Section:  .. / 0409-exploits  /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 56
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: 00047-08302004.txt
Description:
Xedus version 1.0 is susceptible to denial of service, cross site scripting, and directory traversal vulnerabilities.
Author:James Bercegay
Homepage:http://www.gulftech.org/
File Size:3083
Last Modified:Sep 2 09:19:42 2004
MD5 Checksum:567d28a9c99e91567a36cf57d7e8b74a

 ///  File Name: 0409-exploits.tgz
Description:
Packet Storm new exploits for September, 2004.
File Size:1045479
Last Modified:Oct 1 18:32:39 2004
MD5 Checksum:2fb304d87dca78c323690298ac9d1a9e

 ///  File Name: actpboom.zip
Description:
Proof of concept exploit ActivePost Standard versions 3.1 and below that makes use of a denial of service flaw.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:activePost.txt
File Size:7145
Last Modified:Sep 29 09:25:27 2004
MD5 Checksum:81fde4a9ca937dcd9ff4d85f145b658f

 ///  File Name: adv06-y3dips-2004.txt
Description:
1n BBS E-Market Professional is susceptible to remote command execution vulnerabilities via remote file inclusion and also has a full path disclosure flaw.
Author:y3dips
Homepage:http://y3dips.echo.or.id/
File Size:4104
Last Modified:Sep 10 20:51:18 2004
MD5 Checksum:e03ea9d6a54e8faeae3be555ce7dc52e

 ///  File Name: adv17.txt
Description:
A vulnerability in Turbo Seek 1.x allows an attacker the ability to access the contents of any file in the file system.
Author:durito
Homepage:http://www.lwb57.org
File Size:861
Last Modified:Sep 14 00:37:15 2004
MD5 Checksum:f5470a4a1d3e619d6d8a9e9116dd321c

 ///  File Name: advisory-05-glFTPd.txt
Description:
The dupescan binary from glFTPd versions 2.00RC3 and below suffers from a stack overflow that can be exploited locally. Full exploit included.
Author:CoKi
Homepage:http://www.nosystem.com.ar
File Size:4328
Last Modified:Sep 21 10:09:39 2004
MD5 Checksum:373e7c82d4e8791105b347c2dc1e2f45

 ///  File Name: aspWebCalendar.txt
Description:
Both aspWebCalendar and aspWebAlbum are susceptible to SQL injection attacks.
Author:cybercide
File Size:2514
Last Modified:Sep 29 09:30:18 2004
MD5 Checksum:07b2490102b9e85da521cac1613b0434

 ///  File Name: bbsEMarket.txt
Description:
BBS E-Market Professional suffers from path disclosure, file download, file disclosure, user authentication bypass, and php source injection vulnerabilities. BBS E-Market patch level bf_130, version 1.3.0, and below is affected.
Author:Jeong Jin-Seok
Related Exploit:adv06-y3dips-2004.txt"
File Size:2984
Last Modified:Sep 15 22:20:40 2004
MD5 Checksum:133a5b60174c02fa4e4fd6daf7653f09

 ///  File Name: BJDExploit.rar
Description:
Buffer overflow exploit for BlackJumboDog FTP server version 3.6.1 that opens up port 7777 allowing for an executable upload.
Author:Delikon
Homepage:http://www.delikon.de
File Size:894629
Last Modified:Sep 10 05:50:26 2004
MD5 Checksum:4fc6dee5800f93c254e636f16d9e3049

 ///  File Name: cdr_exp.sh
Description:
Local root exploit for cdrecord, which fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable.
Author:newbug
Related File:MDKSA-2004:091.txt
File Size:691
Related CVE(s):CAN-2004-0806
Last Modified:Sep 10 07:02:31 2004
MD5 Checksum:00639004e7b4b1726824c19988f20bec

 ///  File Name: cdrdao.sh
Description:
Local root exploit for an old flaw in cdrdao.
File Size:1539
Last Modified:Sep 9 10:19:48 2004
MD5 Checksum:f80b8adc52886012cdc4bfaced9de4be

 ///  File Name: codboom.zip
Description:
Proof of concept exploit for Call of Duty versions 1.4 and below that makes use of a denial of service vulnerability.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:CallOfDuty.txt
File Size:9101
Last Modified:Sep 9 09:39:36 2004
MD5 Checksum:a7c36f7261bb0e082d1376fa1c267feb

 ///  File Name: drizzit.c
Description:
AIM Away Message buffer overflow exploit. Affects AIM versions 5.5.3588, 5.5.3590 Beta, 5.5.3591, 5.5.3595 and others.
Author:John Bissell A.K.A. HighT1mes
File Size:19724
Last Modified:Sep 9 05:53:42 2004
MD5 Checksum:404fe625228d0d0b22c71e15c851fbcc

 ///  File Name: dynalink.Backdoor.txt
Description:
Dynalink RTA 230 ADSL router has a hardcoded backdoor account with root privileges.
Author:fabio
File Size:1118
Last Modified:Sep 9 08:19:16 2004
MD5 Checksum:424a644cf4136a9f72e7291fe02fa681

 ///  File Name: EmuliveVuln.txt
Description:
Emulive Server4 Commerce Edition Build 7560 suffers from a denial of service vulnerability and allows for unauthorized administrative access due to insufficient input verification.
Author:James Bercegay
Homepage:http://www.gulftech.org/
File Size:3007
Last Modified:Sep 22 00:54:52 2004
MD5 Checksum:473a1647cd41c7d4d3c4eb2f29e8aa3d

 ///  File Name: ez.txt
Description:
Opening up more than 600 connections to Ezmeeting versions 3.4.0 causes the application to crash.
Author:dr_insane
File Size:4684
Last Modified:Sep 9 08:45:21 2004
MD5 Checksum:0ac05cfb7cd14644764767ed7376f15a

 ///  File Name: flc_exp.c
Description:
Local exploit for flc versions 1.0.4 and below. Note that flc is not setuid by default and this is completely proof of concept. Tested on Slackware 10.0.
Author:CoKi
Homepage:http://www.nosystem.com.ar
File Size:5200
Last Modified:Sep 30 09:54:30 2004
MD5 Checksum:6bde4a3aa0db275b740ec679ab535911

 ///  File Name: getinternet.txt
Description:
getInternet is susceptible to multiple SQL injection attacks and remote command execution. Full exploitation details provided.
Homepage:http://www.criolabs.net
File Size:2078
Last Modified:Sep 14 23:04:46 2004
MD5 Checksum:a4193072d03ff26e8d4c85fde0fc6ce2

 ///  File Name: getintranet.txt
Description:
getIntranet 2.x is susceptible to cross site scripting, SQL injection, script insertion, and multiple other attacks.
Homepage:http://www.criolabs.net/
File Size:4744
Last Modified:Sep 14 23:10:17 2004
MD5 Checksum:ba50543e08977504330d7c44c1be564c

 ///  File Name: haloboom.zip
Description:
Proof of concept denial of service exploit for Halo: Combat Evolved versions 1.4 and below which suffer from an off-by-one vulnerability.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org/
Related File:halo14.txt
File Size:10124
Last Modified:Sep 10 21:08:52 2004
MD5 Checksum:a209bcdbf59c23cdf87a5de474779cb6

 ///  File Name: jpegcompoc.zip
Description:
Proof of concept exploit for the recent JPEG buffer overrun vulnerability that crashes any Windows XP system that has not been patched for this flaw.
Homepage:http://www.gulftech.org/
Related File:ms04-028.html
File Size:7425
Related CVE(s):CAN-2004-0200
Last Modified:Sep 17 09:21:56 2004
MD5 Checksum:4ad5d8988446467319a2cc56f786cbfb

 ///  File Name: JpegOfDeath.c
Description:
GDI+ JPEG remote exploit that is a modified version of the FoToZ exploit that has reverse connect-back functionality as well as a bind feature that will work with all NT based OSes.
Author:John Bissell A.K.A. HighT1mes
File Size:19148
Related CVE(s):CAN-2004-0200
Last Modified:Sep 29 07:23:52 2004
MD5 Checksum:f782b4f39d2b36dae9a9c07dd5d1f11e

 ///  File Name: JpegOfDeathAll.c
Description:
GDI+ JPEG remote exploit that is a modified version of the FoToZ exploit that has reverse connect-back functionality as well as a bind feature that will work with all NT based OSes. This even-moreso enhanced version also has the ability add a user to the administrative group and can perform a file download.
Author:M4Z3R
File Size:24246
Related CVE(s):CAN-2004-0200
Last Modified:Sep 29 07:30:33 2004
MD5 Checksum:f7f34642b20f482a8ce7f619bb239501

 ///  File Name: JpgDownloader.c
Description:
Microsoft Windows JPEG GDI+ Overflow Download Shellcoded exploit.
Author:ATmaCA
Homepage:http://www.prohack.net
File Size:10617
Related CVE(s):CAN-2004-0200
Last Modified:Sep 29 07:27:15 2004
MD5 Checksum:aa804f40ffe756a77f4906e51432550e

 ///  File Name: lotr3boom.zip
Description:
Remote denial of service exploit for Lords of the Realm III versions 1.01 and below that will crash the server.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:lotr3boom-adv.txt
File Size:6881
Last Modified:Sep 21 21:25:26 2004
MD5 Checksum:bb718b4f3b9b9ef2ccf38c6c95124664