Section:  .. / 0510-exploits  /

Page 2 of 4
<< 1 2 3 4 >> Files 25 - 50 of 75
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: 10.10.05.txt
Description:
iDEFENSE Security Advisory 10.10.05-1 - Local exploitation of a design error vulnerability in the runpriv command included in multiple versions of Silicon Graphics Inc.'s IRIX could allow for arbitrary code execution as the root user. iDEFENSE has confirmed the existence of this vulnerability in SGI IRIX version 6.5.22 (maintenance). It is suspected that previous and later versions of both the feature and maintenance revisions of IRIX 6.5 are also vulnerable.
Homepage:http://www.idefense.com
File Size:4614
Related CVE(s):CAN-2005-2925
Last Modified:Oct 11 06:50:55 2005
MD5 Checksum:7739b7bd8768ae74b99e57fdb64e6838

 ///  File Name: Rockliffe.txt
Description:
During an audit of a client, Security-Assessment.com discovered multiple critical vulnerabilities within the RockLiffe MailSite Express WebMail software. The vulnerabilities include the retrieval of arbitrary files from the web server, and bypassing attachment validation routines allowing for remote code execution. Exploitation details included. All versions of RockLiffe MailSite Express WebMail prior to version 6.1.22 are affected.
Author:Paul Craig
Homepage:http://www.security-assessment.com/
File Size:4335
Last Modified:Oct 31 00:13:59 2005
MD5 Checksum:3ff38e4d684180018f4aebab2106f220

 ///  File Name: mirabilis.c
Description:
Mirabilis ICQ 2003a buffer overflow download shellcoded exploit. Affected versions: Mirabilis ICQ Pro versions 2003a and below.
Author:ATmaCA
Homepage:http://www.atmacasoft.com
File Size:4199
Last Modified:Oct 31 00:32:53 2005
MD5 Checksum:68429a8c319db0ab0a22dff8987e36a7

 ///  File Name: MerakXSS.txt
Description:
Merak Mail Server 8.2.4r with Icewarp Web Mail 5.5.1 is susceptible to cross site scripting and directory traversal attacks.
Author:ShineShadow
File Size:3990
Last Modified:Oct 6 05:34:48 2005
MD5 Checksum:c5479586cfc38ea73b1362a12df8f872

 ///  File Name: secunia-Mantis.txt
Description:
Secunia Research has discovered a vulnerability in Mantis, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the t_core_path parameter in bug_sponsorship_list_view_inc.php is not properly verified before it used to include files. This can be exploited to include arbitrary files from external and local resources. Affected versions: Mantis 0.19.2 and 1.0.0rc2. Other versions may also be affected.
Author:Andreas Sandblad
Homepage:http://www.secunia.com
File Size:3787
Last Modified:Oct 27 08:21:45 2005
MD5 Checksum:a80126dd9202835f1f33d9100084b167

 ///  File Name: VERITAS-OSX.pl.txt
Description:
VERITAS Netbackup remote format string exploit for Mac OS-X.
Author:johnh
Homepage:http://www.digitalmunition.com/
File Size:3772
Last Modified:Oct 31 00:44:40 2005
MD5 Checksum:a99cc0cea55e300e8b4870f2a1456aa5

 ///  File Name: VERITAS-Linux.pl.txt
Description:
VERITAS Netbackup remote format string exploit for Linux.
Author:johnh
Homepage:http://www.digitalmunition.com/
File Size:3257
Last Modified:Oct 31 00:42:00 2005
MD5 Checksum:3337b74b703e0c9d2f85a5a4e04a70e0

 ///  File Name: php-iCalendar.txt
Description:
PHP iCalendar versions 2.0a2, 2.0b, 2.0c, and 2.0.1 are susceptible to a cross site scripting vulnerability. Exploitation details provided.
Author:Francesco Ongaro aka aScii
Homepage:http://www.ush.it/2005/10/25/php-icalendar-css/
File Size:3123
Last Modified:Oct 27 06:49:29 2005
MD5 Checksum:f1a20e7ff53f7521b7f8098bdcf0dbac

 ///  File Name: aenovoSQL.txt
Description:
Aenovo is susceptible to multiple SQL injection and cross site scripting vulnerabilities. Details provided.
Author:Devil_box, Farhad Koosha
Homepage:http://www.kapda.ir/
File Size:3108
Last Modified:Oct 8 18:36:11 2005
MD5 Checksum:e561e4e93fc7945cc8062b0c36201777

 ///  File Name: advisory-103.txt
Description:
Various Techno Dreams scripts are susceptible to sql injection flaws. Proof of concept examples provided.
Author:Farhad Koosha
Homepage:http://www.kapda.ir/
File Size:3108
Last Modified:Oct 27 08:23:41 2005
MD5 Checksum:9dfaf6f058204304f8c96c9a17cffee7

 ///  File Name: caigw.c
Description:
Computer Associates iGateway debug mode remote buffer overflow exploit.
Author:erikam
File Size:3024
Last Modified:Oct 12 09:33:35 2005
MD5 Checksum:d0cb97a5f1697e872f78704181815177

 ///  File Name: TUVSA-0510-001.txt
Description:
Yapig versions 0.95b and below suffer from code injection and cross site scripting vulnerabilities.
Author:Nenad Jovanovic
Homepage:http://www.seclab.tuwien.ac.at
File Size:3004
Last Modified:Oct 15 02:37:49 2005
MD5 Checksum:f1f0ebe8bc75c84fd81137aa5a411aa4

 ///  File Name: swisscom-XSS.txt
Description:
Swisscom EuroSpot wireless service suffers from multiple cross site scripting vulnerabilities. Details provided.
Author:deepquest
File Size:2911
Last Modified:Oct 31 00:52:48 2005
MD5 Checksum:9741d277e2403db9c5b6f2c1ee4ff94b

