KPhone versions 4.0.1 and below are vulnerable to a denial of service attack when receiving a malformed STUN response packet.
12d4c98fd485fb0fefda4a56371fd88ee6fd8c0ce96b29a81aca47739fbb89b8Remote root proof of concept exploit for gv versions 3.5.8 and below. Binds a shell to port 65535. Makes use of an old vulnerability that does not have an exploit circulating for it.
11d8cbe05d44de0b0c307ee9081118802cb84f87aeb270e7921d6390d73955dcRemote exploit that makes use of a SQL injection vulnerability in Phorum version 3.4.7.
9f4cf79038884aae5dcd94f78963562f26d6d2bddc3d43b27874e515c90298cbLocal root exploit for Squirrelmail's chpasswd utility. Original bug found by Matias Neiff.
3c36b2150910beb2509306f98b2cb97e6805d8171120ac5902aad390be155c8dGemitel versions 3.5 and below allow for malicious file inclusion in its affich.php script. This vulnerability allows an attacker to forcibly execute arbitrary scripts from remote resources on the server.
483f0f3f00299f5b8710d0ee6366376e76b18b0d54ae99b5df2b8b47f8dac39dLocal exploit that makes use of the flaw in lsass.exe. Binds a shell to port 31337.
5ab651d859d8f895fdbb8b2254456e49cb8e5b76f76710c0e0c66777d172abb3X-Micro WLAN 11b Broadband Routers versions 1.2.2, 1.2.2.3, 1.2.2.4, 1.6.0.0, and 1.6.0.1 all have a backdoor account of super with a password of super. 1.6.0.1 also has an account 1502 with a password of 1502 hardcoded.
64892dc9a672cf3b949e8d313aac43042cb932445ac5b9c7a5e2041d9398be66Remote denial of service exploit for IIS SSL vulnerability documented in MS04-011.
f960c76a400cb9cfcd8e6e70117716d00cd34051375ddc7429703a7e73802833Proof of concept exploit for the WinZip32 MIME Parsing Overflow. Tested against WinZip 8.1 on Windows XP SP1 and Windows 2000 SP1. Instructions for use are included.
8a7e5cb801e4ff9423fec6d0c994638590a6f7103e548f3888181d78cc1db3c2Proof of concept demonstration exploit for cdp versions 0.4 and below.
71e8dcfd75673f8e3b2dd6868f7308fc0129309e7be74ce7e3020b9fd0c39176SurgeLDAP 1.0g suffers from a directory traversal vulnerability in the user.cgi script due to a lack of input validation.
34ce5dbb260c3c2dd896e707f072cf00a0a21333f04143d00d8e2175bb2c19f1ADA Image Server (ImgSvr) 0.4 suffers from a buffer overflow via GET requests, directory traversal vulnerabilities, and a denial of service flaw.
1370cfce6a031c225513a395b16a06250d429c03c51eb6ad76a3faa9db212314Microsoft Internet Explorer 6.0 allows malicious Javascript to send documents to the printer without notifying the end user.
2c2171de70fe2e714e0da33b8bb2b0a81c2a7c66e84b62519324f0117db82e8dMonit versions 4.2 and below remote exploit that makes use of a buffer overflow in the handling of basic authentication. Binds a shell to port 31337.
ba0446ecc2f07da2a2e4e121bf6475f2fd33ff6fdc434504fec164c267d88c3deMule versions 0.42d and below remote exploit that makes use of the buffer overflow in the DecodeBase16() function. Tested against Windows XP SP1 and Windows 2000 SP4.
3593a07b9342dcd9a1d5535855246fa52ec72837d95266e930d2d5157c286cdbTiki CMS/Groupware (aka TikiWiki) versions 1.8.1 and below suffer from path disclosure, cross site scripting, SQL injection, directory traversal, and arbitrary file upload vulnerabilities.
0beea7b6fb302a52336dbb87602b0275464f82d4af7d6975982a5c965546d0c5X-Micro WLAN 11b Broadband Routers versions 1.2.2 and 1.2.2.3 have a backdoor account of super with a password of super.
2bc9bded9b37b3cbd6030cedf8022c1079fe447269c0aad5e928e1ea9737bdbfProof of concept exploit that causes a denial of service condition in RSniff.
27dd90162b626e64cea457d09acb5e09e8e34397206f3274120e96764781b96fMonit versions 4.1 and below remote denial of service exploit. Tested on Mandrake 9.1.
fd0e0cb327f08cd59490c5fa7b8eb5cdf849d936a4d69a4b1ac7526e864adcddRemote exploit that makes use of overflows in versions 0.4.4 and below of LCDproc's daemon.
88025a702af48e6df6a33abdefbf654f1a43d47098fb37126af799e9e62b42d0NukeCalendar version 1.1.a, the PHP-Nuke Calendar Module, suffers from SQL injection, cross site scripting, and full path disclosure flaws.
9ed68b9089dd4b93ef762cb223c7d26e800b51eb979692145d29e2422ab62f3fLocal root exploit for the Solaris vfs_getvfssw() Loadable Kernel Module Path vulnerability found by Immunity Security.
b55b7e3a00169c3b2dfe431cfa9a812584c8138a714dbbf728f7444853b50ac6Proof of concept exploit that makes use of a format string bug in IGI 2: Covert Strike. Affected versions are 1.3 and below.
e963bebcef000f6153acb4f8a4cc85894d3778effc37a72da254057fb13164a1A lack of proper input validation on Abrior's Encore WebForum allows for remote command execution via Display.cgi.
a225a0cf6ccc802588889328e4dbf45be13b2e47c70b9e1bfe9bbbbcbe463037Under its default, imgSvr version 0.4 allows some security checks to be bypassed allowing an attacker to see the contents of a web directory and see or download the files of a web directory.
b711f350f35077c45e1cc833d486378caef8d18b07e07664db20fa3f484d8e20
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed