Section: .. / 0412-exploits /

Page 2 of 3
<< 1 2 3 >> Files 25 - 50 of 74

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	ie6-file-detection.txt
Description:	Internet Explorer 6.0 SP1 + Win2k SP4 (up to date) local file detection advisory and exploit which uses the sysimage:// protocol to allow websites to determine which software is installed. Online demonstration available here.
Author:	Gregory R. Panakkal
File Size:	1554
Last Modified:	Dec 9 09:43:34 2004
MD5 Checksum:	ed420f20aa99e3de906f1e316a3f35ac

/// File Name:	isec-0018-igmp.txt
Description:	Multiple bugs both locally and remotely exploitable have been found in the Linux IGMP networking module and the corresponding user API. Full exploit provided. Linux kernels 2.4 up to and include 2.4.28 and 2.6 up to and including 2.6.9 are affected.
Author:	Paul Starzetz
Homepage:	http://isec.pl/vulnerabilities/isec-0018-igmp.txt
File Size:	9640
Related CVE(s):	CAN-2004-1137
Last Modified:	Dec 30 08:22:34 2004
MD5 Checksum:	b7cd630515de8672732c1abcbf16e912

/// File Name:	isec-0019-scm.txt
Description:	A locally exploitable flaw has been found in the Linux socket layer that allows a local user to hang a vulnerable machine. Kernel version 2.4 up to and including 2.4.28 and 2.6 up to and including 2.6.9 are susceptible. Full exploitation provided.
Author:	Paul Starzetz
Homepage:	http://isec.pl/vulnerabilities/isec-0019-scm.txt
File Size:	4262
Related CVE(s):	CAN-2004-1016
Last Modified:	Dec 30 08:24:55 2004
MD5 Checksum:	8899648b0df449114a9613a0d4f6a051

/// File Name:	isec-0020-mozilla.txt
Description:	A heap overflow in Mozilla browser versions 1.7.3 and below in the NNTP code may allow for arbitrary code execution.
Author:	Maurycy Prodeus
Homepage:	http://isec.pl/vulnerabilities/isec-0020-mozilla.txt
File Size:	3057
Last Modified:	Jan 2 21:10:27 2005
MD5 Checksum:	28f2d5a8e2e4029a4b83de4ea3ca607e

/// File Name:	iwebnegar.txt
Description:	iwebnegar, the farsi weblog software, is susceptible to SQL injection attacks.
Homepage:	http://www.karchack.com
File Size:	521
Last Modified:	Dec 30 09:13:48 2004
MD5 Checksum:	0360996620880c5375c3a5ad9ae461ac

/// File Name:	kayako.txt
Description:	Kayako eSupport version 2.x suffers from cross site scripting and SQL injection flaws. Detailed exploitation given.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
File Size:	2477
Last Modified:	Dec 30 11:14:52 2004
MD5 Checksum:	7c4bc89d826913a9cb09043cb0ecea11

/// File Name:	KorWeblog.txt
Description:	KorWeblog suffers from a directory traversal vulnerability that enables malicious attackers to access files and include malicious php files. Versions 1.6.2-cvs and below are susceptible.
Author:	Mins
File Size:	3436
Last Modified:	Jan 2 21:32:14 2005
MD5 Checksum:	aef213cbdc2bb62aa2b5f0700792a633

/// File Name:	kreedexec.zip
Description:	Remote exploit for Kreed versions 1.05 and below that suffer from format string error, denial of service, and server freeze flaws.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	kreedexec.txt
File Size:	11451
Last Modified:	Dec 12 01:23:53 2004
MD5 Checksum:	b975e09fcf4c5ed1de4d0811c9d44aaa

/// File Name:	lithsock.zip
Description:	Remote denial of service proof of concept exploit for the Lithtech game engine that is susceptible to a denial of service attack via a logic error when handling UDP packets with zero bytes.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org/
Related File:	lithsock.txt
File Size:	7789
Last Modified:	Dec 30 07:42:42 2004
MD5 Checksum:	781945faf97839d745ebc389b81f073a

/// File Name:	lsmcode.txt
Description:	Local root command execution exploit for lsmcode on AIX 5.1 to 5.3.
File Size:	214
Last Modified:	Dec 30 22:28:28 2004
MD5 Checksum:	fcffe0184ed7b96001e095490c14c38c

/// File Name:	moodle142.txt
Description:	Moodle versions 1.4.2 and below suffer from cross site scripting and file inclusion vulnerabilities.
Author:	Bartek Nowotarski
File Size:	3831
Last Modified:	Jan 2 20:41:32 2005
MD5 Checksum:	b9eca4daf115cfb19a91e59348bc0731

/// File Name:	msnXSS.txt
Description:	A whole slew of cross site scripting flaws have been discovered and are listed here.
Author:	Jamie Fisher
File Size:	19794
Last Modified:	Dec 12 19:33:02 2004
MD5 Checksum:	bdde296e55534bed7cacfd8464b7b495