 ///  File Name: EXPL-A-2005-015-tellme.txt
Description:
TellMe versions 1.2 and below are susceptible to cross site scripting attacks.
Author:Donnie Werner
Homepage:http://exploitlabs.com
File Size:2855
Last Modified:Oct 6 09:02:13 2005
MD5 Checksum:3ddd430c42f0a27aecf330497720b583

 ///  File Name: oracle_htmldb_css.txt
Description:
The Oracle HTMLDB contains some cross site scripting vulnerabilities.
Author:Alexander Kornbrust
Homepage:http://www.red-database-security.com/
File Size:2629
Last Modified:Oct 8 19:17:00 2005
MD5 Checksum:1eb249024feeb9e544cb57a805f4d8b4

 ///  File Name: SEC-20051025-0.txt
Description:
SEC-CONSULT Security Advisory 20051025-0 - The Snoop PHP web client is susceptible to a remote command execution vulnerability when a specially crafted URL is supplied. Versions 1.2 and earlier are affected.
Author:Daniel Fabian
Homepage:http://www.sec-consult.com
File Size:2566
Last Modified:Oct 27 07:13:55 2005
MD5 Checksum:907f0220f39742e9598e02d67bfe5f84

 ///  File Name: xine-cddb-server.pl.txt
Description:
Proof of concept exploit for the remote format string vulnerability discovered in the xine/gxine CD player. The vulnerable code is found in the xine-lib library that both xine and gxine use. The vulnerable versions are at least xine-lib-0.9.13, 1.0, 1.0.1, 1.0.2 and 1.1.0. Patch available here.
Author:Ulf Harnhammar
Homepage:http://www.debian.org/security/audit/
Related File:xineFormat.txt
File Size:2410
Related CVE(s):CAN-2005-2967
Last Modified:Oct 8 20:48:06 2005
MD5 Checksum:0ccbc74dc926408c0b0bd3ad220e9737

 ///  File Name: SEC-20051025-1.txt
Description:
SEC-CONSULT Security Advisory 20051025-1 - RSA Authentication Agent for Web 5.1 is prone to a cross site scripting vulnerability. Please note that this is issue is different from CAN-2003-0389. Affected versions: This flaw was discovered in version 5.1 of RSA Agent for Web. No other versions were available for testing. Web Agents greater than 5.1 may also be vulnerable.
Homepage:http://www.sec-consult.com
File Size:2302
Last Modified:Oct 27 07:16:15 2005
MD5 Checksum:07936548503e95a84c2ec606f8e734e8

 ///  File Name: flysprayXSS.txt
Description:
Flyspray versions 0.9.7, 0.9.8, and 0.9.8-devel are susceptible to cross site scripting. Exploitation details included.
Author:Lostmon
Homepage:http://lostmon.blogspot.com/
File Size:2104
Last Modified:Oct 27 07:36:15 2005
MD5 Checksum:ea71179354fed766b45b5fc6c8e73f36

 ///  File Name: ctxpoliciesbypass.txt
Description:
A vulnerability in Citrix Metaframe Presentation Server versions 3.0 and 4.0 allows for users to bypass policy restrictions.
Author:Gustavo Gurmandi
Homepage:http://www.grupoitpro.com.ar
File Size:1929
Last Modified:Oct 6 05:46:58 2005
MD5 Checksum:5f13820d1d8a116dcd37c6039870051d

 ///  File Name: oracle_xmldb_css.txt
Description:
The XMLDB in Oracle Database 9i Release 2 is susceptible to cross site scripting attacks.
Author:Alexander Kornbrust
Homepage:http://www.red-database-security.com/
File Size:1848
Last Modified:Oct 8 19:23:25 2005
MD5 Checksum:3b7637096a07b9e72700e8fa81e8aff1

 ///  File Name: xloadFlaws.tgz
Description:
Three buffer overflows have been discovered in xloadimage during the handling of the image title name. When xloadimage is processing a loaded image, it is creating a new Image object and then writing the processed image to it. At that point, it will also copy the title from the old image to the newly created image. The 'zoom', 'reduce', and 'rotate' functions are using a fixed length buffer to construct the new title name when an image processing is done. Since the title name in a NIFF format is of varying length, and there are insufficient buffer size validations, the buffer can be overflowed. Proof of concept files included.
Author:Ariel Berkman
File Size:1754
Last Modified:Oct 7 06:21:21 2005
MD5 Checksum:4ebe115927efb8268af7d4de94c58dc9

 ///  File Name: oracle_isqlplus_css.txt
Description:
Oracle Database 9.0.2.4 with iSQLPlus is susceptible to a cross site scripting flaw.
Author:Alexander Kornbrust
Homepage:http://www.red-database-security.com/
File Size:1749
Last Modified:Oct 8 19:21:12 2005
MD5 Checksum:de7fe9e04d8c718cdf7675e88d1387d3

 ///  File Name: phpCounter.txt
Description:
PHP Counter is susceptible to cross site scripting and SQL injection vulnerabilities. Exploitation details provided.
Author:BiPi_HaCk
Homepage:http://www.NightmareTeAmZ.altervista.org
File Size:1720
Last Modified:Oct 8 20:50:18 2005
MD5 Checksum:9916ad3027dfb8af14d2133ed6921f42

 ///  File Name: guppyTraverse.txt
Description:
Guppy versions less than 4.5.6a suffer from a directory traversal flaw.
Author:Josh Zlatin-Amishav
File Size:1673
Last Modified:Oct 6 05:36:13 2005
MD5 Checksum:bcee9b2224bbc4f22288e5405a625bc0