exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 62 RSS Feed

Files

0403-exploits.tgz
Posted May 4, 2004
Authored by Todd J. | Site packetstormsecurity.com

Packet Storm new exploits for March, 2004.

tags | exploit
SHA-256 | cfaceed6fb98501b73a6b3f8ffef33d4ba76ca8a5e534ed5c8ac151d426863f7
systrace.txt
Posted Apr 7, 2004
Authored by Brad Spengler | Site grsecurity.net

Full detailed analysis and explanation of a systrace vulnerability that exists in various kernels. This problem was silently fixed in the Linux 2.4.24 kernel release without any real acknowledgment to the security community. Full exploit included.

tags | exploit, kernel
systems | linux
SHA-256 | d775badadce007939d2e0dba2995c99fc100ea67e86a786f9873d0a75de4ecca
wilco.zip
Posted Mar 31, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

A testing tool for RogerWilco versions 1.4.1.6 and below and RogerWilco Base Station versions 0.30a that suffer from multiple bugs.

tags | exploit
SHA-256 | 14c6e5ed23cc0c634f1bc2f64b1c2e52542ccfb2535f2b0a11d8230fe7a7b9f7
ieBad.txt
Posted Mar 31, 2004
Site malware.com

Good write up discussing how Microsoft has yet again dropped the ball on patching another Internet Explorer vulnerability, where using forms can allow an attacker to spoof a fake destination to the user.

tags | exploit, spoof
SHA-256 | 518c6b718d88df9d2c880d83b2441bc75030395324543fe528bc4edcbeffb0c0
Adv-20040331.txt
Posted Mar 31, 2004
Authored by Nick Gudov | Site s-quadra.com

S-Quadra Advisory #2004-03-31 - CactuShop shopping cart versions 5.x suffer from a SQL injection attack that allows for remote code execution via the MS SQL xp_cmdshell function. They also have a cross site scripting vulnerability.

tags | exploit, remote, code execution, xss, sql injection
SHA-256 | d6c5fc742f5d4a4adf31b6ea32e79a6ba6bdfbf8a51f4d9d2fa1268682a60811
acartSQL.txt
Posted Mar 29, 2004
Authored by Manuel Lopez

A-CART Pro and A-CART 2.0 suffer from input validation holes that allow for SQL injection and cross site scripting attacks. Full exploitation demonstrated.

tags | exploit, xss, sql injection
SHA-256 | 8f3fb7e46432c3d39ecb946dbebf7c30a6f165544414b8ef971ac87628e8bb6b
cloisterblog.txt
Posted Mar 28, 2004
Authored by Dotho | Site Badcode.org

Cloisterblog version 1.2.2 does not perform proper parameter auditing derived from user inputs allowing for multiple cross site scripting issues and also directory traversal attacks.

tags | exploit, xss
SHA-256 | ad7a65199d44ffe90b5967f13b1fb489c3ed72e4ea746029182cab805dea4ea6
Invision Gallery 1.0.1 SQL Injection
Posted Mar 28, 2004
Authored by James Bercegay | Site gulftech.org

Invision Gallery version 1.0.1 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2004-1835, OSVDB-4472
SHA-256 | d98347f9af4bab53d06e75dd9b5f371ddf4650a1a25b680feefcfc90104fc437
557iss_pam_exp.c
Posted Mar 28, 2004
Authored by Sam Chen

RealSecure / BlackICE iss_pam1.dll remote overflow exploit.

tags | exploit, remote, overflow
SHA-256 | e2fc858b9f9cc7a467f97fb6df2ab7fd3ca8487e650f1c461da6ed12d27856a1
ethereal.igap.c
Posted Mar 28, 2004
Authored by Nilanjan De, Abhisek Datta | Site eos-india.net

Ethereal IGAP Dissector Message overflow remote root exploit that spawns a shell on port 31337. Makes use of the vulnerability that exists between versions 0.10.0 to 0.10.2. Tested under Gentoo and RedHat 8.

tags | exploit, remote, overflow, shell, root
systems | linux, redhat, gentoo
SHA-256 | e66736e8f6c88b3f65c10debc6650dc308d86154626ac036dbc5e4f7693e4f95
waraxe-2004-SA013.txt
Posted Mar 27, 2004
Authored by Janek Vind aka waraxe

A SQL injection vulnerability in PHPBB versions 2.0.8 and below allows an attacker the ability to extract the administrator password hash.

tags | exploit, sql injection
SHA-256 | 79435b6428a517c7a224d8c38bddd4759ed0c9fd6cec34a473af09fcbbf5d078
waraxe-2004-SA012.txt
Posted Mar 27, 2004
Authored by Janek Vind aka waraxe

