Exploit the possiblities
Showing 1 - 25 of 46 RSS Feed

Files

0405-exploits.tgz
Posted Jun 2, 2004
Authored by Todd J.

Packet Storm new exploits for May, 2004.

tags | exploit
MD5 | c7c6dcba49cac0ffb39a99362baa0fc4
waraxe-2004-SA031.txt
Posted May 30, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

e107 version 0.615 is vulnerable to full path disclosure, cross site scripting, remote file inclusion, and multiple SQL injection attacks.

tags | exploit, remote, xss, sql injection, file inclusion
MD5 | 97ae0e46335f1d8621318b47bb8ed913
jportal.txt
Posted May 30, 2004
Authored by Maciek Wierciski

JPortal is susceptible to SQL injection attacks and also stores the administrator password in the clear.

tags | exploit, sql injection
MD5 | 5d99778db6af0ad83abc1d85e30297a1
metaexpl.tgz
Posted May 26, 2004
Authored by priestmaster | Site priestmaster.org

Metamail remote exploit that makes use of a buffer overflow and upon successful exploitation, binds a listening socket to UDP/13330 awaiting shellcode. Affected versions: 2.2 through 2.7.

tags | exploit, remote, overflow, udp, shellcode
advisories | CVE-2004-0104, CVE-2004-0105
MD5 | c25cca5f2ea199cb78714642d720a041
SP Research Labs Advisory 13
Posted May 26, 2004
Authored by Badpack3t, SP Research Labs | Site security-protocols.com

Orenosv HTTP/FTP server version orenosv059f is susceptible to a remote denial of service attack when supplied with an overly long GET request.

tags | exploit, remote, web, denial of service
MD5 | b808aeba5f9878b8e97a72d00f4c1090
SP Research Labs Advisory 12
Posted May 24, 2004
Authored by Badpack3t, SP Research Labs | Site security-protocols.com

BNBT BitTorrent Tracker Beta 7.5 Release 2 and earlier versions are susceptible a denial of service due to a malicious crafted HTTP GET request. Sample exploit included. Tested on Windows XP SP1.

tags | exploit, web, denial of service
systems | windows, xp
MD5 | d70ca4fb4aa9ee3fd6e78f911a191794
allegrodos.txt
Posted May 24, 2004
Authored by Seth Alan Woolley

Amusing simple one-liner that shows that 3COM 812 ADSL modems are still susceptible to 4 year old denial of service attacks.

tags | exploit, denial of service
MD5 | 1125ca25c5750a65274d642901167a37
cvs_solaris_HEAP.c
Posted May 20, 2004

Remote root exploit for stable CVS releases up to 1.11.15 and CVS feature releases up to 1.12.7. Solaris version. Anonymously submitted.

tags | exploit, remote, root
systems | solaris
advisories | CVE-2004-0396
MD5 | 2172d2e08430a16cd515d19de297d1de
cvs_linux_freebsd_HEAP.c
Posted May 20, 2004

Remote root exploit for stable CVS releases up to 1.11.15 and CVS feature releases up to 1.12.7. Linux and FreeBSD version. Anonymously submitted.

tags | exploit, remote, root
systems | linux, freebsd
advisories | CVE-2004-0396
MD5 | 9cfad9f85d417e6bc59595d2781f88e6
advisory13.txt
Posted May 19, 2004
Authored by l0om | Site excluded.org

osCommerce versions 2.x suffer from a directory traversal attack that allows for access to directories outside of the webroot.

tags | exploit
MD5 | 9f27e4abcf8a58882000fc1a740db958
EXP_OmniHTTPd.BAT
Posted May 19, 2004
Authored by CoolICE

Remote exploit for OmniHTTPd versions 3.0a and below.

tags | exploit, remote
MD5 | 38dc667070590ecbe6ef30723398ab92
wgetuhoh.txt
Posted May 18, 2004
Authored by Hugo Vazquez

Wget versions 1.9 and 1.9.1 are susceptible to a symlink attack during a phase where it downloads the file to a temporary filename but does not actually lock the file.

tags | exploit
MD5 | 7883f0415aa5768d71876d6b6214fc75
HOD-symantec-firewall-DoS-expl.c
Posted May 14, 2004
Authored by houseofdabus

Remote denial of service exploit that makes use of the flaw eEye found in Symantec Norton Personal Firewall and other related products. Sends a malicious DNS response packet to a vulnerable host, causing the kernel to go into an infinite loop. Tested against Symantec Norton Personal Firewall 2004.

tags | exploit, remote, denial of service, kernel
MD5 | af83f044e54bf09bbd062d507cf42714
linksys-dhcp-exploit.c
Posted May 13, 2004
Authored by Jon Hart | Site spoofed.org

Remote proof of concept exploit for various Linksys routers that have flaws in the way they return BOOTP packets. In each legitimate response, BOOTP fields are filled in with portions of memory from the device, allowing a remote attacker to sniff traffic and crash the device.

tags | exploit, remote, proof of concept
MD5 | 24f9533fa0e628134039465bd5cf8dc0
ftpgrep.c
Posted May 13, 2004
Authored by l0om | Site excluded.org

ftpgrep tries to grep for valid users on remote machines using the old CWD ~ ftpd bug found in wuftpd and some other variants.

