Section:  .. / 0809-exploits  /

Page 1 of 15
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 >> Files 1 - 25 of 370
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: 0809-exploits.tgz
Description:
Packet Storm new exploits for September, 2008.
Homepage:http://packetstormsecurity.org/
File Size:494449
Last Modified:Oct 1 17:10:53 2008
MD5 Checksum:54bac55ec40e8fd5a7879702bc5be31b

 ///  File Name: mswingdi-dos.txt
Description:
Microsoft Windows GDI+ remote division by zero exploit that leverages .ico file extensions.
Author:laurent gaffi
File Size:126856
Last Modified:Sep 26 18:08:29 2008
MD5 Checksum:f8d545d2910204b3823ad2fe4030c225

 ///  File Name: chilkat-exec.txt
Description:
Chilkat XML Active-X remote arbitrary file creation / execution exploit that affects ChilkatUtil.dll versions 3.0.3.0 and below.
Author:shinnai
Homepage:http://shinnai.altervista.org/
File Size:82824
Last Modified:Sep 23 14:25:19 2008
MD5 Checksum:186680f4581590bf8d2e988c83b0e915

 ///  File Name: unrealfp.zip
Description:
Server shutdown exploit for Unreal Engine which suffers from a failed assertion vulnerability.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
Related File:unrealfp.txt
File Size:25181
Last Modified:Sep 16 18:03:20 2008
MD5 Checksum:a4765d152d1fbc578a2f05704063a425

 ///  File Name: google-chrome-dos4.txt
Description:
Google Chrome Browser version 0.2.149.27 Inspect Element denial of service exploit.
Author:Metacortex
Homepage:http://metacortexsecurity.com/
File Size:20325
Last Modified:Sep 6 15:14:41 2008
MD5 Checksum:55a6d94d2bcd8b640aa9d6f735c2e829

 ///  File Name: mswritesmb-dos.txt
Description:
Microsoft Windows is prone to a kernel-related denial of service condition due to the way srv.sys handles malformed WRITE_ANDX SMB packets. Metasploit exploit code included.
Author:Javier Vicente Vallejo
Homepage:http://www.vallejo.cc/
File Size:17508
Last Modified:Sep 15 17:08:58 2008
MD5 Checksum:25af0dea610017b0a37c7579326b9e5f

 ///  File Name: unrealclient.tgz
Description:
The Unreal engine is affected by some format string vulnerabilities which can be exploited by a malicious server when the victim client connects to it. The main format string can be exploited through a malformed CLASS parameter of the DLMGR command but another one seems to be exploitable through the forcing of the download of a malformed package (PKG). Some older games instead can be exploited through a malformed LEVEL parameter of the WELCOME command. The bug is caused by the calling of _vsnwprintf_s or _vsnwprintf for building an error message to visualize to the user (for example for a missing class) using a max size of 4 kilobytes and, naturally, without passing the needed format argument. All related exploit code is included in this tarball.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
File Size:15491
Last Modified:Sep 11 19:39:09 2008
MD5 Checksum:1a35fc9bde26ced2c7290a08d0e85a7d

 ///  File Name: ut3sticle.zip
Description:
Unreal engine 3 remote denial of service exploit that leverages a failed memory allocation vulnerability.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
Related File:ut3sticle.txt
File Size:14224
Last Modified:Sep 11 19:36:57 2008
MD5 Checksum:fd70cb504803f93b8541d7f472ab6239

 ///  File Name: ipb235-sql.txt
Description:
Invision Power Board versions 2.3.5 and below remote SQL injection exploit.
Author:Janek Vind aka waraxe
Homepage:http://www.waraxe.us/
File Size:9526
Last Modified:Sep 22 16:43:03 2008
MD5 Checksum:eb491d2edcfe96243db8ece718852b01

 ///  File Name: microworld-password.txt
Description:
Microworld Mailscan version 5.6a password revealing exploit.
Author:SlaYeR
Homepage:http://www.securitydevelopment.net/
File Size:9467
Last Modified:Sep 9 17:29:48 2008
MD5 Checksum:1c39e77188da2acddd89362754a6fef8

 ///  File Name: deslockvldptokn-dos.txt
Description:
DESlock+ versions 3.2.7 and below local denial of service exploit that makes use of vdlptokn.sys.
Author:Alex from NT Internals
Homepage:http://www.ntinternals.org/
File Size:8610
Last Modified:Sep 22 16:45:59 2008
MD5 Checksum:066cb115b63c70649b34ab735ff9b588

 ///  File Name: citect_scada_odbc.rb.txt
Description:
This Metasploit module exploits a stack overflow in CitectSCADA's ODBC daemon. This has only been tested against Citect versions 5, 6, and 7.
Author:Kevin Finisterre
Homepage:http://www.digitalmunition.com/
Related File:citectodbc-fivews.txt
File Size:8439
Related CVE(s):CVE-2008-2639
Last Modified:Sep 6 15:28:19 2008
MD5 Checksum:ac7981fd900ae85180ef9a569f644f3b

