Section: .. / 0809-exploits /

Page 1 of 15
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 >> Files 1 - 25 of 370

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	0809-exploits.tgz
Description:	Packet Storm new exploits for September, 2008.
Homepage:	http://packetstormsecurity.org/
File Size:	494449
Last Modified:	Oct 1 17:10:53 2008
MD5 Checksum:	54bac55ec40e8fd5a7879702bc5be31b

/// File Name:	mswingdi-dos.txt
Description:	Microsoft Windows GDI+ remote division by zero exploit that leverages .ico file extensions.
Author:	laurent gaffi
File Size:	126856
Last Modified:	Sep 26 18:08:29 2008
MD5 Checksum:	f8d545d2910204b3823ad2fe4030c225

/// File Name:	chilkat-exec.txt
Description:	Chilkat XML Active-X remote arbitrary file creation / execution exploit that affects ChilkatUtil.dll versions 3.0.3.0 and below.
Author:	shinnai
Homepage:	http://shinnai.altervista.org/
File Size:	82824
Last Modified:	Sep 23 14:25:19 2008
MD5 Checksum:	186680f4581590bf8d2e988c83b0e915

/// File Name:	unrealfp.zip
Description:	Server shutdown exploit for Unreal Engine which suffers from a failed assertion vulnerability.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	unrealfp.txt
File Size:	25181
Last Modified:	Sep 16 18:03:20 2008
MD5 Checksum:	a4765d152d1fbc578a2f05704063a425

/// File Name:	google-chrome-dos4.txt
Description:	Google Chrome Browser version 0.2.149.27 Inspect Element denial of service exploit.
Author:	Metacortex
Homepage:	http://metacortexsecurity.com/
File Size:	20325
Last Modified:	Sep 6 15:14:41 2008
MD5 Checksum:	55a6d94d2bcd8b640aa9d6f735c2e829

/// File Name:	mswritesmb-dos.txt
Description:	Microsoft Windows is prone to a kernel-related denial of service condition due to the way srv.sys handles malformed WRITE_ANDX SMB packets. Metasploit exploit code included.
Author:	Javier Vicente Vallejo
Homepage:	http://www.vallejo.cc/
File Size:	17508
Last Modified:	Sep 15 17:08:58 2008
MD5 Checksum:	25af0dea610017b0a37c7579326b9e5f

/// File Name:	unrealclient.tgz
Description:	The Unreal engine is affected by some format string vulnerabilities which can be exploited by a malicious server when the victim client connects to it. The main format string can be exploited through a malformed CLASS parameter of the DLMGR command but another one seems to be exploitable through the forcing of the download of a malformed package (PKG). Some older games instead can be exploited through a malformed LEVEL parameter of the WELCOME command. The bug is caused by the calling of _vsnwprintf_s or _vsnwprintf for building an error message to visualize to the user (for example for a missing class) using a max size of 4 kilobytes and, naturally, without passing the needed format argument. All related exploit code is included in this tarball.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
File Size:	15491
Last Modified:	Sep 11 19:39:09 2008
MD5 Checksum:	1a35fc9bde26ced2c7290a08d0e85a7d

/// File Name:	ut3sticle.zip
Description:	Unreal engine 3 remote denial of service exploit that leverages a failed memory allocation vulnerability.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	ut3sticle.txt
File Size:	14224
Last Modified:	Sep 11 19:36:57 2008
MD5 Checksum:	fd70cb504803f93b8541d7f472ab6239

/// File Name:	ipb235-sql.txt
Description:	Invision Power Board versions 2.3.5 and below remote SQL injection exploit.
Author:	Janek Vind aka waraxe
Homepage:	http://www.waraxe.us/
File Size:	9526
Last Modified:	Sep 22 16:43:03 2008
MD5 Checksum:	eb491d2edcfe96243db8ece718852b01

/// File Name:	microworld-password.txt
Description:	Microworld Mailscan version 5.6a password revealing exploit.
Author:	SlaYeR
Homepage:	http://www.securitydevelopment.net/
File Size:	9467
Last Modified:	Sep 9 17:29:48 2008
MD5 Checksum:	1c39e77188da2acddd89362754a6fef8

/// File Name:	deslockvldptokn-dos.txt
Description:	DESlock+ versions 3.2.7 and below local denial of service exploit that makes use of vdlptokn.sys.
Author:	Alex from NT Internals
Homepage:	http://www.ntinternals.org/
File Size:	8610
Last Modified:	Sep 22 16:45:59 2008
MD5 Checksum:	066cb115b63c70649b34ab735ff9b588

/// File Name:	citect_scada_odbc.rb.txt
Description:	This Metasploit module exploits a stack overflow in CitectSCADA's ODBC daemon. This has only been tested against Citect versions 5, 6, and 7.
Author:	Kevin Finisterre
Homepage:	http://www.digitalmunition.com/
Related File:	citectodbc-fivews.txt
File Size:	8439
Related CVE(s):	CVE-2008-2639
Last Modified:	Sep 6 15:28:19 2008
MD5 Checksum:	ac7981fd900ae85180ef9a569f644f3b

