Section: .. / 0401-exploits /

Page 2 of 3
<< 1 2 3 >> Files 25 - 50 of 67

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	lftp.c
Description:	Remote exploit that makes use of the try_netscape_proxy() overflow in versions 2.3 to 2.6.9 of lftp.
Author:	Li0n7
Related File:	lftpadv.tgz
File Size:	11177
Last Modified:	Jan 30 12:01:00 2004
MD5 Checksum:	aa27e2f0a9caa7e80db62d9cd472b247

/// File Name:	malwareSpoof.txt
Description:	Trivial way to do file spoofing in Internet Explorer versions 6.0.2800.1106 and below.
Author:	http-equiv@excite.com
Homepage:	http://www.malware.com/gooroo.html
File Size:	640
Last Modified:	Jan 27 13:09:00 2004
MD5 Checksum:	494805d0fdbf547e8ba0186e823e4ff2

/// File Name:	manpage.txt
Description:	The PHP class _Manpage Lookup_ is vulnerable to a directory traversal bug due to a lack of input validation.
Author:	Cabezon Aur�lien
Homepage:	http://www.isecurelabs.com
File Size:	872
Last Modified:	Jan 11 02:59:00 2004
MD5 Checksum:	42e4d0d2126ae43e4ac39da5acad7b6e

/// File Name:	mremap_bug.c
Description:	Modified version of the Christophe Devine exploit that tests whether or not a Linux system is vulnerable to the do_mremap() vulnerability discussed here. This version does not corrupt any kernel data.
Author:	Angelo Dell'Aera
Homepage:	http://buffer.antifork.org
File Size:	4689
Last Modified:	Jan 7 23:07:51 2004
MD5 Checksum:	85646ea024f2d27587622b0f85db23a7

/// File Name:	mremap_poc.c
Description:	Program written to test whether or not an x86 Linux system is vulnerable to the do_mremap() vulnerability discussed here.
Author:	Christophe Devine
Homepage:	http://www.cr0.net:8040/about/
File Size:	1501
Last Modified:	Jan 7 23:05:00 2004
MD5 Checksum:	1eef899df50e9e1030e810304922d639

/// File Name:	netbusWeb.txt
Description:	The NetBus web server that comes as part of the trojan is susceptible to a directory listing and remote file upload vulnerability when a trailing / or ./ is appended to the URL.
Author:	Rafel Ivgi aka The-Insider
Homepage:	http://theinsider.deep-ice.com
File Size:	1789
Last Modified:	Jan 23 02:50:00 2004
MD5 Checksum:	2624c5acf74b527be57358fb2e4904c5

/// File Name:	NETCam.txt
Description:	NETCam webserver running NETCam Viewers 1.0.0.28 and below have a directory traversal bug that allows remote attackers to gain access to files outside of the webroot.
Author:	Rafel Ivgi aka The-Insider
Homepage:	http://theinsider.deep-ice.com
File Size:	1883
Last Modified:	Jan 21 02:41:00 2004
MD5 Checksum:	fff83e96c2919cf0e08bcd43ccb2b6bc

/// File Name:	nextplace.txt
Description:	NextPlace.com E-Commerce ASP engine is susceptible to a cross site scripting vulnerability.
Author:	Rafel Ivgi aka The-Insider
Homepage:	http://theinsider.deep-ice.com
File Size:	3611
Last Modified:	Jan 26 14:52:00 2004
MD5 Checksum:	7537a2a81e8d2aeca8c75ab5ce02048d

/// File Name:	nfshp2cbof.zip
Description:	Need for Speed Hot Pursuit 2 remote exploit that makes use of a vulnerable client that is susceptible to a buffer overflow attack by a hostile server.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	nfshp2cbof-adv.txt
File Size:	6179
Last Modified:	Jan 23 01:46:00 2004
MD5 Checksum:	a2533e96a41fae2797422a54576747d5

/// File Name:	novellNetware.txt
Description:	Novell Netware Enterprise web server versions 5.1 and 6.0 are vulnerable to various cross site scripting, path dislosure, and directory listing attacks.
Author:	Rafel Ivgi aka The-Insider
Homepage:	http://theinsider.deep-ice.com
File Size:	4912
Last Modified:	Jan 23 11:35:00 2004
MD5 Checksum:	d40561da198da58da8e3bcd2c83aa6a5

/// File Name:	open3sIDSonedcu.txt
Description:	A local vulnerability exists in the IBM Informix IDSv9.40 onedcu binary that allows local users to overwrite any root owned file.
Author:	Juan Manuel Pascual Escriba
Homepage:	http://www.open3s.com
File Size:	2513
Last Modified:	Jan 29 19:12:00 2004
MD5 Checksum:	12bb227bc4ae476a696d8ce008eb5441

/// File Name:	open3sIDSonshowaudit.txt
Description:	Any user with AAO privileges over the onshowaudit binary in IBM's Informix IDSv9.40 can read any system file.
Author:	Juan Manuel Pascual Escriba
Homepage:	http://www.open3s.com
File Size:	2739
Last Modified:	Jan 29 19:40:00 2004
MD5 Checksum:	7b448d8860aaafd3ade38a2b65910bbb