Multiple SQL injection and cross site scripting vulnerabilities lie in XMB 1.8 Partagium SP3 and 1.9 Nexus Beta. Full exploitation syntax given.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | bd4cabcfa43f68af65bfece48818f4435386a8180e4f61c0fdeb6b20508d212d
netsupport.txt
Posted Mar 27, 2004
Authored by spiffomatic 64

Invision NetSupport School Pro stores passwords in a manner that allows their encryption to be easily reversed. Exploit written in Pascal is included.

tags | exploit
SHA-256 | eebc0c7480c35293df0babcb826181b8e49fd1c0911c945d3fcdd53716fc2014
MSWordPW.txt
Posted Mar 26, 2004
Authored by Andrew Barkley

Information on how to bypass Password protection on Microsoft Word documents with step by step instructions given.

tags | exploit
SHA-256 | bb774d9093b8a8ba89b18c15d9bf70cbb6976db2c192ab68cb19c19761a46a6a
ethboom.zip
Posted Mar 26, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Remote proof of concept exploit for Etherlords I versions 1.07 and below and Etherlords II versions 1.03 and below that causes a crash.

tags | exploit, remote, proof of concept
SHA-256 | 2842c60e89c6f95ad1c30077452b1d49bc3be2b59425bce7ad28b436ed1f7bfb
vz-eSignal76.pl
Posted Mar 26, 2004
Authored by insect | Site viziblesoft.com

Remote exploit for eSignal versions 7.6 and 7.5 that downloads and executes a file.

tags | exploit, remote
SHA-256 | 4de8ee1d043050fc6b60d8d9e1cf57973ba65d5c71d9339504b1035fc27cfc36
hpjadmadv.txt
Posted Mar 24, 2004
Authored by wirepair

HP Web JetAdmin Version 7.5.2546 has multiple vulnerables. They include denial of service, the ability to upload any file to the server, the ability to write to any file on the filesystem, and the ability to read any file via a directory traversal attack.

tags | exploit, web, denial of service
SHA-256 | 780900bad23973701e54c68a4f7f56ef66254bb168b915fea16bf8201c311dc8
picobof.zip
Posted Mar 24, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Proof of concept exploit for PicoPhone versions 1.63 and below that makes use of a buffer overflow in the logging functionality.

tags | exploit, overflow, proof of concept
SHA-256 | e0631cf6bec415c1808b84f96b56815afd7052f75d64d713abeba40da34a113c
trendmicro.txt
Posted Mar 24, 2004
Authored by Tri Huynh

TrendMicro Interscan Viruswall versions 3.5 and below suffer from a directory traversal vulnerability that allow a remote attacker to access any files outside of the web root.

tags | exploit, remote, web, root
SHA-256 | f25f638f906ad129cdbb8d328799330facc7b5d94a900c921325721bd2ecf3f8
t3cbof.zip
Posted Mar 24, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Remote proof of concept denial of service exploit for Terminator 3 that makes use of a broadcast client buffer overflow.

tags | exploit, remote, denial of service, overflow, proof of concept
SHA-256 | 0d641c022483a59a51b40970eba53e0b52c0c58762425942c400509db3dae76f
ragefreeze.zip
Posted Mar 24, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Remote denial of service exploit for The Rage game versions 1.01 and below.

tags | exploit, remote, denial of service
SHA-256 | 4cce12588b3ef0ace39cff4594e1a48cf42cba02f088ee85aa601d736d465c5a
wsftp402eval3.txt
Posted Mar 23, 2004
Authored by Hugh Mann

Ipswitch WS_FTP server version 4.0.2.EVAL allows for a local attacker with program execution privileges to run anything with SYSTEM privileges. Full step-by-step exploitation given.

tags | exploit, local
SHA-256 | 09db33767583c0197cf2fc533a27f68d312a5b5a994ac463fa779980c06c0d47
xp_ws_ftp_server.zip
Posted Mar 23, 2004
Authored by Hugh Mann

Remote exploit for Ipswitch WS_FTP server version 4.0.2.EVAL that makes use of a buffer overflow in the STAT command.

tags | exploit, remote, overflow
SHA-256 | e993fa25947b8629ad5a12de268189a00ea40196ac545b8061e970e085a73b11
newsmanlite25.txt
Posted Mar 23, 2004
Authored by Manuel Lopez

News Manager Lite 2.5 and News Manager Lite administration suffer from cross site scripting, SQL injection, and cookie hijacking vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | c6b957877bb54eb34a118dda9d6a1ea76f8fd56c3ed84f5494f8e2553fe802e9
memmansys21.txt
Posted Mar 23, 2004
Authored by Manuel Lopez

Input validation holes in Member Management System version 2.1 allow for SQL injection and cross site scripting attacks.

tags | exploit, xss, sql injection
SHA-256 | 8843ba631656a0d022b943d1f9ed88a01141aac6cffc9a70563c08e061916c03
Page 1 of 3
Back123Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close