Section:  .. / 0402-exploits  /

Page 2 of 3
<< 1 2 3 >> Files 25 - 50 of 54
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: PalmOShttpd.txt
Description:
A bug exists in the PalmOS httpd that causes a crash with a "Fatal Error". Full exploit included.
Author:Shaun Colley
File Size:5395
Last Modified:Feb 9 01:45:00 2004
MD5 Checksum:d4107b9c6ccb49a41047c8f89123d551

 ///  File Name: phpMyAdmin255pl1.txt
Description:
phpMyAdmin versions 2.5.5-pl1 and below do not properly sanitize variables resulting in them being susceptible to a directory traversal attack.
Author:Cedric Cochin
Homepage:http://www.netvigilance.com
File Size:2272
Last Modified:Feb 3 20:29:00 2004
MD5 Checksum:af953ad97ace8eb48e2efad2179553f6

 ///  File Name: phpscripts.txt
Description:
PHPscripts suffer from a file include vulnerability.
Homepage:http://www.security-challenge.com
File Size:1057
Last Modified:Feb 3 21:03:00 2004
MD5 Checksum:34beafa7048ce446de18ca81905b3be0

 ///  File Name: PSOProxy-exp.c
Description:
Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91.
Author:Li0n7
Related File:PSOProxy091.txt
File Size:9393
Last Modified:Feb 21 22:28:00 2004
MD5 Checksum:e53c88be294dc587edb95c99e12d1794

 ///  File Name: psoproxy-exploit.c
Description:
Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91. This version support the following operating systems: Windows XP Home Edtion SP1, Windows XP Pro Edtion SP1, Win2k Pro Edtion.
Author:rave
Homepage:http://www.rosiello.org/
Related File:PSOProxy091.txt
File Size:7462
Last Modified:Feb 25 19:34:00 2004
MD5 Checksum:4320054933d5ea571c771b6234c91d9f

 ///  File Name: PSOProxy.c
Description:
Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91.
Author:kralor
Homepage:http://www.coromputer.net
Related File:PSOProxy091.txt
File Size:5172
Last Modified:Feb 20 20:03:00 2004
MD5 Checksum:c85dc711e0b38c316b08320377cb861d

 ///  File Name: robotFTP.txt
Description:
Robot FTP server versions 1.0 and 2.0 beta 1 have a buffer overflow vulnerability when taking in a username.
Author:gsicht
File Size:3030
Last Modified:Feb 16 15:02:00 2004
MD5 Checksum:8d64a89b5d2e27186f5df05a895fa79a

 ///  File Name: rsync_local.c
Description:
Local exploit for rsync 2.5.7 and below. Note: This exploit only escalates privileges if rsync is setuid, which it is not by default.
Author:abhisek
File Size:4732
Last Modified:Feb 17 12:12:00 2004
MD5 Checksum:2ca496c30d884f9a8056a7c610d79704

 ///  File Name: SCSA027.txt
Description:
Security Corporation Security Advisory [SCSA-027]: PHP-Nuke versions 6.9 and below are vulnerable to multiple SQL injection attacks.
Author:Germain Randaxhe aka frog-man
Homepage:http://www.phpsecure.info
File Size:23461
Last Modified:Feb 1 20:18:00 2004
MD5 Checksum:9ff89c232b48b567a2f69407dca3fe86

 ///  File Name: serv-u-mdtm-expl.c
Description:
Remote denial of service exploit that makes use of a command buffer overrun in Serv-U MDTM versions 5.0.0.4 and below.
Author:shaun2k2
Related File:servU.MDTM.txt
File Size:4075
Last Modified:Feb 26 21:01:00 2004
MD5 Checksum:0c41ebf259b8390d059a70d948948051

 ///  File Name: Servu2.c
Description:
Serv-U FTPD 2.x/3.x/4.x/5.x MDTM remote command buffer overflow exploit. Tested against Windows 2000 and XP en/cn.
Author:lion
Homepage:http://www.cnhonker.com
File Size:21756
Last Modified:Mar 5 00:01:29 2004
MD5 Checksum:165ec4a880bb84cadb7b7e5c666a355e

 ///  File Name: smbmountDoS.txt
Description:
smbmount can cause a denial of service attack on Microsoft Windows. The attack induces a memory shortage on the Windows system by creating directories in a special way.
Author:Steve Ladjabi, Daniel Kabs
File Size:3611
Last Modified:Feb 3 06:34:00 2004
MD5 Checksum:9c5738f91362668cea9815d47dcdc194

 ///  File Name: sp-advisory-x10.txt
Description:
A specifically crafted HTTP GET request which contains over 4096 bytes of data will cause the KarjaSoft Sami HTTP server to crash. Versions affected: 1.0.4, possibly earlier versions as well.
Author:badpack3t
Homepage:http://www.security-protocols.com/
File Size:7104
Last Modified:Feb 17 10:41:00 2004
MD5 Checksum:24ad3e59488c6e1c7b36852ccc7160d5