/// File Name:	oracleXSS.txt
Description:	Oracle HTTP Server powered by Apache is susceptible to a cross site scripting attack in its isqlplus script.
Author:	Rafel Ivgi aka The-Insider
Homepage:	http://theinsider.deep-ice.com
File Size:	2829
Last Modified:	Jan 26 21:31:00 2004
MD5 Checksum:	908544f617dbc1828099f53c7133c330

/// File Name:	OwnServer10.txt
Description:	OwnServer, a web server used for watching security cameras remotely, is susceptible to a directory traversal bug that allows a remote attacker to gain access to files outside of the webroot.
Author:	Rafel Ivgi aka The-Insider
Homepage:	http://theinsider.deep-ice.com
File Size:	2183
Last Modified:	Jan 21 08:09:00 2004
MD5 Checksum:	ba80aac48a068d49bc557d404dabc091

/// File Name:	phototool.txt
Description:	thePHOTOtool is susceptible to SQL injection attacks.
Author:	KingSerb
File Size:	1806
Last Modified:	Jan 31 21:33:00 2004
MD5 Checksum:	6e55a492fd6335dab5c9c314475707ec

/// File Name:	phpgedview.txt
Description:	PHPGEDVIEW version 2.61 has flaws in multiple files where input variables are not sanitized allowing a remote attacker to execute code from a remote site on the server.
Author:	Vietnamese Security Group
Homepage:	http://www.security.com.vn
File Size:	3380
Last Modified:	Jan 8 01:49:39 2004
MD5 Checksum:	621a4e4a25a23d2001b21725cc57156f

/// File Name:	phpGedView.txt
Description:	phpGedView version 2.65 beta 5 is susceptible to SQL injection attacks, path disclosure issues, cross site scripting, and denial of service attacks.
Homepage:	http://www.gulftech.org
File Size:	5224
Last Modified:	Jan 13 07:55:00 2004
MD5 Checksum:	95a022a564bc919b1d05e11aff9c4f20

/// File Name:	phpGedView_v2.txt
Description:	phpGedView versions 2.65.1 and below suffer from multiple PHP Code Injection vulnerabilities that enable a malicious user to access arbitrary files or execute commands on the server.
Author:	Cedric Cochin
File Size:	3409
Last Modified:	Jan 30 09:27:00 2004
MD5 Checksum:	e9584f2836462dad732d60e5cccaec8d

/// File Name:	PHPportal.txt
Description:	PHP Portal is vulnerable to a directory traversal attack.
Author:	Zero X
Homepage:	http://www.lobnan.de
File Size:	231
Last Modified:	Jan 31 21:55:00 2004
MD5 Checksum:	3f26598e6b2051b1aea5bf2fc745b574

/// File Name:	phpshopProject.txt
Description:	phpShop Project versions 0.6.1-b and earlier are prone to SQL injection attacks, script injection, cross site scripting, and user information disclosure vulnerabilities.
Author:	JeiAr
Homepage:	http://www.gulftech.org
File Size:	5779
Last Modified:	Jan 16 10:15:00 2004
MD5 Checksum:	076eaaa70fe151462a72ab91f8f525d4

/// File Name:	proxyNow2x.txt
Description:	ProxyNow! versions 2.75 and below are susceptible to both heap memory corruption and stack-based buffer overflows. Exploitation of these vulnerabilities can lead to a denial of service and/or code execution with SYSTEM privileges. Detailed analysis and exploit included.
Author:	Peter Winter-Smith
Homepage:	http://www.elitehaven.net/proxynow.txt
File Size:	11440
Last Modified:	Jan 27 01:44:00 2004
MD5 Checksum:	56a50454322d1252538d57d7ca7db26e

/// File Name:	rapidcache.txt
Description:	RapidCache versions 2.2.6 and below suffer from denial of service and directory traversal bugs.
Author:	Peter Winter-Smith
Homepage:	http://www.elitehaven.net/rapidcache.txt
File Size:	5286
Last Modified:	Jan 15 23:17:00 2004
MD5 Checksum:	9ec67f2bde13bce339f49f1bd384b38f

/// File Name:	SCSA026.txt
Description:	Security Corporation Security Advisory [SCSA-026]: A vulnerability has been discovered in DUWARE Products, which allows malicious users to become administrators. It affects approximately 15 different products in all.
Author:	frog-man
Homepage:	http://www.Security-Corp.com
File Size:	18506
Last Modified:	Jan 21 08:40:00 2004
MD5 Checksum:	e0f69730ba6f5ceede94ff8f24ddb128

/// File Name:	serv-ME.c
Description:	Remote exploit that makes use of a buffer overrun in the Serv-U FTP server versions 4.2 and below that binds a shell to port 28876.
Author:	SkyLined
Related File:	servu.txt
File Size:	5670
Last Modified:	Jan 31 22:43:00 2004
MD5 Checksum:	df97fa08733ac9a559651c1560ae605b

/// File Name:	servu.c
Description:	Remote exploit that makes use of a buffer overrun in the Serv-U FTP server versions 4.2 and below.
Author:	kkqq, mslug
Related File:	servu.txt
File Size:	5730
Last Modified:	Jan 26 15:00:00 2004
MD5 Checksum:	480b668830de70170b51ba045aa17e00