all things security
Showing 1 - 25 of 67 RSS Feed

Files

0401-exploits.tgz
Posted Feb 23, 2004
Authored by Todd J.

Packet Storm new exploits for January, 2004.

tags | exploit
MD5 | dc3485ad8b2762b423d11d688c681c3e
apache2047.txt
Posted Jan 31, 2004
Authored by Trung - caothuvolam | Site security.com.vn

In the Apache httpd server version 2.0.47, a user can bypass a Deny directive by setting the ErrorDocument directive in their .htaccess file to access a php script which can then access the data they should be denied.

tags | exploit, php
MD5 | 62ade51afc01bff5975f1fa1fdd1605d
serv-ME.c
Posted Jan 31, 2004
Authored by SkyLined

Remote exploit that makes use of a buffer overrun in the Serv-U FTP server versions 4.2 and below that binds a shell to port 28876.

tags | exploit, remote, overflow, shell
MD5 | df97fa08733ac9a559651c1560ae605b
PHPportal.txt
Posted Jan 31, 2004
Authored by Zero-X | Site lobnan.de

PHP Portal is vulnerable to a directory traversal attack.

tags | exploit, php
MD5 | 3f26598e6b2051b1aea5bf2fc745b574
phototool.txt
Posted Jan 31, 2004
Authored by KingSerb

thePHOTOtool is susceptible to SQL injection attacks.

tags | exploit, sql injection
MD5 | 6e55a492fd6335dab5c9c314475707ec
servu3.c
Posted Jan 30, 2004
Authored by mandragore, kkqq

Remote exploit that makes use of a buffer overrun in the Serv-U FTP server versions 4.2 and below.

tags | exploit, remote, overflow
MD5 | 196d47c57e8dd07092d004eaac160800
winblast.sh
Posted Jan 30, 2004
Authored by Steve Ladjabi

Windows XP/2003 Samba file sharing resource exhaustion exploit that commits a denial of service.

tags | exploit, denial of service
systems | windows, xp
MD5 | 1f187919aeadfc08e3f6a4eb4ebd472d
sslexp.c
Posted Jan 30, 2004
Authored by Bram Matthys

Brute forcer for OpenSSL ASN.1 parsing bugs that affects versions 0.9.6j and below and 0.9.7b and below.

tags | exploit
advisories | CVE-2003-0545, CVE-2003-0543, CVE-2003-0544
MD5 | c1c971d5bc02630efc56c819b2b2d5b1
lftp.c
Posted Jan 30, 2004
Authored by Li0n7

Remote exploit that makes use of the try_netscape_proxy() overflow in versions 2.3 to 2.6.9 of lftp.

tags | exploit, remote, overflow
MD5 | aa27e2f0a9caa7e80db62d9cd472b247
phpGedView_v2.txt
Posted Jan 30, 2004
Authored by Cedric Cochin

phpGedView versions 2.65.1 and below suffer from multiple PHP Code Injection vulnerabilities that enable a malicious user to access arbitrary files or execute commands on the server.

tags | exploit, arbitrary, php, vulnerability
MD5 | e9584f2836462dad732d60e5cccaec8d
webBlog11.txt
Posted Jan 30, 2004
Authored by n3rd

Web Blog 1.1 allows for remote command execution due to an unsanitized file variable.

tags | exploit, remote, web
MD5 | 27881ec769823c8bfb94bc4deef2d730
ZH2004-02SA.txt
Posted Jan 29, 2004
Authored by ZetaLabs | Site zone-h.org

PJ CGI Neo review is vulnerable to a directory traversal attack that allows a remote attacker to access any file outside of the webroot.

tags | exploit, remote, cgi
MD5 | f8400a39bd6c8be8aa4b3e6d64609c32
open3sIDSonshowaudit.txt
Posted Jan 29, 2004
Authored by Juan Manuel Pascual Escriba | Site open3s.com

Any user with AAO privileges over the onshowaudit binary in IBM's Informix IDSv9.40 can read any system file.

tags | exploit
MD5 | 7b448d8860aaafd3ade38a2b65910bbb
open3sIDSonedcu.txt
Posted Jan 29, 2004
Authored by Juan Manuel Pascual Escriba | Site open3s.com

A local vulnerability exists in the IBM Informix IDSv9.40 onedcu binary that allows local users to overwrite any root owned file.

tags | exploit, local, root
MD5 | 12bb227bc4ae476a696d8ce008eb5441
BRSwebweaverXSS.txt
Posted Jan 28, 2004
Site oliverkarow.de

BRE WebWeaver version 1.07 is vulnerable a cross site scripting attack.

tags | exploit, xss
MD5 | a51162aec7d678367d96d90ca56ecd80
ZH2004-01SA.txt
Posted Jan 28, 2004
Authored by ZetaLabs

Web Blog 1.1 allows for remote file retrieval outside of the web root via a directory traversal attack.

tags | exploit, remote, web, root
MD5 | e365b5f00e124d7ee17a4838cd679cc3
servu2.c
Posted Jan 27, 2004
Authored by Lion, kkqq

Remote exploit that makes use of a buffer overrun in the Serv-U FTP server versions 4.2 and below.

tags | exploit, remote, overflow
MD5 | 471231a0f4338ed849231470c392dea8
malwareSpoof.txt
Posted Jan 27, 2004
Authored by http-equiv | Site malware.com

Trivial way to do file spoofing in Internet Explorer versions 6.0.2800.1106 and below.

tags | exploit, spoof
MD5 | 494805d0fdbf547e8ba0186e823e4ff2
proxyNow2x.txt
Posted Jan 27, 2004
Authored by Peter Winter-Smith | Site elitehaven.net

ProxyNow! versions 2.75 and below are susceptible to both heap memory corruption and stack-based buffer overflows. Exploitation of these vulnerabilities can lead to a denial of service and/or code execution with SYSTEM privileges. Detailed analysis and exploit included.

tags | exploit, denial of service, overflow, vulnerability, code execution
MD5 | 56a50454322d1252538d57d7ca7db26e
oracleXSS.txt
Posted Jan 26, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

Oracle HTTP Server powered by Apache is susceptible to a cross site scripting attack in its isqlplus script.

tags | exploit, web, xss
MD5 | 908544f617dbc1828099f53c7133c330
BremsServer124.txt
Posted Jan 26, 2004
Authored by Donato Ferrante | Site autistici.org

BremsServer version 1.2.4 is vulnerable to directory traversal and cross site scripting attacks.

tags | exploit, xss
MD5 | 973777ad7fa56b40037a75a4241400b2
servu.c
Posted Jan 26, 2004
Authored by mslug, kkqq

Remote exploit that makes use of a buffer overrun in the Serv-U FTP server versions 4.2 and below.

tags | exploit, remote, overflow
MD5 | 480b668830de70170b51ba045aa17e00
nextplace.txt
Posted Jan 26, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

NextPlace.com E-Commerce ASP engine is susceptible to a cross site scripting vulnerability.

tags | exploit, xss, asp
MD5 | 7537a2a81e8d2aeca8c75ab5ce02048d
inrtra.txt
Posted Jan 26, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

Inrtra Forum is susceptible to a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 41c1438eb8ab726423c3308d1345e047
BWStraversal.txt
Posted Jan 26, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

BWS or Borland Web Server, which is used as the Corel Paradox relational database interface, lacks input validation and is subject to directory traversal attacks. Versions 1.0b3 and below are affected.

tags | exploit, web
MD5 | 8455d25f930d008b12b6b26bb08311d8
Page 1 of 3
Back123Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
Child Safety Smartwatches Easy To Hack, Watchdog Says
Posted Oct 18, 2017

tags | headline, privacy, flaw
Domino's Pizza Delivers User Details To Spammers
Posted Oct 18, 2017

tags | headline, privacy, email, spam, fraud
Microsoft Never Disclosed 2013 Hack Of Secret Vulnerability Database
Posted Oct 18, 2017

tags | headline, hacker, microsoft, data loss, flaw
Adobe Patches Zero-Day Used To Plant Gov't Spying Software
Posted Oct 17, 2017

tags | headline, hacker, government, usa, flaw, cyberwar, adobe, zero day, nsa
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close