Section:  .. / 0807-exploits  /

Page 1 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 1 - 25 of 268
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: 0807-exploits.tgz
Description:
Packet Storm new exploits for July, 2008.
Homepage:http://packetstormsecurity.org/
File Size:1327709
Last Modified:Aug 1 15:55:45 2008
MD5 Checksum:88d7fb354b82c39ac5382a30173f22d5

 ///  File Name: zdaemonull.zip
Description:
ZDaemon version 1.08.07 denial of service exploit that makes use of a NULL pointer vulnerability.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
Related File:zdaemonull.txt
File Size:489489
Last Modified:Jul 21 18:18:59 2008
MD5 Checksum:5f9b6541fd39cf4504ce5850fe7e2902

 ///  File Name: noisebridge.tgz
Description:
Malicious SVG file denial of service proof of concept exploit that affects multiple vendors.
Author:Kristian Hermansen
File Size:333694
Last Modified:Jul 10 03:02:53 2008
MD5 Checksum:995ad2efe771a048d7ece9bb3ebfc486

 ///  File Name: isr-evilgrade-1.0.0.tar.gz
Description:
ISR-evilgrade is a module framework that allows you to take advantage of poor upgrade implementations by injecting fake updates. This tool is especially useful for DNS cache poisoning attacks.
Author:Francisco Amato
Homepage:http://www.infobyte.com.ar/
File Size:78309
Related CVE(s):CVE-2008-1447
Last Modified:Jul 28 11:51:37 2008
MD5 Checksum:36fc948a89b03821cc8ed32fd9e4e59a

 ///  File Name: phpnukeplatinum-exec.txt
Description:
PHP-Nuke Platinum versions 7.6.b.5 and below remote code execution exploit.
Author:real
File Size:33154
Last Modified:Jul 9 21:17:04 2008
MD5 Checksum:8326de98b66cf3ca056d596687521105

 ///  File Name: poppler-poc.txt
Description:
The libpoppler pdf rendering library can free uninitialized pointers leading to arbitrary code execution. This vulnerability results from memory management bugs in the Page class constructor/destructor. Proof of concept code included.
Author:Felipe Andres Manzano
Homepage:http://felipe.andres.manzano.googlepages.com/home
File Size:22492
Last Modified:Jul 10 04:04:27 2008
MD5 Checksum:df9979c20af553c93c78b4a8d6ed39bc

 ///  File Name: fprot-dos.tgz
Description:
F-PROT Antivirus version 6.2.1.4252 suffers from an infinite loop denial of service vulnerability when handling a malformed archive. Such an archive is included.
Author:Knud Erik Hojgaard
File Size:21050
Last Modified:Jul 31 11:25:30 2008
MD5 Checksum:ccf02c136598d7886c30a98078a7ba43

 ///  File Name: thelia-multi.txt
Description:
Thelia version 1.3.5 remote code execution, remote file upload, and validation vulnerabilities exploit.
Author:Black_H
Homepage:http://blackh.free.fr/
File Size:20107
Last Modified:Jul 10 00:14:20 2008
MD5 Checksum:0f089ad3b7971fad6db06bdb128b9254

 ///  File Name: openbsdanim-local.txt
Description:
Local root animated,.. yes animated, exploit for OpenBSD 4.0 that takes advantage of an old vga vulnerability.
Homepage:http://lul-disclosure.net/
File Size:16114
Last Modified:Jul 1 11:08:07 2008
MD5 Checksum:0aaa57871ef67c2fdf9114a9133eb7c6

 ///  File Name: bailiwicked_host.rb.txt
Description:
This exploit targets a fairly ubiquitous flaw in DNS implementations which allow the insertion of malicious DNS records into the cache of the target nameserver. This exploit caches a single malicious host entry into the target nameserver. By causing the target nameserver to query for random hostnames at the target domain, the attacker can spoof a response to the target server including an answer for the query, an authority server record, and an additional record for that server, causing target nameserver to insert the additional record into the cache.
Author:I)ruid,H D Moore
Homepage:http://www.caughq.org/
File Size:16025
Related CVE(s):CVE-2008-1447
Last Modified:Jul 23 20:05:48 2008
MD5 Checksum:4def3738d35dc00d760fa023d0106a29

 ///  File Name: bailiwicked_domain.rb.txt
Description:
This exploit targets a fairly ubiquitous flaw in DNS implementations which allow the insertion of malicious DNS records into the cache of the target nameserver. This exploit caches a single malicious nameserver entry into the target nameserver which replaces the legitimate nameservers for the target domain. By causing the target nameserver to query for random hostnames at the target domain, the attacker can spoof a response to the target server including an answer for the query, an authority server record, and an additional record for that server, causing target nameserver to insert the additional record into the cache. This insertion completely replaces the original nameserver records for the target domain.
Author:I)ruid,H D Moore
Homepage:http://www.caughq.org/
File Size:15954
Related CVE(s):CVE-2008-1447
Last Modified:Jul 24 12:14:00 2008
MD5 Checksum:5882e859718d26d63b3bc1167eacb0fd

