exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 47 of 47 RSS Feed

Files

eudoraURL.txt
Posted May 9, 2004
Authored by Paul Szabo

Eudora for windows has a buffer overflow in versions 6.1, 6.0.3, and 5.2.1. Sample exploitation included.

tags | exploit, overflow
systems | windows
SHA-256 | e1c845825eb5408eef5c7fae221f1e6a0db42ab375456108da90f20b60b04384
waraxe-2004-SA027.txt
Posted May 7, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

PHP-Nuke version 6.x through 7.2 suffer from various SQL injection and cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss, sql injection
SHA-256 | ad379be5f5c68b56e0ab441f91d7a6268421e39c8a16990e45fab5dbff03f558
exim1.html
Posted May 7, 2004
Authored by Georgi Guninski | Site guninski.com

Two stack based buffer overflows exist in Exim 3.35. Both bugs need features enabled and are not in the default configuration. Proof of concept exploitation given.

tags | exploit, overflow, proof of concept
SHA-256 | 353e702b40c92a2c6f894d544e776cf46bb65be439d7576759dac932b6645004
SP Research Labs Advisory 11
Posted May 7, 2004
Authored by Badpack3t, SP Research Labs | Site security-protocols.com

MyWeb version 3.3 is susceptible to a buffer overflow attack when a specifically crafted HTTP GET request which contains over 4096 bytes of data is sent to the server.

tags | exploit, web, overflow
SHA-256 | 8c6ae777b6a360a4f96a220dd57b6374108d8a4834630ebc996a37fed98c9050
titanDoS.txt
Posted May 7, 2004
Authored by storm | Site securiteam.com

A security vulnerability exists in South River Technologies' Titan FTP Server. An attacker issuing a LIST command and disconnecting before the LIST command had the time to connect, will cause the program to try and access an invalid socket. This results in the FTP service crashing. Version affected: 3.01 build 163.

tags | exploit
SHA-256 | fb3ef6076a6e79f2243e64e12aba03fa357bda221b1e27fdd0e0eb401cb48a53
gyan_sendmail.c
Posted May 7, 2004
Authored by Gyan Chawdhary

Local root exploit for sendmail versions 8.12.9 and below that makes use of the prescan function vulnerability originally discovered by Michal Zalewski back in September.

tags | exploit, local, root
SHA-256 | 6b92118a7fe3130fa6ec45d888da04dc8d72dfd1264fed483ce66005c203ca9d
phpx326.txt
Posted May 7, 2004
Authored by James Bercegay | Site gulftech.org

PHPX versions 3.2.6 and below have cross site scripting, path disclosure and arbitrary command execution vulnerabilities. Full exploitation given.

tags | exploit, arbitrary, vulnerability, xss
SHA-256 | 721b697fe7688e4f5cd82bffa98fa28968a6f5bafa7c37047140619bc081fa19
4nalb.pl
Posted May 5, 2004
Authored by adil

Remote exploit that makes use of a file inclusion vulnerability in 4nalbum module version 0.92. To use, you must change the retrieve URL to point to a script that binds a shell to port 1234 of the server.

tags | exploit, remote, shell, file inclusion
SHA-256 | 3a7ac4cceaeef914f10ea4087f7dad06d55ce85def6e4463349e310e545c3d38
autoRST.c
Posted May 4, 2004
Authored by Matt Edman

autoRST is an automated TCP RST exploit. It uses the Winpcap libraries to sniff for TCP packets on a network and then sends out a forged RST packet after calculating the appropriate sequence number and forging the MAC address. Makes use of the recent vulnerable released by Paul A. Watson.

tags | exploit, tcp
advisories | CVE-2004-0230
SHA-256 | 42cb6ede12e9199900a5e6282342a4505e4a0df06f3b97e39afc1e2143e7b326
sq-chpass-exp.c
Posted May 4, 2004
Authored by Michal Stys

Local root exploit for Squirrelmail's chpasswd utility. Tested on GNU/Debian with kernel 2.4.24 and on RH 9.0 shrike with kernel 2.4.20. Original bug found by Matias Neiff.

tags | exploit, kernel, local, root
systems | linux, debian
SHA-256 | 6157a4eb97ac74cc3337b905b33aa88c26ff87f621b2f36ac1cf440cdd4a4aad
xxchat-socks5.c
Posted May 4, 2004
Authored by vade79

X-Chat versions 2.0.8 through 1.8.0 remote exploit that makes use of a buffer overflow in the SOCKS-5 proxy code. Successful exploitation binds a shell to port 7979.

tags | exploit, remote, overflow, shell
SHA-256 | 2fee8170f90a051fd47c72f81150fec692e3bf4fac546c3cd394c69c90bc8001
servuLIST.txt
Posted May 4, 2004
Authored by storm

