Exploit the possiblities
Showing 1 - 25 of 38 RSS Feed

Files

0407-exploits.tgz
Posted Aug 4, 2004
Authored by Todd J.

Packet Storm new exploits for July, 2004.

tags | exploit
MD5 | b5572cacdd04c8411a4a0aa61741425c
antiboard072.txt
Posted Jul 29, 2004
Authored by Josh Gilmour

SQL Injection and cross site scripting vulnerabilities exist in AntiBoard versions 0.7.2 and below due to a lack of input validation of various variables.

tags | exploit, vulnerability, xss, sql injection
MD5 | 7b3e3b69deaf2508cd5bddf064acc884
citadel.advisory-04.txt
Posted Jul 29, 2004
Authored by CoKi | Site nosystem.com.ar

Citadel/UX versions 6.23 and below are vulnerable to a buffer overflow that occurs when more than 97 bytes are sent with the USER directive to port 504.

tags | exploit, overflow
MD5 | 19ca7f050f3b6e57f8fb51c2e642600d
IRM Security Advisory 9
Posted Jul 28, 2004
Authored by IRM Research | Site irmplc.com

IRM Security Advisory 009 - RiSearch version 1.0.01 and RiSearch Pro 3.2.06 are susceptible to open FTP/HTTP proxying, directory listings, and file disclosure vulnerabilities.

tags | exploit, web, vulnerability
MD5 | 1b9d106a4cfb851b8104f1d39a7e039c
bitlanceOpera.txt
Posted Jul 27, 2004
Authored by bitlance winter

A vulnerability in the Opera 7.x series allows phishing attacks due to not updating the address bar if a web page is opened using the window.open function and then replaced using the location.replace function.

tags | exploit, web
MD5 | c14ba26335be0774fdde44f2ac60d3c4
taskSched.c
Posted Jul 27, 2004

Microsoft Windows 2K/XP Task Scheduler local exploit that will spawn notepad.exe.

tags | exploit, local
systems | windows, 2k
advisories | CVE-2004-0212
MD5 | f49cbd2402c17cf6f8afe5bde0383382
nucleusCMSSQL.txt
Posted Jul 27, 2004
Authored by aCiDBiTS

Nucleus CMS version 3.01 addcoment/itemid SQL Injection Proof of Concept PHP exploit that dumps the username and md5 hash of the password for the administrator user.

tags | exploit, php, sql injection, proof of concept
MD5 | 5f33156ab09bacdd615e77aecfc99674
eSeSIX.txt
Posted Jul 26, 2004
Authored by Dirk Loss | Site it-consult.net

eSeSIX Thintune with a firmware equal to or below 2.4.38 is susceptible to multiple vulnerabilities. These include having a backdoored service on a high port with an embedded password giving a remote root shell, various other passwords being stored locally in clear text, and a local root shell vulnerability.

tags | exploit, remote, shell, local, root, vulnerability
MD5 | ed8d2018e1ac3d1f4a1ffa5deebcf6f7
ew_file_manager.txt
Posted Jul 26, 2004
Authored by Sullo | Site cirt.net

The EasyWeb FileManager Module for PostNuke is vulnerable to a directory traversal problem which allows retrieval of arbitrary files from the remote system. Versions affected: EasyWeb FileManager 1.0 RC-1.

tags | exploit, remote, arbitrary
MD5 | 83e6e7c52df462a9020b12bacecc7803
Mozilla_FireFox_25-07-2004.txt
Posted Jul 26, 2004
Authored by E. Kellinis | Site cipher.org.uk

Mozilla FireFox versions 0.9.1 and 0.9.2 has a flaw where it is possible to make a browser load a valid certificate from a trusted website by using a specially crafted onunload event

tags | exploit
MD5 | a68818ff1367d00efcd7648a26f062cd
applePanther.txt
Posted Jul 25, 2004
Authored by B-r00t

Apple OSX Panther 10.3.4 with Internet Connect version 1.3 by default appends to ppp.log in /tmp if the file already exists. If a symbolic link is made to any file on the system, it automatically writes to it as root allowing for an easy local compromise. Detailed exploitation given.

tags | exploit, local, root
systems | apple
MD5 | ce17ecd81b9eb0c5d05363684b7fb20c
floodworldRE2.zip
Posted Jul 24, 2004
Authored by BoSSaLiNiE

FloodWorld, the IRC tool, is susceptible to a denial of service attack due to a mishandling of special characters.

tags | exploit, denial of service
MD5 | 6965bfc35580f8100f3f1777952fc2b1
webcenterSQL.txt
Posted Jul 24, 2004
Authored by Noam Rathaus | Site securiteam.com

Internet Software Sciences's Web+Center version 4.0.1 suffers from a lack of sanity checking when parsing Cookie data and due to this is susceptible to a SQL injection attack. Full exploit provided.

tags | exploit, web, sql injection
MD5 | 4b63eac7ef59184eae48010a67fc6aa5
polarHelp.txt
Posted Jul 24, 2004
Authored by Noam Rathaus | Site securiteam.com

Polar HelpDesk version 3.0 does not adequately verify whether the user logged onto the system has proper administrative access when performing administrative duties.

tags | exploit
MD5 | bd7719f2d67ec7995c2955a53167f60b
httpdDoS.pl
Posted Jul 24, 2004
Authored by Bkbll

