Section:  .. / 0511-exploits  /

Page 5 of 6
<< 1 2 3 4 5 6 >> Files 100 - 125 of 131
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: SEC-20051107-1.txt
Description:
SEC-CONSULT Security Advisory 20051107-1 - SEC Consult has found that parameters to ActionDefineFunction (ACTIONRECORD 0x9b) in the Macromedia Flash Plugin are not properly sanitized. Loading a specially crafted SWF leads to an improper memory access condition which can be used to crash flash player or may be exploited as a vector for code execution. This issue is similar to CAN-2005-2628 (as reported by eEye Digital Security on November 4, 2005) but affects a different function. Versions affected: flash.ocx 7.0.19.0 and earlier, libflashplayer.so before 7.0.25.0.
Author:Bernhard Mueller
Homepage:http://www.sec-consult.com
File Size:3098
Last Modified:Nov 8 17:59:22 2005
MD5 Checksum:264599e1850c14e2756e29db80b22319

 ///  File Name: SEC-20051125-0.txt
Description:
SEC-CONSULT Security Advisory 20051125-0 - vTiger versions 4.2 and below have been found susceptible to SQL injection, cross site scripting, code execution, directory traversal, and arbitrary file upload flaws.
Author:Daniel Fabian
Homepage:http://www.sec-consult.com
File Size:6013
Last Modified:Nov 30 20:59:33 2005
MD5 Checksum:96d3cb698b8ebc4810a5d40fe39f7827

 ///  File Name: SF_multi.pl.txt
Description:
Veritas Storage Foundation 4.0 local root exploit that takes advantage of a buffer overflow in the VCSI18N_LANG environment variable.
Author:Kevin Finisterre
Homepage:http://www.digitalmunition.com/
Related File:DMA-2005-1112a.txt
File Size:1977
Last Modified:Nov 13 02:51:19 2005
MD5 Checksum:63e0191fae3cce7687106f886bb488df

 ///  File Name: SmartPPCProXSS.txt
Description:
SmartPPC Pro is susceptible to multiple cross site scripting flaws. Details provided.
Author:BiPi_HaCk
Homepage:http://www.NightmareSecurity.net
File Size:1658
Last Modified:Nov 30 20:40:21 2005
MD5 Checksum:580e5066cf6ab7d39ab0c4a24b8f7931

 ///  File Name: snort_bo_overflow_win32.pm.txt
Description:
Remote Snort Back Orifice preprocessor overflow Metasploit exploit for Win32 targets. Exploits Snort versions 2.4.0 through 2.4.2. Tested against Snort 2.4.2 Binary with Windows XP Professional SP1/SP2, Windows Server 2003 SP1, Windows Server 2000 SP0, and Windows 2000 Professional SP0.
Author:Kira
File Size:3507
Last Modified:Nov 2 02:21:35 2005
MD5 Checksum:64e0a9ba3164254f4a2ed9132d75616b

 ///  File Name: spymacXSS.txt
Description:
Spymac Web OS 4.0 is susceptible to multiple cross site scripting vulnerabilities. Full exploitation details provided.
Author:Lostmon
Homepage:http://lostmon.blogspot.com/2005/11/
File Size:3487
Last Modified:Nov 5 03:12:16 2005
MD5 Checksum:27cefc9d8d3de3e67378d98f45a27380

 ///  File Name: sudo168p10.sh.txt
Description:
Local root exploit for sudo versions below 1.6.8p10 that makes use of the environment cleaning flaws with the SHELLOPTS and PS4 variables.
Author:breno
Related File:USN-213-1.txt
File Size:992
Related CVE(s):CAN-2005-2959
Last Modified:Nov 10 06:32:06 2005
MD5 Checksum:26689850763402295ae09b43b6f7fa81

 ///  File Name: susechfn.sh.txt
Description:
Local root exploit for chfn under SuSE Linux 9.{1,2,3}/10.0, Desktop 1.0, UnitedLinux 1.0, and SuSE Linux Enterprise Server {8,9}.
Author:Hunger
Related File:SUSE-SA-2005-064.txt
File Size:961
Last Modified:Nov 10 06:43:38 2005
MD5 Checksum:895756970d08459e693287e6f9526a5a

 ///  File Name: TKADV2005-11-004.txt
Description:
Versions 1.5.3 and below of phpMyFAQ contain multiple persistent cross site scripting vulnerabilities. Exploitation details provided.
Author:Tobias Klein
File Size:7196
Last Modified:Nov 20 21:58:02 2005
MD5 Checksum:05fc1697b2809adbe3c1454fc4daf576

 ///  File Name: torrentialTraverse.txt
Description:
Torrential version 1.2 is susceptible to directory traversal attacks.
Author:Shell
File Size:1010
Last Modified:Nov 30 19:39:33 2005
MD5 Checksum:860ca089844b7b9cbca1185332388974

 ///  File Name: TUVSA-0511-001.txt
Description:
Simple PHP Blog versions 0.4.5 and below are susceptible to multiple cross site scripting attacks.
Author:Nenad Jovanovic
Homepage:http://www.seclab.tuwien.ac.at
File Size:5346
Last Modified:Nov 3 02:11:16 2005
MD5 Checksum:3636d3372789a162f31edbcfc6ee0e7c

