Section: .. / 0806-exploits /

Page 1 of 14
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 >> Files 1 - 25 of 326

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	0806-exploits.tgz
Description:	Packet Storm new exploits for June, 2008.
Homepage:	http://packetstormsecurity.org/
File Size:	679458
Last Modified:	Jul 1 11:40:13 2008
MD5 Checksum:	b8541128010b04328070aff54cf865f4

/// File Name:	CSIS-RI-0003.pdf
Description:	The HP Online Support Service ActiveX control, also known as HPISDataManager.dll, suffers from eight vulnerabilities. Five of them allow for arbitrary code execution. Proof of concept code included. It only took Hewlett Packard 207 days to fix this!
Author:	Dennis Rand
Homepage:	http://www.csis.dk/
File Size:	144576
Related CVE(s):	CVE-2008-0952, CVE-2007-5604, CVE-2007-5605, CVE-2007-5606, CVE-2007-5607, CVE-2007-5608, CVE-2008-0953, CVE-2007-5610
Last Modified:	Jun 4 14:46:22 2008
MD5 Checksum:	2c497d8ccd78eea87783b2ca6601ff3f

/// File Name:	stalker39x.zip
Description:	Proof of concept exploit for S.T.A.L.K.E.R.: Shadow of Chernobyl versions 1.0006 and below which suffer from multiple buffer overflow vulnerabilities.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	stalker39x.txt
File Size:	88170
Last Modified:	Jun 29 16:38:35 2008
MD5 Checksum:	aa19aaaee16e78fe36cffc1da46c2748

/// File Name:	vim-exec.txt
Description:	Vim (Vi IMproved) versions 7.1.314 and 6.4 suffer from various code execution vulnerabilities.
Author:	Jan Minar
File Size:	25564
Last Modified:	Jun 16 19:09:39 2008
MD5 Checksum:	3b81c7d93e637c9a25e736386f3b97a6

/// File Name:	linksys54g-bypass.txt
Description:	The Linksys WRT54G (firmware 1.00.9) suffers from multiple security bypass vulnerabilities.
Author:	meathive
Homepage:	http://kingpinz.info/
Related Exploit:	linksys-bypass.txt
File Size:	19983
Related CVE(s):	CVE-2008-1247
Last Modified:	Jun 24 15:34:03 2008
MD5 Checksum:	7d022f4661718d0100a39f7882a5e1c2

/// File Name:	haloloop2.zip
Description:	Proof of concept exploit for Halo: Combat Evolved versions 1.07 and below which suffer from an endless loop vulnerability.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	haloloop2.txt
File Size:	18958
Last Modified:	Jun 29 16:41:57 2008
MD5 Checksum:	fadea90eced43aed0c6e0f6a481c9d5a

/// File Name:	altnsecgw-overflow.txt
Description:	Alt-N SecurityGateway versions 1.00 and 1.01 remote overflow exploit. Binds a shell to port 9998. Vulnerability is fixed in version 1.02.
Author:	Heretic2
File Size:	17816
Last Modified:	Jun 16 19:06:54 2008
MD5 Checksum:	edfc955a7745eab6ac7e8fb227f608bb

/// File Name:	skulltagloop.zip
Description:	Proof of concept denial of service exploit for Skulltag versions 0.97d2-RC2 and below which suffer from a looping vulnerability.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	skulltagloop.txt
File Size:	12867
Last Modified:	Jun 16 20:20:21 2008
MD5 Checksum:	6c599d1d7fb08d9ced5a07d91650933c

/// File Name:	gllcts2-sql.txt
Description:	GLLCTS2 versions 4.2.4 and below SQL injection exploit that leverages login.php.
Author:	TheDefaced
Homepage:	http://TheDefaced.org/
File Size:	11373
Last Modified:	Jun 13 12:27:11 2008
MD5 Checksum:	10a1773a60b525b58ef9071d6dbcda95

/// File Name:	crysislog.zip
Description:	Proof of concept exploit for Crysis versions 1.21 and below which suffer from an information disclosure vulnerability.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	crysislog.txt
File Size:	11300
Last Modified:	Jun 16 19:47:52 2008
MD5 Checksum:	73feffeaa2989eb0234bbeb127f931ef

/// File Name:	smf114-sql.txt
Description:	Simple Machines Forum versions 1.1.4 and below remote SQL injection exploit.
Author:	The:Paradox
Homepage:	http://www.inj3ct-it.org/
File Size:	10437
Last Modified:	Jun 16 19:58:40 2008
MD5 Checksum:	cac5b41d962610887063c05f4545c5d8

/// File Name:	quicksite-multi.txt
Description:	QuickerSite version 1.8.5 suffers from various site manipulation flaws as well as cross site scripting and SQL injection vulnerabilities. This thing is riddled with holes.
Author:	AmnPardaz Security Research Team
Homepage:	http://www.bugreport.ir/
File Size:	10316
Last Modified:	Jun 4 14:38:49 2008
MD5 Checksum:	a0a3354c0711d0774dae91bfde4f578d

