Section: .. / 0411-exploits /

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 76

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	000102advisory.txt
Description:	MailEnable Professional Edition version 1.52 and MailEnable Enterprise Edition version 1.01 both suffer from a remote buffer overflow in their IMAP service. Full exploit included.
Author:	Nima Majidi, idespinner, class101
Homepage:	http://www.hat-squad.com/
File Size:	7305
Last Modified:	Dec 11 22:51:22 2004
MD5 Checksum:	102445417417101b51b8c9f52b3d0bd8

/// File Name:	04WebServer.txt
Description:	Documentation on three vulnerabilities that were found in version 1.42 of 04WebServer. It includes a XSS vulnerability, lack of character filtering when writing to log file, and potential server restart problems after requesting a DOS device in the URL.
Author:	Tan Chew Keong
Homepage:	http://www.security.org.sg/
File Size:	3784
Last Modified:	Nov 12 05:17:17 2004
MD5 Checksum:	b8f33c4f3e82717870f0a4047e3f19dc

/// File Name:	101_mini.cpp
Description:	Minishare versions 1.4.1 and below remote buffer overflow exploit that binds a shell to port 101.
Author:	class101
File Size:	8268
Last Modified:	Nov 10 07:31:50 2004
MD5 Checksum:	470aaf255d5cecbac310c94088f9fe4f

/// File Name:	101_netn.cpp
Description:	NetNote Server version 2.2 build 230 crafted string vulnerability exploit that crashes the server.
Author:	class101
File Size:	4522
Last Modified:	Nov 13 20:03:40 2004
MD5 Checksum:	2471da94acdd22918c6bdbee201e68f4

/// File Name:	101_slim.cpp
Description:	Remote buffer overflow exploit for SlimFTPd versions 3.15 and below. Binds a shell to port 101.
Author:	class101
File Size:	9879
Last Modified:	Nov 12 05:06:30 2004
MD5 Checksum:	3bd529c381a9d88fc5ed46d54c552c88

/// File Name:	20041119.IESP2Unpatched.html
Description:	Microsoft Internet Explorer (including IE for Windows XP SP2) is reported vulnerable to a file download security warning bypass. This unpatched flaw may be exploited to download a malicious executable file masqueraded as a HTML file. Full exploitation given. Original posted on k-otik.
Author:	cyber flash
Homepage:	http://www.k-otik.com/
Related File:	sa13203.txt
File Size:	5666
Last Modified:	Nov 20 23:50:57 2004
MD5 Checksum:	efd4da6639e3f50e0df00ddbd6efee64

/// File Name:	602res.zip
Description:	Test exploit for 602 Lan Suite versions 2004.0.04.0909 and below which are susceptible to resource consumption and socket consumption attacks.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	602Lansuite.txt
File Size:	8248
Last Modified:	Nov 10 07:27:29 2004
MD5 Checksum:	083477b9aed0b9ad0220f4e3ab66310d

/// File Name:	aclient.txt
Description:	Altiris Deployment Solution 5.6 SP1 (Hotfix E) suffers from a privilege escalation flaw that allows for SYSTEM level access. Step by step exploitation given.
Author:	Reed Arvin
File Size:	870
Last Modified:	Nov 20 23:30:46 2004
MD5 Checksum:	1be9fdc191a6ebdcdd6f90985f998910

/// File Name:	adv08-y3dips-2004.txt
Description:	JAF CMS is susceptible to path disclosure and directory traversal attacks.
Author:	y3dips
Homepage:	http://y3dips.echo.or.id/
File Size:	4582
Last Modified:	Nov 10 08:25:19 2004
MD5 Checksum:	3333ed76a744b568ac89516141226f1c

/// File Name:	advRX181104.txt
Description:	Cscope 15.5 and possibly earlier versions may suffer from a race condition that allows for local compromise. Proof of concept exploits included.
Author:	Gangstuck, Psirac
File Size:	6051
Last Modified:	Nov 20 22:50:41 2004
MD5 Checksum:	4a0e0ab79fabe9230af9db9e474118cb

/// File Name:	apache-squ1rt.c
Description:	Apache v2.0.52 remote denial of service exploit (version two) which sends a lot of spaces, consuming CPU and RAM. More information available here. Versions between 2.0.35 and 2.0.52 may be vulnerable, but only v2.0.50 through 2.0.52 was tested.
Author:	Daniel Guido
File Size:	2522
Related CVE(s):	CAN-2004-0942
Last Modified:	Nov 18 06:38:03 2004
MD5 Checksum:	a38bce43fe615d961245f570ff5817f4

/// File Name:	atari800.txt
Description:	Exploit for the Atari800 atari emulator. Allows for local privilege escalation to root six different ways.
Author:	Adam Zabrocki
Homepage:	http://www.pi3.int.pl
File Size:	16729
Last Modified:	Dec 11 21:04:51 2004
MD5 Checksum:	ed16586d6fb2d85c7c96dabf3e66909f