/// File Name:	MSXPSP2-ieEXP.txt
Description:	Internet Explorer HTML Help Control Local Zone bypass exploit that can be used against Microsoft Windows XP versions SP2 and below.
Author:	Michael Evanchik, Paul from Greyhats, http-equiv
Homepage:	http://www.michaelevanchik.com
File Size:	28646
Last Modified:	Jan 1 03:39:57 2005
MD5 Checksum:	5aabc81cc7ff559369ba72b039815c3a

/// File Name:	netcat-exp.txt
Description:	A buffer overflow in netcat can allow for remote compromise. Full exploit provided.
Author:	class101
File Size:	15514
Last Modified:	Jan 2 20:13:29 2005
MD5 Checksum:	a2b6b784698e602e8fb3cea8f8d99e58

/// File Name:	paginit.c
Description:	Local stack overflow exploit for /usr/bin/paginit on AIX versions 5.3/5.2/5.1.
Author:	cees-bart
File Size:	1550
Last Modified:	Dec 30 22:26:58 2004
MD5 Checksum:	0bf35a7346b171510b2b1029835a75f3

/// File Name:	php-openlog.txt
Description:	Proof of concept exploit for the PHP openlog() vulnerability inherent in PHP 4.3.x. Tested against Win2k SP4 and PHP 4.3.5 on Apache 2.0.49.
Author:	The Warlock
Homepage:	http://go.to/biohazardhq
File Size:	5413
Last Modified:	Dec 31 20:46:58 2004
MD5 Checksum:	4a46b51bf6d846cb40d8756cf4d49de6

/// File Name:	phpbb-url.pl
Description:	Simple tool to automate the creation of the URL needed to exploit phpBB versions below 2.0.11 using the viewtopic.php vulnerability.
Author:	Trivero
Homepage:	http://albythebest.altervista.org/
File Size:	1780
Last Modified:	Dec 31 23:02:11 2004
MD5 Checksum:	f54e59d659820db210376da4a83090c8

/// File Name:	phpbbmemorydump.cpp
Description:	phpBB 2.x with PHP <= 4.3.9 Remote unserialize() exploit, in c++. More information available here.
Author:	Overdose
File Size:	21905
Last Modified:	Dec 20 06:47:59 2004
MD5 Checksum:	56830aa54ca1057db8801240d287900e

/// File Name:	phpbbquoteflaw.txt
Description:	A flaw in phpBB 2.x allows a malicious user the ability to alter how posts are aligned due to mishandling of quotes in posts.
Author:	Matt Benenati
File Size:	1061
Last Modified:	Dec 12 21:19:30 2004
MD5 Checksum:	631b10282d8639800a9bd49df6ef8292

/// File Name:	phpbbworm2.tgz
Description:	New version of the phpBB worm that successfully works against a patched phpBB 2.0.11. The scripts in this tarball are the worm itself and the bot that is installed. Found by Herman Sheremetyev.
File Size:	6414
Last Modified:	Dec 31 23:23:21 2004
MD5 Checksum:	3e25607b656731c8902642da039f0697

/// File Name:	phpcalendar.txt
Description:	PHP-Calendar suffers from a file inclusion vulnerability. All versions are affected.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
File Size:	2438
Last Modified:	Jan 2 21:07:16 2005
MD5 Checksum:	f3d2a2da12855b70374d273e68526a83

/// File Name:	phpGroupWare.txt
Description:	phpGroupWare version 0.9.16.003 is susceptible to full path disclosure, cross site scripting, and SQL injection attacks. Exploitation provided.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
File Size:	5975
Last Modified:	Dec 30 08:54:56 2004
MD5 Checksum:	8889f85e8f28423e6ef44a2548455b0c

/// File Name:	PhpIncludeWorm.txt
Description:	New PHP based worm that targets any vulnerable page or script with a remote file inclusion vulnerability.
File Size:	3602
Last Modified:	Jan 2 19:55:57 2005
MD5 Checksum:	7d59d83dd3eed703eff0dda98b9c9632

/// File Name:	pmc.pl.txt
Description:	Remote exploit for phpMyChat 0.14.5 that adds an administrative account.
Author:	sysbug
File Size:	3412
Last Modified:	Dec 31 20:55:58 2004
MD5 Checksum:	76d239aa6079f00c2b41ce5ca9007afb

/// File Name:	raptor_chown.c
Description:	Local exploit for a flaw in Linux kernel that allows for group ownership change and possible system compromise. Tested against Linux kernel versions 2.4.x through 2.4.27-rc3 and 2.6.x through 2.6.7-rc3.
Author:	Marco Ivaldi
Homepage:	http://www.0xdeadbeef.info/
File Size:	2346
Related CVE(s):	CAN-2004-0497
Last Modified:	Dec 31 21:29:25 2004
MD5 Checksum:	43f4d86223937cea4b9e4e7256c1428c