tags | exploit, remote
MD5 | 5aa0a9f328551d2162919d3f19134247
monit41.pl
Posted May 11, 2004
Authored by Shadowinteger

Remote exploit for Monit 4.1 that uses connect back shellcode. This exploit makes use of a buffer overrun when an overly long username is passed to the server.

tags | exploit, remote, overflow, shellcode
MD5 | 25f80041bd01686cdfe6e4a1c1287a64
sasserftpd.c
Posted May 11, 2004
Authored by mandragore

Remote exploit for the Sasser worm ftpd server that spawns on port 5554.Targets included for Windows XP and 2000. Note: To use this against Sasser.e, change the port to 1023.

tags | exploit, worm, remote
systems | windows, xp
advisories | CVE-2003-0533
MD5 | be9399c6c8b87c60bab1a07bd359570a
paxdos.c
Posted May 11, 2004
Authored by Shadowinteger

PaX with CONFIG_PAX_RANDMMAP for Linux 2.6 denial of service proof of concept exploit the send the kernel into an infinite loop. Originally discovered by ChrisR.

tags | exploit, denial of service, kernel, proof of concept
systems | linux
MD5 | 001c4ea7efedf19d582a2e5969a9939b
getlvcb.c
Posted May 11, 2004
Authored by matt0x | Site secnetops.com

Local exploit for IBM AIX versions 4.3.3, 5.1 and 5.2 which are vulnerable to a buffer overflow. The overflow is caused by improper bounds checking via the getlvcb and putlvcb utilities. By supplying a long command line option, a local attacker, with root group privileges, could overflow a buffer and gain root privileges on the system.

tags | exploit, overflow, local, root
systems | aix
MD5 | 18e3a10abcb8da2def7f727f56655658
emule042e.pl
Posted May 11, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

Remote denial of service exploit for Emule 0.42e.

tags | exploit, remote, denial of service
MD5 | 22b00d28a310b84818beaccb735f864f
auxploit-1.0.tgz
Posted May 9, 2004
Authored by Teolupus

Auxploiter is a remote exploitation tool for the c:\aux vulnerability and is able to completely lock a user mail client. Outlook and other mail clients read this message using Internet Explorer, which is touchy to this vulnerability.

tags | exploit, remote
MD5 | 2fead7d1eee1fdd581feab5491a730b3
305-pound.c
Posted May 9, 2004
Authored by Nilanjan De | Site eos-india.net

Pound versions 1.5 and below local and remote format string exploit. Only works locally if pound is setuid.

tags | exploit, remote, local
MD5 | b83dfe24c5d7c4676f6fcaf697c34950
WFBE.txt
Posted May 9, 2004
Authored by Tom

Write up detailing how to defeat file browsing restrictions on Windows 98 running Novell 3.2.0.0.

tags | exploit
systems | windows, 9x
MD5 | fbffc04301a182cd73ebc11c1d9aa44f
win_msrpc_lsass_ms04-11_Ex.c
Posted May 9, 2004
Authored by houseofdabus, froggy 3s

Remote exploit for the Lsasrv.dll RPC buffer overflow. Tested against various Russian and English versions of Windows XP Professional, Windows 2000 Professional, and Windows 2000 Advanced Server. Ported to compile properly on Linux.

tags | exploit, remote, overflow
systems | linux, windows, 2k, xp
MD5 | e0f5a330f2b3069d91d6a22b3f60bede
waraxe-2004-SA028.txt
Posted May 9, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

The Nuke jokes module for PHPNuke is susceptible to path disclosure, cross site scripting, and SQL injection attacks.

tags | exploit, xss, sql injection
MD5 | d66d60d7836ef40f78ee42673d0e47b9
Page 1 of 2
Back12Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
BIND Comes Apart Thanks To Ancient Denial Of Service Vuln
Posted Jan 17, 2018

tags | headline, dns, denial of service, flaw
Another Round Of Click-Fraud Extensions Pulled From Chrome Store
Posted Jan 17, 2018

tags | headline, malware, phone, google
Satori Botnet Successor Targets Ethereum Mining Rigs
Posted Jan 17, 2018

tags | headline, malware, bank, botnet, fraud
Flaw In VR Porn App Leaves 20,000 Names Exposed
Posted Jan 17, 2018

tags | headline, privacy, flaw
After False Hawaii Missile Notice, FCC Launches Investigation
Posted Jan 15, 2018

tags | headline, government, usa, cyberwar
MaMi Malware Targets Mac OS X DNS Settings
Posted Jan 15, 2018

tags | headline, malware, dns, fraud, apple
Meltdown-Spectre Patches Causing Issues With Industrial Companies
Posted Jan 15, 2018

tags | headline, flaw, patch, scada, intel
Oracle Still Silent On Meltdown, But Lists Patches For x86 Servers Among 233 New Fixes
Posted Jan 15, 2018

tags | headline, database, flaw, patch, oracle, intel
House Expands Warrantless Surveillance Against US Citizens
Posted Jan 12, 2018

tags | headline, government, privacy, usa, phone, spyware, nsa
Retpoline Fix Supposedly Solves Performance Hits For Spectre
Posted Jan 12, 2018

tags | headline, flaw, google, patch, intel
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close