 ///  File Name: bind9x-poison.txt
Description:
BIND 9.x remote DNS cache poisoning flaw exploit using the vulnerability discovered by Dan Kaminsky.
Author:Marc Bevand
File Size:11891
Related CVE(s):CVE-2008-1447
Last Modified:Jul 25 14:13:41 2008
MD5 Checksum:738b0078ac8624dd2e7118cdec35a81b

 ///  File Name: fuzzylime301-execphpcomm.txt
Description:
Fuzzylime CMS version 3.01 remote code execution exploit that leverages commrss.php. Written in PHP.
Author:real
File Size:11331
Last Modified:Jul 14 22:44:02 2008
MD5 Checksum:f6d13732d552a22cc272860854928531

 ///  File Name: ut3mendo.zip
Description:
Denial of service exploit for Unreal Tournament III versions 1.2 and below and 1.3beta4 which suffer from NULL pointer and memory corruption vulnerabilities.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
Related File:ut3mendo.txt
File Size:10927
Last Modified:Jul 29 22:26:52 2008
MD5 Checksum:10d662457b534d0d58b0bf64ca73c851

 ///  File Name: DSECRG-08-027.txt
Description:
1024 CMS versions 1.4.3 and 1.4.4 RFC suffer from multiple local and remote file inclusion vulnerabilities.
Author:Digital Security Research Group
Homepage:http://www.dsec.ru/
File Size:10053
Last Modified:Jul 10 01:45:37 2008
MD5 Checksum:4d1ece41b4403e1852ca4d26260e09fc

 ///  File Name: phpizabi-exec.txt
Description:
PHPizabi version 0.858b C1 HFP1 remote code execution exploit.
Author:Inphex
File Size:9906
Last Modified:Jul 16 15:36:49 2008
MD5 Checksum:01286ddae876c582059a67aaf053a04c

 ///  File Name: ut2004null.zip
Description:
Unreal Tournament 2004 versions 3369 and below NULL pointer denial of service exploit.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
Related File:ut2004null.txt
File Size:9879
Last Modified:Jul 29 22:23:22 2008
MD5 Checksum:4a776373714b6b59f33e7f57a6b8f2c4

 ///  File Name: fuzzylime301-execperl.txt
Description:
Fuzzylime CMS version 3.01 remote code execution exploit that leverages polladd.php. Written in Perl.
Author:Inphex,real
File Size:9068
Last Modified:Jul 14 22:41:05 2008
MD5 Checksum:9281b4ba2097210d37a8b1b3206d6699

 ///  File Name: cpg-lfiexec.txt
Description:
Coppermine Photo Gallery versions 1.4.18 and below local file inclusion and remote code execution exploit.
Author:EgiX
File Size:7844
Last Modified:Jul 31 18:33:13 2008
MD5 Checksum:bbdf830ba1ed2c11699b73d0c8cb3121

 ///  File Name: dap8x-overflow.txt
Description:
Download Accelerator Plus (DAP) version 8.x local buffer overflow exploit that creates a malicious .m3u file. Binds a shell to port 1337.
Author:Shinnok
Related Exploit:dap-overflow.txt
File Size:7728
Last Modified:Jul 11 17:14:58 2008
MD5 Checksum:0f0251e90f1fee446e809fcf8bc823c3

 ///  File Name: icebb10-sql.txt
Description:
IceBB versions 1.0-RC9.2 and below blind SQL injection and session hijacking exploit.
Author:__GiReX__
Homepage:http://girex.altervista.org/
File Size:7721
Last Modified:Jul 28 11:05:33 2008
MD5 Checksum:8761e48a1ead3cb6aad8b7cc2040791e

 ///  File Name: bilboblog-multi.txt
Description:
Bilboblog version 2.1 suffers from SQL injection, cross site scripting, and login bypass vulnerabilities.
Author:Black_H
Homepage:http://blackh.free.fr/
File Size:7437
Last Modified:Jul 14 22:56:59 2008
MD5 Checksum:d7be264d6ab646eb28d0b8f7dc00a95a

 ///  File Name: pligg99-sqlxss.txt
Description:
Pligg versions 9.9 and below suffer from cross site scripting, arbitrary file access, and SQL injection vulnerabilities.
Author:James Bercegay
Homepage:http://www.gulftech.org
File Size:7397
Last Modified:Jul 30 23:55:33 2008
MD5 Checksum:32bbd3741f287522ca607c70fb37baee

 ///  File Name: atmail-disclose.txt
Description:
AtMail leaves world readable files available post install, allowing for the htpasswd file and more to be extracted.
Author:injusticeinamerica
File Size:7262
Last Modified:Jul 30 22:46:59 2008
MD5 Checksum:4fdfda34b46c5b29ffe67fcb8aa22e22

 ///  File Name: fuzzylime301-execphp.txt
Description:
Fuzzylime CMS version 3.01 remote code execution exploit that leverages polladd.php. Written in PHP.
Author:Inphex,real
File Size:7182
Last Modified:Jul 14 22:40:16 2008
MD5 Checksum:f85ac4bc37b2a2ef09b1b6c9f64e48db