/// File Name:	xoops-exec.txt
Description:	XOOPS version 1.3.10 suffers from a remote shell command execution vulnerability.
Author:	geinblues
File Size:	8001
Last Modified:	Sep 8 10:39:53 2008
MD5 Checksum:	8c9a967df15770b77227e5753779c616

/// File Name:	fermitter-dos.txt
Description:	Fermitter FTP server version 1.03 remote denial of service proof of concept exploit.
Author:	LiquidWorm
Homepage:	http://www.zeroscience.org/
File Size:	7863
Last Modified:	Sep 17 21:58:47 2008
MD5 Checksum:	b2a59c936be5e12adbe66eb6cc0f16ab

/// File Name:	memht-shell.txt
Description:	MemHT Portal versions 3.9.0 and below perl exploit that creates a shell.
Author:	Ams
File Size:	7600
Last Modified:	Sep 8 11:08:38 2008
MD5 Checksum:	758427740978234759d28dd4c01cff10

/// File Name:	sagem-xsrf.txt
Description:	Sagem Routers F@ST remote cross site request forgery exploit that uses a DHCP hostname attack.
Author:	Rafael Dominguez Vega
File Size:	7063
Last Modified:	Sep 22 19:15:14 2008
MD5 Checksum:	169fb833de4d25c39b02be31f2f695c9

/// File Name:	aspwebalbum-sqlxssupload.txt
Description:	aspWebAlbum version 3.2 suffers from cross site scripting, SQL injection, and upload vulnerabilities.
Author:	Alemin Krali
Homepage:	http://al3m.blogspot.com/
File Size:	6869
Last Modified:	Sep 3 16:54:26 2008
MD5 Checksum:	783696c8eddcb252ce39137aeb79df35

/// File Name:	microtik-poc.txt
Description:	MicroTik RouterOS versions 3.13 and below SNMP write proof of concept exploit.
Author:	ShadOS
Homepage:	http://hellknights.void.ru/
File Size:	6792
Last Modified:	Sep 5 11:49:08 2008
MD5 Checksum:	3b065276af46ff576d9a6373c1d277f2

/// File Name:	pluck-corruption.txt
Description:	Pluck version 4.5.3 remote file corruption exploit that makes use of update.php.
Author:	Nine:Situations:Group
Homepage:	http://retrogod.altervista.org/
File Size:	6685
Last Modified:	Sep 19 02:33:15 2008
MD5 Checksum:	a3fb7797bc98b3ca729f01b792ba25eb

/// File Name:	pro2col-xss.txt
Description:	Pro2col StingRay FTS suffers from a cross site scripting vulnerability via the login username functionality.
Author:	Marc Ruef
Homepage:	http://www.scip.ch/
File Size:	6510
Last Modified:	Sep 12 16:43:18 2008
MD5 Checksum:	08c034f681ddb155997ab310477742e8

/// File Name:	omnicom-traverse.txt
Description:	The Omnicom Content Platform version 2.0 suffers from a remote directory traversal vulnerability.
Author:	AlbaniaN-[H]
Homepage:	http://www.khg-crew.ws/
File Size:	6314
Last Modified:	Sep 22 17:02:58 2008
MD5 Checksum:	70026ca646f433186216045201e9c270

/// File Name:	exploit_realwin.c
Description:	DATAC RealWin versions 2.0 SCADA Software remote pre-auth exploit.
Author:	Ruben Santamarta
Homepage:	http://www.reversemode.com/
File Size:	6311
Last Modified:	Sep 26 18:03:54 2008
MD5 Checksum:	b85b2faab758d113e2afdcd634316164

/// File Name:	ezphotogallery21-sqlxssbypass.txt
Description:	Ezphotogallery version 2.1 suffers from cross site scripting, login bypass, SQL injection, and file disclosure vulnerabilities.
Author:	IRCRASH
Homepage:	http://ircrash.com/
File Size:	5487
Last Modified:	Sep 11 18:25:58 2008
MD5 Checksum:	17e1e7f895ee1287bb356ae10242adb7

/// File Name:	wordpress261-admin.txt
Description:	Wordpress version 2.6.1 SQL column truncation admin account takeover exploit.
Author:	iso^kpsbr
File Size:	5250
Last Modified:	Sep 10 12:33:44 2008
MD5 Checksum:	747cd989210b7227db943246b485f33c

/// File Name:	webcmsportal-blindsql.txt
Description:	webCMS Portal Edition blind SQL injection exploit that leverages index.php.
Author:	JosS
Homepage:	http://www.spanish-hackers.com/
File Size:	5227
Last Modified:	Sep 5 17:08:54 2008
MD5 Checksum:	3e62f2de829c0bf1b68c94d17c98648c