Section: .. / 0910-exploits /

Page 1 of 9
<< 1 2 3 4 5 6 7 8 9 >> Files 1 - 25 of 210

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	0910-exploits.tgz
Description:	This archive contains all of the 209 exploits added to Packet Storm in October, 2009.
Homepage:	http://packetstormsecurity.org/
File Size:	459241
Last Modified:	Nov 2 23:04:25 2009
MD5 Checksum:	bb96040080cf3c39d940b28a2097613c

/// File Name:	2os.py.txt
Description:	Remote denial of service exploit for 2WIRE routers versions 5.29.52 and below.
Author:	hkm
Related File:	1-003.full.txt
File Size:	1230
Last Modified:	Oct 30 15:18:45 2009
MD5 Checksum:	57287b17aeed0178e00fddfe86c7f912

/// File Name:	3com-execdisclose.txt
Description:	3Com OfficeConnect routers appear to suffer from password disclosure and remote command execution vulnerabilities.
Author:	Andrea Fabrizi
Homepage:	http://www.andreafabrizi.it/
File Size:	1080
Last Modified:	Oct 19 18:59:54 2009
MD5 Checksum:	2f4913a4352e4667095dbb2ac7366d70

/// File Name:	9sg_aol_91_superbuddy.txt
Description:	AOL version 9.1 SuperBuddy Active-X control SetSuperBuddy() remote code execution exploit.
Author:	Nine:Situations:Group::Trotzkista
Homepage:	http://retrogod.altervista.org/
File Size:	3442
Last Modified:	Oct 1 21:51:33 2009
MD5 Checksum:	6e9cb2094de7d7469397004d046cb4e1

/// File Name:	9sg_emc_repli_crash.txt
Description:	EMC RepliStor Server (rep_serv.exe) version 6.3.1.3 remote denial of service proof of concept exploit.
Author:	Nine:Situations:Group::bellick
Homepage:	http://retrogod.altervista.org/
File Size:	594
Last Modified:	Oct 20 23:15:33 2009
MD5 Checksum:	c2cabd5f894b675d3629468152fb0d3e

/// File Name:	9sg_google_apps_uri.txt
Description:	Google Apps googleapps.url.mailto:// URI handler cross-browser remote command execution exploit.
Author:	Nine:Situations:Group::Pyrokinesis
Homepage:	http://retrogod.altervista.org/
File Size:	2117
Last Modified:	Oct 1 21:46:48 2009
MD5 Checksum:	2937f0d96f1e8eec83fa97995f55dc35

/// File Name:	9sg_ibm_setnet32.txt
Description:	IBM Informix Client SDK 3.0 SetNet32 File (.nfx) Hostsize integer overflow exploit with Windows adduser shellcode.
Author:	Nine:Situations:Group::Bruiser
Homepage:	http://retrogod.altervista.org/
File Size:	6368
Last Modified:	Oct 5 19:11:04 2009
MD5 Checksum:	38c82f93bb1b95e5e0790445b61e6047

/// File Name:	9sg_runcms_forum_sql.txt
Description:	RunCMS version 2M1 /modules/forum/post.php semi-blind remote SQL injection exploit.
Author:	Nine:Situations:Group::bookoo
Homepage:	http://retrogod.altervista.org/
File Size:	17051
Last Modified:	Oct 26 16:23:51 2009
MD5 Checksum:	9755d685724246ee4a10ee140b892754

/// File Name:	9sg_runcms_store_sql.txt
Description:	RunCMS version 2M1 store() remote SQL injection exploit.
Author:	Nine:Situations:Group::bookoo
Homepage:	http://retrogod.altervista.org/
File Size:	11960
Last Modified:	Oct 26 16:27:01 2009
MD5 Checksum:	406fdee87817625e5c47c1ab53e007cc

/// File Name:	9sg_south_river_priv.txt
Description:	South River Technologies WebDrive Service suffers from a local elevation of privileges vulnerability due to a bad security descriptor.
Author:	Nine:Situations:Group::bellick
Homepage:	http://retrogod.altervista.org/
File Size:	1359
Last Modified:	Oct 20 23:16:58 2009
MD5 Checksum:	3f8bfe2ea9cbed59ef5e66d42c0062b7

/// File Name:	adaptbb-xss.txt
Description:	AdaptBB version 1.0 suffers from a cross site scripting vulnerability.
Author:	drunken danish rednecks
File Size:	761
Last Modified:	Oct 14 19:20:55 2009
MD5 Checksum:	5f7ebafb381355ca2f9768110dbb454f

/// File Name:	aiocp14001-rfi.txt
Description:	Aiocp version 1.4.001 suffers from additional remote file inclusion vulnerabilities.
Author:	Hadi Kiamarsi
Related Exploit:	aiocp-rfi.txt
File Size:	629
Last Modified:	Oct 7 21:51:10 2009
MD5 Checksum:	ef3715111cd8aab8734d29552386674b