/// File Name:	b4b0-phpbb.tgz
Description:	PhpBB v1.0.0 - 2.0.10 remote exploit which takes advantage of a bug in admin_cash.php. Opens a back door on a tcp port.
Author:	evilrabbi
File Size:	1202
Last Modified:	Nov 24 07:24:24 2004
MD5 Checksum:	3f3f2f16c17761e910f11a2cb42cc9c0

/// File Name:	binfmt_elf.txt
Description:	Five different flaws have been identified in the Linux ELF binary loader. Exploit included core dumps a non-readable but executable ELF file.
Author:	Paul Starzetz
File Size:	13503
Last Modified:	Nov 12 04:57:59 2004
MD5 Checksum:	89d38e2fe7148d28370803dcceda7a1d

/// File Name:	cccitftp-adv.txt
Description:	Chesapeake TFTP server version 1.0 is susceptible to a classic directory traversal attack that allows an attacker to upload and download files anywhere on the disk. This server is also susceptible to a denial of service flaw.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
File Size:	1964
Last Modified:	Nov 2 02:29:11 2004
MD5 Checksum:	34cc374333823f7ecbea15fee1812b10

/// File Name:	cht-2004.txt
Description:	Web Forums Server versions 1.6 and 2.0 suffer from directory traversal attacks and also store passwords in cleartext.
Author:	R00tCr4ck
Homepage:	http://www.CyberSpy.Org
File Size:	1488
Last Modified:	Nov 5 05:00:21 2004
MD5 Checksum:	14e19abbf9003b20cdd70064c076608c

/// File Name:	coffeecupbof.txt
Description:	CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10 both suffer from an overflow that allows for arbitrary code execution. Exploit included that spawns a shell on port 5555.
Author:	Komrade
Homepage:	http://unsecure.altervista.org
File Size:	11433
Last Modified:	Dec 11 19:22:06 2004
MD5 Checksum:	0e0db67aab85ed49f32a9859c5300151

/// File Name:	dmsPOP3.txt
Description:	A buffer overflow exists in DMS POP3 Server for Windows 2000/XP 1.5.3 build 37 and prior versions. Demonstration exploit included.
Author:	Reed Arvin
File Size:	1648
Last Modified:	Nov 20 23:21:49 2004
MD5 Checksum:	d0b5cdae27042d688d59e55c6e8046ac

/// File Name:	ecl-channel.adv
Description:	Local user input handling vulnerabilities exist in WCI's TC-IDE Embedded Linux prior to v1.54 which allow local users with access to the tools provided with the system to spawn a root console, gaining full control over the running Linux operating system. In corporate environments where this product is being used, such vulnerabilities could cause disastrous effects, all users are encouraged to update to the latest firmware ASAP.
Author:	ECL Team
File Size:	2192
Last Modified:	Nov 24 06:14:14 2004
MD5 Checksum:	2eb22b307cc833cd042d1b49d8b116c4

/// File Name:	eudora62014.txt
Description:	Eudora 6.2.14 for Windows that was just released is still susceptible to an attachment spoofing vulnerability. Working exploit included.
Author:	Paul Szabo
File Size:	1815
Last Modified:	Nov 20 19:53:13 2004
MD5 Checksum:	e9515fc1cf11e9494efc450dd93f8140

/// File Name:	ex_MERCURY.c
Description:	Universal remote exploit for the buffer overflow vulnerability in Mercury Mail 4.01 (Pegasus) IMAP server.
Author:	John H.
File Size:	6470
Last Modified:	Dec 12 00:26:19 2004
MD5 Checksum:	df3670644acf63435dd9a77c428eb3cf

/// File Name:	ezshopper.txt
Description:	EZshopper is susceptible to a directory traversal attack. Exploitation included.
Author:	Zero X
Homepage:
File Size:	352
Last Modified:	Dec 11 21:39:34 2004
MD5 Checksum:	e2a9fe55accc25d065eb53bbcbb714c4

/// File Name:	GFHost.pl
Description:	GFHost PHP GMail remote command execution exploit that achieves webserver id privileges.
Author:	spabam
File Size:	3592
Last Modified:	Nov 20 20:56:16 2004
MD5 Checksum:	6cc47ad984586b88bfcd9274b36a902e

/// File Name:	halocboom.zip
Description:	Halo: Combat Evolved versions 1.05 and below remote denial of service exploit.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	halocboom.txt
File Size:	8162
Last Modified:	Dec 11 19:27:25 2004
MD5 Checksum:	5257b93c92f2170e0d3e1cce4033571b

/// File Name:	HOD-kerio-firewall-DoS-expl.c
Description:	Denial of service exploit for Kerio Personal Firewall version 4.1.1 and below. The vulnerability allows a remote attacker to reliably render a system inoperative with one single packet.
Author:	houseofdabus
Related File:	eEye.kerio.txt
File Size:	11858
Last Modified:	Nov 12 21:39:21 2004
MD5 Checksum:	2155470b61ae00f217da31c8c79a9285