 ///  File Name: twiki20030201.pl.txt
Description:
TWiki 20030201 VIEW string remote command execution exploit.
Author:rUnViRuS
Homepage:http://www.worlddefacers.net
File Size:3144
Last Modified:Nov 8 17:49:44 2005
MD5 Checksum:704505f7f84b2632546beef86fb51138

 ///  File Name: unb153pl3_xpl.html
Description:
Unclassified NewsBoard version 1.5.3 patch level 3 DateFrom and DateUntil blind SQL injection remote exploit.
Author:rgod
Homepage:http://rgod.altervista.org/
File Size:15791
Last Modified:Nov 15 11:40:43 2005
MD5 Checksum:2f3468836bec63bf9e67e4be450370b0

 ///  File Name: up-imapproxy-exp.txt
Description:
A format string vulnerability exists in Imapproxy versions 1.2.4 and below. Proof of concept exploit included.
Author:darkeagle
Homepage:http://exploiterz.org/
File Size:3388
Last Modified:Nov 2 07:28:32 2005
MD5 Checksum:c5d3a8768d8bb552161f87506e4c4e92

 ///  File Name: upnp-dos.c
Description:
Denial of service exploit that makes use of a memory leak when sending a specially crafted upnp_getdevicelist request.
Author:Winny Thomas
File Size:27398
Last Modified:Nov 15 11:24:16 2005
MD5 Checksum:58267d81c23e18f5d4b0113c23e8cbb9

 ///  File Name: vbullXSS.txt
Description:
vBulletin 3.5.1 suffers from a cross site scripting flaw due to the control panel not properly sanitizing variables.
Author:[N] Shell
Homepage:http://nshell.h15.ru
File Size:941
Last Modified:Nov 30 21:50:51 2005
MD5 Checksum:1f755609ff408f9dc279f7f2367305c9

 ///  File Name: VHCSXSS.txt
Description:
VHCS version 2.x is susceptible to cross site scripting attacks.
Author:Moritz Naumann
Homepage:http://moritz-naumann.com/
File Size:2673
Last Modified:Nov 30 20:26:46 2005
MD5 Checksum:8d6b5fb521260765932fd6061bd26bd1

 ///  File Name: vubbXSS.txt
Description:
VUBB Alpha RC1 is susceptible to cross site scripting and path disclosure flaws. Details provided.
Author:trueend5
File Size:1460
Last Modified:Nov 2 02:23:29 2005
MD5 Checksum:b80d48302db0771038800f4f8ec48fbe

 ///  File Name: walla30.txt
Description:
Walla Telesite versions 3.0 and below are susceptible to cross site scripting, SQL injection, and more. Details provided.
Author:Rafi Nahum, Pokerface
File Size:3599
Last Modified:Nov 15 11:49:02 2005
MD5 Checksum:f21e14564b8ffda884db2c8e22cdf2d9

 ///  File Name: waraxe-2005-SA043.txt
Description:
Phorum versions 5.0.0.alpha through 5.0.20 are susceptible to SQL injection attacks. Exploitation details provided.
Author:Janek Vind aka waraxe
Homepage:http://www.waraxe.us/
File Size:5157
Last Modified:Nov 8 15:35:05 2005
MD5 Checksum:e177fce92c9484b06a17fa7f1524b966

 ///  File Name: webistanbul.txt
Description:
Webistanbul is susceptible to SQL injection attacks.
Author:khc
File Size:191
Last Modified:Nov 30 21:44:23 2005
MD5 Checksum:66729c603bbb08dfcdb14f44ee49ef61

 ///  File Name: wizzSQL.txt
Description:
Wizz Forum is susceptible to multiple SQL injection attacks. Exploit provided.
Author:HACKERS PAL
File Size:3528
Last Modified:Nov 15 07:12:53 2005
MD5 Checksum:1d4890eeeaae878e9edbcc0b4f09ac81

 ///  File Name: wzdFTPd.pm.txt
Description:
Wzdftpd SITE command arbitrary command execution Metasploit plugin exploit for versions 0.5.4 and below.
Author:David Maciejak
Related Exploit:wzdftpdwarez.pl.txt"
File Size:3272
Last Modified:Nov 5 05:02:01 2005
MD5 Checksum:4525076feb9a2471acc5fd1a9ca7255c

 ///  File Name: x_dtsuids.pl.txt
Description:
Solaris 10 DtPrintinfo/Session exploit for x86.
Author:core
File Size:2103
Last Modified:Nov 8 16:05:18 2005
MD5 Checksum:3eac0baa42e886142249fb50bf8cc94b

 ///  File Name: xarayaDOS.txt
Description:
Xaraya versions 1.0.0. RC4 and below suffer from denial of service and file corruption flaws. Exploitation details provided.
Author:rgod
Homepage:http://rgod.altervista.org
File Size:928
Last Modified:Dec 2 17:30:25 2005
MD5 Checksum:0a56836da136202fc0531cb65cd3a9a4