 ///  File Name: The_First_Cut_Is_The_Deepest.txt
Description:
PHPNuke versions 6.x and greater remote php-based exploit that extracts the administrator hash using a SQL injection attack.
Author:pokleyzz
File Size:3326
Last Modified:Feb 10 18:44:00 2004
MD5 Checksum:d62a34fdab965abc3bc27b9267c19f23

 ///  File Name: trackmania.c
Description:
The TrackMania game server that listens on TCP port 2350 can be crashed when garbage data is sent resulting in a denial of service.
Author:Scrap
Homepage:http://www.securiteinfo.com/attaques/hacking/trackmaniados.shtml
File Size:1931
Last Modified:Feb 9 20:50:00 2004
MD5 Checksum:32e8ae18945f7de6328e2ed67e2921d6

 ///  File Name: vserver_chroot.txt
Description:
Local exploit that breaks out of a vserver, even if it is secured with chmod 000 /vservers. Modified version of the chroot-again exploit. Tested with linux 2.4.24 and vserver 1.24. Fixed in release 1.25.
Author:Markus M�ller
File Size:1248
Last Modified:Feb 6 01:12:00 2004
MD5 Checksum:3530f2c36b671a09984f6ce206a590aa

 ///  File Name: waraxe-2004-SA004.txt
Description:
Extreme Messageboard aka XMB version 1.8 Partagium Final SP2 is vulnerable to multiple SQL injection and cross site scripting attacks.
Author:Janek Vind aka waraxe
File Size:5807
Last Modified:Feb 24 03:04:00 2004
MD5 Checksum:5381c5e782a35b2bee530ecab38cd3d0

 ///  File Name: webxdos.txt
Description:
Web Crossing versions 4.x and 5.x have a denial of service vulnerability. When an HTTP POST request is made to the built-in server, if the 'Content-Length' header supplied with the request is an extremely large or negative number, the server will encounter a set of instructions which lead to an integer-divide-by-zero problem, immediately crashing the server and denying any further service.
Author:Peter Winter-Smith
Homepage:http://www.elitehaven.net/webxdos.txt
File Size:3787
Last Modified:Feb 4 00:35:00 2004
MD5 Checksum:3a89a2b8bd018e1a6cac5560739325b1

 ///  File Name: X11.fontalias.c
Description:
Local root exploit for the XFree86 font.alias vulnerability discussed in the advisory here. Tested on various versions of RedHat Linux.
Author:Bender
File Size:2607
Last Modified:Feb 11 20:09:00 2004
MD5 Checksum:1297f29ea0b01d3d2104738c5cd0af7b

 ///  File Name: xcart343.txt
Description:
X-Cart version 3.4.3 fails to sanitize various input variables leaving itself open to directory traversal and remote command execution attacks.
Author:Philip
File Size:1069
Last Modified:Feb 3 18:19:00 2004
MD5 Checksum:ba33c6d401a269fae6cfa6d329bb1726

 ///  File Name: xp_wftpd.zip
Description:
Exploit for WFTPD server versions 3.1 through 3.21 and Pro server versions 3.2x that makes use of a stack based buffer overflow.
Author:axl
Related File:wftpdBO.txt
File Size:4659
Last Modified:Feb 29 03:27:00 2004
MD5 Checksum:bc94e7e71e7b442584f9675f5e32d3db

 ///  File Name: xploit_dbg.cpp.txt
Description:
Exploit that tests for several vulnerabilities in one of Windows XP kernel's native API functions.
Author:randnut
Related File:XPkern.txt
File Size:21345
Last Modified:Feb 19 05:53:00 2004
MD5 Checksum:079419668499d82b300edc4f4676390a

 ///  File Name: ZH2004-03SA.txt
Description:
Photopost PHP Pro versions 4.6 and below suffer from a SQL injection vulnerability due to a lack of variable sanitization with the photo variable.
Author:G00db0y
Homepage:http://www.zone-h.org/en/advisories/read/id=3844/
File Size:1716
Last Modified:Feb 3 02:09:00 2004
MD5 Checksum:00d5f0cd35641866af74bde03d9615fd

 ///  File Name: ZH2004-04SA.txt
Description:
Multiple SQL Injection vulnerabilities live in ReviewPost PHP Pro due to insufficient sanitization of user-supplied data.
Author:G00db0y
Homepage:http://www.zone-h.org
File Size:1591
Last Modified:Feb 4 17:33:00 2004
MD5 Checksum:43b9ac1af0b8f4aff0c261d3335e2233

 ///  File Name: ZH2004-05SA.txt
Description:
BosDates lacks sufficient sanitization of user-supplied data. Inadvertantly, it allows a remote attacker to influence SQL query logic to disclose sensitive information that can be used to gain unauthorized access.
Author:G00db0y
Homepage:http://www.zone-h.org/
File Size:1397
Last Modified:Feb 11 16:50:00 2004
MD5 Checksum:5ab76710a75ee4dfac8d76cb3960fd59