/// File Name:	alcatel_omnipcx_mastercgi_exec.rb.t..>
Description:	This Metasploit module abuses a metacharacter injection vulnerability in the HTTP management interface of the Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 and earlier. The Unified Maintenance Tool contains a 'masterCGI' binary which allows an unauthenticated attacker to execute arbitrary commands by specifying shell metacharacters as the 'user' within the 'ping' action to obtain 'httpd' user access. This module only supports command line payloads, as the httpd process kills the reverse/bind shell spawn after the HTTP 200 OK response.
Author:	patrick
File Size:	2386
Related OSVDB(s):	40521
Related CVE(s):	CVE-2007-3010
Last Modified:	Oct 27 13:25:59 2009
MD5 Checksum:	e35d8f41ae5ff6a9548b0feef3d49d72

/// File Name:	alleycode-overflow.txt
Description:	AlleyCode version 2.21 suffers from a buffer overflow vulnerability.
Author:	Rafael Sousa
File Size:	2485
Last Modified:	Oct 6 19:27:50 2009
MD5 Checksum:	e35383ed4fde059121853b9d2a6b3b51

/// File Name:	alleycodehe-overflow.txt
Description:	Alleycode HTML Editor version 2.2.1 local overflow exploit that creates a malicious .html file.
Author:	Dr_IDE
File Size:	2739
Last Modified:	Oct 21 12:30:42 2009
MD5 Checksum:	fc1ec70f858591e844054860facbaca4

/// File Name:	awstats_configdir_exec.rb.txt
Description:	This Metasploit module exploits an arbitrary command execution vulnerability in the AWStats CGI script. iDEFENSE has confirmed that AWStats versions 6.1 and 6.2 are vulnerable.
Author:	Matteo Cantoni
File Size:	2657
Related OSVDB(s):	13002
Related CVE(s):	CVE-2005-0116
Last Modified:	Oct 30 13:56:51 2009
MD5 Checksum:	02483e787ea513ae301a4e1cbd1ad9b4

/// File Name:	awstats_migrate_exec.rb.txt
Description:	This Metasploit module exploits an arbitrary command execution vulnerability in the AWStats CGI script. AWStats v6.4 and v6.5 are vulnerable. Perl based payloads are recommended with this module. The vulnerability is only present when AllowToUpdateStatsFromBrowser is enabled in the AWstats configuration file (non-default).
Author:	patrick
Homepage:	http://www.metasploit.com
File Size:	3020
Related OSVDB(s):	25284
Related CVE(s):	CVE-2006-2237
Last Modified:	Oct 30 13:58:36 2009
MD5 Checksum:	d879552f700a6ae226a70d8f51143a4a

/// File Name:	barcodegenerator-xss.txt
Description:	Barcode Generator 1D version 2.0.1 suffers from a cross site scripting vulnerability.
Author:	drunken danish rednecks
File Size:	792
Last Modified:	Oct 19 19:01:21 2009
MD5 Checksum:	40b27ef188b88adce930f40eb3d805f7

/// File Name:	barracuda_img_exec.rb.txt
Description:	This Metasploit module exploits an arbitrary command execution vulnerability in the Barracuda Spam Firewall appliance. Versions prior to 3.1.18 are vulnerable.
Author:	Nicolas Gregoire
File Size:	2507
Related OSVDB(s):	19279
Related CVE(s):	CVE-2005-2847
Last Modified:	Oct 30 14:00:12 2009
MD5 Checksum:	e19faa53d1b2d356c59201c2cddaf94a

/// File Name:	base_qry_common.rb.txt
Description:	This Metasploit module exploits a remote file inclusion vulnerability in the base_qry_common.php file in BASE 1.2.4 and earlier.
Author:	MC
File Size:	1902
Related CVE(s):	CVE-2006-2685
Last Modified:	Oct 30 14:02:08 2009
MD5 Checksum:	cf2955f5f983aae66fb35f221c6cff6c

/// File Name:	bloofoxcms-xss.txt
Description:	BlooFox CMS version 0.3.5 suffers from a cross site scripting vulnerability.
Author:	drunken danish rednecks
File Size:	777
Last Modified:	Oct 14 19:22:08 2009
MD5 Checksum:	c4165b500163a1a15af175ffe6bf5265

/// File Name:	bmw-sql.txt
Description:	The BMW inventory.php script suffers from a remote SQL injection vulnerability.
Author:	Dazz
File Size:	347
Last Modified:	Oct 8 14:10:20 2009
MD5 Checksum:	6dce0b9f0ffe7883eb93db330932f811

/// File Name:	boloto-dos.txt
Description:	Boloto Media Player version 1.0.0.9 local crash proof of concept exploit that creates a malicious .pls file.
Author:	Dr_IDE
File Size:	597
Last Modified:	Oct 27 17:35:24 2009
MD5 Checksum:	b36a4c84498c7da3d7bc23d3b60ad57d

/// File Name:	BONSAI-2009-0101.txt
Description:	Achievo versions 1.3.4 and below suffer from cross site scripting vulnerabilities.
Author:	Ryan Dewhurst
File Size:	4311
Related CVE(s):	CVE-2009-2733
Last Modified:	Oct 14 19:06:03 2009
MD5 Checksum:	8248e8043b6e33957c3e8178a4578e43

/// File Name:	BONSAI-2009-0102.txt
Description:	Achievo versions 1.3.4 and below suffer from a remote SQL injection vulnerability.
Author:	Ryan Dewhurst
File Size:	3472
Related CVE(s):	CVE-2009-2734
Last Modified:	Oct 14 19:07:54 2009
MD5 Checksum:	f5fad68d63f78e35cbbede890c9fff4b