Denial of service test exploit for the flaw in Apache httpd 2.0.49.

tags | exploit, denial of service
MD5 | 892497144c85040b5f7f29714ac7ac6b
serenaTeam.txt
Posted Jul 24, 2004
Authored by Noam Rathaus | Site securiteam.com

Serena Software's TeamTrack version 6.1.1 is susceptible to a sensitive content disclosure vulnerability that can be exploited without having valid login credentials. Full exploit provided.

tags | exploit
MD5 | 509e350a19a827535b2c3649d03ac249
netsupportDNA.txt
Posted Jul 24, 2004
Authored by Noam Rathaus | Site securiteam.com

NetSupport DNA Helpdesk 1.x is susceptible to a SQL injection vulnerability. Full exploit provided.

tags | exploit, sql injection
MD5 | 874f8cd71853aef7d01e6755da0430f5
LBEhelpdesk.txt
Posted Jul 24, 2004
Authored by Noam Rathaus | Site securiteam.com

Leigh Business Enterprises's (LBE) Web HelpDesk versions 4.0.80 and below suffer from a SQL injection attack vulnerability. Full exploit included.

tags | exploit, web, sql injection
MD5 | 3eb0d573f0b7fc9ee79cad8841b5498a
sambaPoC.txt
Posted Jul 23, 2004
Authored by Noam Rathaus | Site beyondsecurity.com

Proof of concept exploit code for the Samba 3.x swat preauthentication buffer overflow vulnerability.

tags | exploit, overflow, proof of concept
advisories | CVE-2004-0600
MD5 | eed17fdc529119040e1e6c6a7c44a8a6
wgetusr.c
Posted Jul 23, 2004
Authored by CoKi | Site nosystem.com.ar

Exploit that makes use of the mod_userdir vulnerability in various Apache 1.3 and 2.x servers. Ported to Windows by John Bissell.

tags | exploit
systems | windows
MD5 | f31b7dbf6a8e67ce8d301fa3f4d4e38b
OpteronMicrocode.txt
Posted Jul 22, 2004
Authored by anonymous

This document details the procedure for performing microcode updates on the AMD K8 processors. It also gives background information on the K8 microcode design and provides information on altering the microcode and loading the altered update for those who are interested in microcode hacking. Source code is included for a simple Linux microcode update driver for those who want to update their K8's microcode without waiting for the motherboard vendor to add it to the BIOS. The latest microcode update blocks are included in the driver.

tags | exploit
systems | linux
MD5 | 925bf1b56a160a7d79d11e38398da7d2
FlashFTPtraverse.txt
Posted Jul 22, 2004
Authored by CoolICE

Flash FTP Server version 1.0 (and possibly 2.1) for Windows is susceptible to a directory traversal attack.

tags | exploit
systems | windows
MD5 | d888fba71a170149b81755762462a516
getusr.c
Posted Jul 20, 2004
Authored by CoKi | Site nosystem.com.ar

Exploit that makes use of the mod_userdir vulnerability in various Apache 1.3 and 2.x servers.

tags | exploit
MD5 | 8662511387d1c9dfabc4db3091ec50b0
unrealdecloak.tar.gz
Posted Jul 20, 2004
Authored by bartavelle | Site bandecon.com

Unreal Decloak Toolkit version 0.1 illustrates the weak hashing system vulnerability in Unreal ircd 3.2 and previous versions.

tags | exploit
MD5 | 5512163169f37e6ffb23144310121895
waraxe-2004-SA036.txt
Posted Jul 18, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

The third advisory in a three part series discussing more flaws in PHP Nuke ranging from full patch disclosure and cross site scripting to SQL injection attacks.

tags | exploit, php, xss, sql injection
MD5 | d6045cd8d9461ee83afbb029ddfb0afd
Page 1 of 2
Back12Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
NYPD Cops Need A Warrant To Snoop On Your Phone
Posted Nov 17, 2017

tags | headline, government, privacy, usa, phone
Oracle Scrambles To Fix Security Flaws In Tuxedo
Posted Nov 17, 2017

tags | headline, database, flaw, oracle
Github To Devs: Now You'll Get Security Alerts On Flaws In Popular Software Libraries
Posted Nov 17, 2017

tags | headline, flaw
Keystone Pipeline Leaked 210,000 Gallons Of Oil In South Dakota
Posted Nov 17, 2017

tags | headline, flaw
Cash Converters Reveals Data Breach
Posted Nov 16, 2017

tags | headline, hacker, cybercrime, data loss, fraud, identity theft
Kaspersky Defends Its Role In NSA Breach
Posted Nov 16, 2017

tags | headline, government, malware, usa, russia, data loss, spyware, nsa
McAfee Anti-Hacking Service Exposed Users To Banking Malware
Posted Nov 16, 2017

tags | headline, malware, bank, cybercrime, fraud, flaw, identity theft, mcafee
DJI Bug Bounty NDA Is 'Not Signable', Say Irate Infosec Researchers
Posted Nov 16, 2017

tags | headline, hacker, flaw
Government Just Figures Out You Can Hack Planes Remotely Due To Poor Design
Posted Nov 15, 2017

tags | headline, government, usa, flaw, terror
UK Security Chief Blames Russia For Hacks
Posted Nov 15, 2017

tags | headline, hacker, government, britain, russia, cyberwar
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close