 ///  File Name: xoops-exec.txt
Description:
XOOPS version 1.3.10 suffers from a remote shell command execution vulnerability.
Author:geinblues
File Size:8001
Last Modified:Sep 8 10:39:53 2008
MD5 Checksum:8c9a967df15770b77227e5753779c616

 ///  File Name: fermitter-dos.txt
Description:
Fermitter FTP server version 1.03 remote denial of service proof of concept exploit.
Author:LiquidWorm
Homepage:http://www.zeroscience.org/
File Size:7863
Last Modified:Sep 17 21:58:47 2008
MD5 Checksum:b2a59c936be5e12adbe66eb6cc0f16ab

 ///  File Name: memht-shell.txt
Description:
MemHT Portal versions 3.9.0 and below perl exploit that creates a shell.
Author:Ams
File Size:7600
Last Modified:Sep 8 11:08:38 2008
MD5 Checksum:758427740978234759d28dd4c01cff10

 ///  File Name: sagem-xsrf.txt
Description:
Sagem Routers F@ST remote cross site request forgery exploit that uses a DHCP hostname attack.
Author:Rafael Dominguez Vega
File Size:7063
Last Modified:Sep 22 19:15:14 2008
MD5 Checksum:169fb833de4d25c39b02be31f2f695c9

 ///  File Name: aspwebalbum-sqlxssupload.txt
Description:
aspWebAlbum version 3.2 suffers from cross site scripting, SQL injection, and upload vulnerabilities.
Author:Alemin Krali
Homepage:http://al3m.blogspot.com/
File Size:6869
Last Modified:Sep 3 16:54:26 2008
MD5 Checksum:783696c8eddcb252ce39137aeb79df35

 ///  File Name: microtik-poc.txt
Description:
MicroTik RouterOS versions 3.13 and below SNMP write proof of concept exploit.
Author:ShadOS
Homepage:http://hellknights.void.ru/
File Size:6792
Last Modified:Sep 5 11:49:08 2008
MD5 Checksum:3b065276af46ff576d9a6373c1d277f2

 ///  File Name: pluck-corruption.txt
Description:
Pluck version 4.5.3 remote file corruption exploit that makes use of update.php.
Author:Nine:Situations:Group
Homepage:http://retrogod.altervista.org/
File Size:6685
Last Modified:Sep 19 02:33:15 2008
MD5 Checksum:a3fb7797bc98b3ca729f01b792ba25eb

 ///  File Name: pro2col-xss.txt
Description:
Pro2col StingRay FTS suffers from a cross site scripting vulnerability via the login username functionality.
Author:Marc Ruef
Homepage:http://www.scip.ch/
File Size:6510
Last Modified:Sep 12 16:43:18 2008
MD5 Checksum:08c034f681ddb155997ab310477742e8

 ///  File Name: omnicom-traverse.txt
Description:
The Omnicom Content Platform version 2.0 suffers from a remote directory traversal vulnerability.
Author:AlbaniaN-[H]
Homepage:http://www.khg-crew.ws/
File Size:6314
Last Modified:Sep 22 17:02:58 2008
MD5 Checksum:70026ca646f433186216045201e9c270

 ///  File Name: exploit_realwin.c
Description:
DATAC RealWin versions 2.0 SCADA Software remote pre-auth exploit.
Author:Ruben Santamarta
Homepage:http://www.reversemode.com/
File Size:6311
Last Modified:Sep 26 18:03:54 2008
MD5 Checksum:b85b2faab758d113e2afdcd634316164

 ///  File Name: ezphotogallery21-sqlxssbypass.txt
Description:
Ezphotogallery version 2.1 suffers from cross site scripting, login bypass, SQL injection, and file disclosure vulnerabilities.
Author:IRCRASH
Homepage:http://ircrash.com/
File Size:5487
Last Modified:Sep 11 18:25:58 2008
MD5 Checksum:17e1e7f895ee1287bb356ae10242adb7

 ///  File Name: wordpress261-admin.txt
Description:
Wordpress version 2.6.1 SQL column truncation admin account takeover exploit.
Author:iso^kpsbr
File Size:5250
Last Modified:Sep 10 12:33:44 2008
MD5 Checksum:747cd989210b7227db943246b485f33c

 ///  File Name: webcmsportal-blindsql.txt
Description:
webCMS Portal Edition blind SQL injection exploit that leverages index.php.
Author:JosS
Homepage:http://www.spanish-hackers.com/
File Size:5227
Last Modified:Sep 5 17:08:54 2008
MD5 Checksum:3e62f2de829c0bf1b68c94d17c98648c