/// File Name:	CORE-2008-0425.txt
Description:	Core Security Technologies Advisory - The NASA BigView package suffers from a stack buffer overflow when parsing specially crafted (invalid) PNM input files. If successful, a malicious third party could trigger execution of arbitrary code within the context of the application, or otherwise crash the whole application.
Author:	Alfredo Ortega
Homepage:	http://www.coresecurity.com/corelabs/
File Size:	9216
Related CVE(s):	CVE-2008-2542
Last Modified:	Jun 4 22:13:22 2008
MD5 Checksum:	f3bb46112a00e3dca32ab1e3bf3cc30c

/// File Name:	stalkerboom.zip
Description:	Proof of concept denial of service exploit for S.T.A.L.K.E.R.: Shadow of Chernobyl versions 1.0006 and below.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	stalkerboom.txt
File Size:	8533
Last Modified:	Jun 16 19:50:15 2008
MD5 Checksum:	de0099dbcd2ab60f5a14c6b0ed3d6880

/// File Name:	msword-crash.tgz
Description:	A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise the system. The vulnerability is caused due to an unspecified error when parsing malformed functions. This can be exploited to corrupt memory via a specially crafted function in a Word document. Successful exploitation allows execution of arbitrary code. Demonstration .DOC files included.
Author:	Ivan Sanchez
Homepage:	http://www.nullcode.com.ar/
File Size:	8489
Last Modified:	Jun 18 17:23:51 2008
MD5 Checksum:	26f745900a11281b808b2b886adb77bc

/// File Name:	phpmotion-upload.txt
Description:	PHPmotion versions 2.0 and below remote shell upload exploit that makes use of update_profile.php.
Author:	EgiX
File Size:	7936
Last Modified:	Jun 26 15:10:26 2008
MD5 Checksum:	ba3966b0a3c0f852dd34a1f47c658557

/// File Name:	freesshd-sehoverflow.txt
Description:	FreeSSHD version 1.2.1 post authentication remote SEH overflow exploit that spawns a shell on port 4444.
Author:	Matteo Memelli
Homepage:	http://be4mind.com/
File Size:	7519
Last Modified:	Jun 6 18:41:50 2008
MD5 Checksum:	cc5d3e5aeddb24be40550a1ab91a6ec7

/// File Name:	wordpad-crash.tgz
Description:	A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise the system. The vulnerability is caused due to an unspecified error when opening and parsing the document. This can be exploited to corrupt memory via a specially crafted function in a Word document. Successful exploitation allows execution of arbitrary code. Demonstration .DOC file included.
Author:	Ivan Sanchez
Homepage:	http://www.nullcode.com.ar/
File Size:	6754
Last Modified:	Jun 20 15:36:43 2008
MD5 Checksum:	1bcc6097a1574a2b2094a864cbbc296e

/// File Name:	fluxcms-overwrite.txt
Description:	Flux CMS versions 1.5.0 and below remote arbitrary file overwrite exploit that leverages loadsave.php.
Author:	EgiX
File Size:	6561
Last Modified:	Jun 9 17:40:07 2008
MD5 Checksum:	99a63c5f1623a118aa28be63cf7a5981

/// File Name:	gtalk-inject.txt
Description:	It appears that Gtalk version 1.0.0.105 suffers from cross site scripting vulnerabilities.
Author:	Lostmon
Homepage:	http://lostmon.blogspot.com/
File Size:	6422
Last Modified:	Jun 25 19:47:29 2008
MD5 Checksum:	9a3e1e91d5e935ab4996f7b5baa2bce2

/// File Name:	wicboom.zip
Description:	Proof of concept exploit for World in Conflict versions 1.008 and below which suffer from a NULL pointer vulnerability.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	wicboom.txt
File Size:	6339
Last Modified:	Jun 23 18:34:57 2008
MD5 Checksum:	00c2c161d9e10ecf793ba966d65e1367

/// File Name:	dontcrysis-adv.txt
Description:	Crysis versions 1.21 and below suffer from a NULL pointer vulnerability in the HTTP/XML-RPC service.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
File Size:	6148
Last Modified:	Jun 16 20:17:51 2008
MD5 Checksum:	d03677b77dbed4d5da27061d4fcd5809

/// File Name:	dne2000-call.c
Description:	Deterministic Network Enhancer local kernel ring0 SYSTEM exploit that makes use of dne2000.sys.
Author:	mu-b
Homepage:	http://www.digit-labs.org/
File Size:	6098
Last Modified:	Jun 17 14:04:32 2008
MD5 Checksum:	d52639d7e094868d55ea53558dc96229

/// File Name:	virtualsupport-multi.txt
Description:	Virtual Support Office-XP versions 3.0.29 and below suffer from session management, SQL injection, cross site scripting, and authentication vulnerabilities.
Author:	AmnPardaz Security Research Team
Homepage:	http://www.bugreport.ir/
File Size:	5984
Last Modified:	Jun 20 15:04:02 2008
MD5 Checksum:	515bc29367e2a2b9e70c3761fa076d2f

/// File Name:	homeph-rfilfi.txt
Description:	HomePH Design version 2.10 RC2 suffers from local file inclusion and remote file inclusion vulnerabilities.
Author:	CraCkEr
File Size:	5486
Last Modified:	Jun 23 04:00:44 2008
MD5 Checksum:	a76bdc5a7ed54cfa1d6dd0dc40420ae2