:	tk53-advisory-1.txt
Description:	CenterICQ contains support for LiveJournal (http://www.livejournal.com/), such as posting to your own blog, reading other blogs' RSS feeds, and other community-related functions, such as showing whether a user has added or removed your own users to/from the friend list, all via a unified HTTP interface provided by LiveJournal. The latter functionality is vulnerable to a buffer overflow and possible remote code execution. Affected versions range from 4.9.11 through 4.21.0. Proof of concept exploit included.
Author:	Lolek, Roflek
File Size:	7884
Last Modified:	Jan 13 22:39:18 2007
MD5 Checksum:	b01fc1a5c2ddaf95af63ac9ace7db750

/// File Name:	BTP00002P001SK.zip
Description:	Proof of concept exploit code for a flaw in the Sunbelt Kerio Personal Firewall versions 4.3.268 and below which suffer from a DLL injection vulnerability.
Homepage:	http://www.matousec.com/
Related File:	sunbelt.txt
File Size:	7566
Last Modified:	Jan 2 04:21:58 2007
MD5 Checksum:	2333a0a746cdce2f5076d0fc99dd6ead

/// File Name:	snews1530.txt
Description:	sNews versions 1.5.30 and below remote administrative password reset and code execution exploit.
Author:	rgod
Homepage:	http://retrogod.altervista.org/
File Size:	7276
Last Modified:	Jan 14 01:04:01 2007
MD5 Checksum:	10535134604269d44b7651ac784cfc44

/// File Name:	intel-dos.txt
Description:	The Intel wireless mini-pci driver provided with Intel 2200BG cards is vulnerable to a remote memory corruption flaw. Malformed disassociation packets can be used to corrupt internal kernel structures, causing a denial of service (BSOD). Proof of concept exploit included.
Author:	Breno Silva Pinto
File Size:	7187
Last Modified:	Jan 27 05:21:50 2007
MD5 Checksum:	3d71353fc88cf43b77b3b6cf44f6cb52

/// File Name:	kgb19-lfi.txt
Description:	KGB versions 1.9 and below local file inclusion exploit that makes use of sesskglogadmin.php.
Author:	Kacper
Homepage:	http://www.rahim.webd.pl/
File Size:	6740
Last Modified:	Jan 16 04:27:19 2007
MD5 Checksum:	bfc8877ef4fc13472db7d7f759dadd49

/// File Name:	cnt-exploit.txt
Description:	There is a stack based memory corruption flaw in Microsoft Help Workshop version 4.03.0002 while processing .CNT Help Contents files.
Author:	porkythepig
File Size:	6450
Last Modified:	Jan 20 02:42:50 2007
MD5 Checksum:	764820ba9625e1d14bd44980b62d86a6

/// File Name:	PR06-14.txt
Description:	IP Phones based on the Centrality Communications/Aredfox PA168 chipset suffer from a weak session management vulnerability. Exploit included.
Author:	Adrian Pastor
File Size:	5708
Last Modified:	Jan 27 02:59:10 2007
MD5 Checksum:	e8e6296bf1fa46c2daa609be5b7276e3

/// File Name:	da-adv-01202007.txt
Description:	Digital Armaments Advisory - A vulnerability exists in expand_stack() of the grsecurity patch. This vulnerability is only locally exploitable. Proof of concept exploitation code included.
Homepage:	http://www.digitalarmaments.com/
File Size:	5567
Last Modified:	Jan 24 04:57:26 2007
MD5 Checksum:	cd2196f40f3a5d1d05ba2441bac61e19

/// File Name:	coppermine-php.txt
Description:	Coppermine Photo Gallery versions 1.4.10 and below remote SQL injection exploit.
Author:	DarkFig
File Size:	5488
Last Modified:	Jan 7 01:31:19 2007
MD5 Checksum:	ea64282edbe571b82dfc58e8439e717b

/// File Name:	quicktime.py.txt
Description:	Apple Quicktime buffer overflow exploit for Windows 2000 that makes use of the rtsp URL Handler vulnerability. The qtl file created binds a shell to port 4444.
Author:	Winny Thomas
File Size:	5441
Last Modified:	Jan 14 00:50:57 2007
MD5 Checksum:	51d995851bd0dc9a0de491a88ff8fe21