Serv-U ftpd versions older than 5.0.0.6 suffer from a flaw where a user issuing a long parameter as a value to a LIST command can cause the server to try and read a value that is outside the memory location causing a crash.

tags | exploit
SHA-256 | a65b66ef8af1cc9495cc9fd0ca5c58f21b69e261b6e0304aa32ec1022fd5e31b
aldosweb.txt
Posted May 4, 2004
Authored by Oliver Karow | Site oliverkarow.de

Aldo's web server version 1.5 on Windows is susceptible to path disclosure and pathetic directory traversal attack that allows for remote access to any file on the system.

tags | exploit, remote, web
systems | windows
SHA-256 | 639a5b9daeec5ce3fedb73bbc100d9733a8a0a3dfedccdc525198e2cf000b64e
dwgenkey.c
Posted May 4, 2004
Authored by ax09001h

Dameware's Mini Remote Control System version 4.2 uses a weak key agreement scheme. The scheme consists of the sharing of pointers into a fixed key lookup table. Both the client and the server have access to a key lookup table (KLT) consisting of 1000 32-bit values.

tags | exploit, remote
SHA-256 | 2a0a8f9b0413c82fcc2ef7d6bb5e5aee1c479ab3b69d3d2982122a9159c3e2fe
SMCwhoops.txt
Posted May 3, 2004
Authored by user86

SMC broadband routers ship with remote administration enabled by default on port 1900 on the WAN side of the router. Hitting the external IP address on port 1900 and clicking Login allows a malicious attacker to gain full access to the device. Tested against model 7008ABR and 7004VBR.

tags | exploit, remote
SHA-256 | 3eee3cdb3e0331844cad85a831f6ec24d5f5d0c1e6400811a41972102e98b154
squirrel142.txt
Posted May 3, 2004
Authored by Alvin Alex

SquirrelMail, a PHP based webmail package, has multiple cross-site scripting vulnerabilities. Version 1.4.2 and earlier are affected.

tags | exploit, php, vulnerability, xss
SHA-256 | 2f2e665712060e5df5c10bd96dd7606949f7106b400202b941123e7e8a1244ca
callds.c
Posted May 1, 2004

MS04-011 DsRoleUpgradeDownlevelServer remote exploit. Submitted anonymously.

tags | exploit, remote
SHA-256 | c345e1ceaf031691148d79a9fafffd9b68fdbe6f2ffeb4b7ad70da3edd68b5fe
04252004.ms04011lsass.c
Posted May 1, 2004
Authored by sbaa

Remote exploit for the Lsasrv.dll RPC buffer overflow. To make this exploit work remotely you have to use the sbaaNetapi.dll which modifies the DsRoleUpgradeDownlevelServer API.

tags | exploit, remote, overflow
SHA-256 | c155fee77b812701dd4efb98b8ad352943a5fa4ca64edab679c6ddefca7a2e45
HOD-ms04011-lsasrv-expl.c
Posted May 1, 2004
Authored by houseofdabus

Remote exploit for the Lsasrv.dll RPC buffer overflow. Tested against various Russian and English versions of Windows XP Professional, Windows 2000 Professional, and Windows 2000 Advanced Server.

tags | exploit, remote, overflow
systems | windows
SHA-256 | b67594dc0860e55e0a2dbb1361ffe68073b8564d93f740595e75b36e19a82e49
hsftpexpl.tgz
Posted May 1, 2004
Authored by priestmaster | Site priestmaster.org

HSFTP versions 1.11 and below remote exploit that makes use of a format string vulnerability when processing file names.

tags | exploit, remote
SHA-256 | 0f0b1134f526e9e119a43dac0a36550ab2c1495e9c627acdb6f4557b53503898
Cisco Global Exploiter
Posted May 1, 2004
Authored by Nemesis, BlackAngels, E4m | Site blackangels.it

Cisco Global Exploiter is a tool that demonstrates exploitation of the various Cisco buffer overflow and denial of service vulnerabilities. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".

tags | exploit, remote, web, denial of service, overflow, arbitrary, protocol, memory leak, bypass
systems | cisco, windows
SHA-256 | d9ebaf0cd3d01a7813e46a67bf12eaee98841234ed430e3ca3ae69831f7dfb62
Microsoft Windows LSASS Buffer Overrun
Posted May 1, 2004
Authored by OCANOR

Microsoft Windows LSASS (Local Security Authority Subsystem Service) is prone to a remotely exploitable buffer overrun vulnerability. The specific vulnerable system component is LSASRV.DLL. Successful exploitation of this issue could allow a remote attacker to execute malicious code on a vulnerable system, resulting in full system compromise. This exploit produces a shell.

tags | exploit, remote, overflow, shell, local
systems | windows
SHA-256 | 3028a82b21c514fb8370c4391a58a4050e0b3aa2d874a827f1748ed35a4edee8
Page 2 of 2
Back12Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close