Packet Storm new exploits for December, 2004.
3d0a541138e68ce92e47218058e9567b496ad7fe524b3156fcdf329898ce7cd6
Packet Storm new exploits for all of 2004.
fb601255d4be50e99ebb0952e0c847f73241c8ecf4a4d95bd3db855653c55fca
Remote Microsoft Windows 2000 WINS exploit that has connectback shellcode. Works on SP3/SP4.
d2152c45929430731c0dd099a9a070fa4074d6ea1f2186221cc81aabd85c4f89
Remote proof of concept exploit for the NetDDE buffer overflow vulnerability as described in MS04-031. Tested on: Windows XP Professional SP0, Windows XP Professional SP1, Windows 2000 Professional SP2, Windows 2000 Professional SP3, Windows 2000 Professional SP4, Windows 2000 Advanced Server SP4.
ed242658979dfa1884e2aa77a982d4ccf26b819190eca90639d35aa38c38b027
KorWeblog suffers from a directory traversal vulnerability that enables malicious attackers to access files and include malicious php files. Versions 1.6.2-cvs and below are susceptible.
dfd299c99981ec960300f24328bfeb043fe798ab0aaf68b62781b852e862fae7
Proof of concept exploit for Internet Explorer version 6.0.3790.0 that demonstrates an FTP download path disclosure flaw.
55766c1390d55c6c760ceb55d4900a3e20b18e356cac593b6b1db3e83688ca41
A heap overflow in Mozilla browser versions 1.7.3 and below in the NNTP code may allow for arbitrary code execution.
d6dc6a959b8812c3ef22ec8765b647390f6ac1056c0d6c36d151eedf7bb4bf0e
PHP-Calendar suffers from a file inclusion vulnerability. All versions are affected.
f24f9c929a06b9631a27ebe5f0b8b4cd5d75fdd417bed107a0930d8350e2200e
WHM AutoPilot version 2.4.6.5 and below suffer from information disclosure, cross site scripting, and file inclusion vulnerabilities.
00375b092ada0d351c45c3877bcf0495a8acc87237d495f9a48c3f095aa3943c
Moodle versions 1.4.2 and below suffer from cross site scripting and file inclusion vulnerabilities.
20a88b5ca7c3837bc9b00a2ac666df38ab3d969102f0541475500cbc3afa5baa
A buffer overflow in netcat can allow for remote compromise. Full exploit provided.
6a870fa91a4f04d8ae387bc3eabd6a0168c21283e0b69caa9982ad23d72b9073
Internet Explorer remote command execution exploit that is a variant of the Auto SP2 RC exploit.
f4f4b7218cd16515561038927a4bf875bba1f2cff8e2b0b869c078838950afda
Simple html code that exploits the Microsoft Windows Kernel ANI file parsing denial of service vulnerability.
cf44a30717cbfa87a4eca787700675a9ccf6dfd210ede54e536d2f945a868853
New PHP based worm that targets any vulnerable page or script with a remote file inclusion vulnerability.
f686e3ce87521020d566eb54425d1d16f068cd1e65357f20186d576f792c1994
Internet Explorer HTML Help Control Local Zone bypass exploit that can be used against Microsoft Windows XP versions SP2 and below.
f0270bd2a77960daa6990750e5a46b0c50df9742d4ff6f78a288c4f82917ef38
yacy version 0.31 is susceptible to a cross site scripting attack.
d64d8c10568564ba1a5c218da503bc0f39e78f0f0dfa75004c3a458b24efa51f
New version of the phpBB worm that successfully works against a patched phpBB 2.0.11. The scripts in this tarball are the worm itself and the bot that is installed.
16b732162c823b5b45b96caf698d1e229ba187473030bd0dc6a87b8f4118faa4
STG Security Advisory: An input validation flaw in ZeroBoard versions 4.1pl4 and below can allow malicious attackers the ability to run arbitrary commands with the privilege of the HTTPD process, which is typically run as the nobody user.
c308b0793660dff9bacda679d6ea1adf0cf46f3c7d0c38cbc80870f869879079
Simple tool to automate the creation of the URL needed to exploit phpBB versions below 2.0.11 using the viewtopic.php vulnerability.
97f48c8238366a517072f68c8271d01c882853ab1bf9dc15f358fd99045e5759
SHOUTcast DNAS/Linux version 1.9.4 format string remote exploit. Tested on slackware 9.1 and 10.0. Bind a shell to port 7000.
d2c5f4ccf6da4f8162e3796a3521048971da31a1653d14c5d1dc589793cbd7bd
WPKontakt versions 3.0.1 and below suffer from a parsing error that allows for remote script execution.
c14906452145b27ba4ee53c83236794b6608ffc2157e7793f04f927eefe09ffd
Crystal FTP Pro version 2.8 proof of concept exploit that makes use of a flaw in the LIST command.
4a3b769ce8d639a9f78c05375fe98f0d71d16ee20d7c6cbe15b1feec1bbd0ef7
Webmin remote bruteforce and command execution exploit.
3229899c7251d4cb48d3f0d390a3b186437248965268c2f3b262bba166cd6158
Local root exploit that makes use of the dynamic library for do_system() in MySQL UDF. Tested on MySQL 4.0.17.
95a7207a7051562030ac705492537b56b8b7240a2c9e35e9973ec9e34e4a0c48
Remote root exploit for rlogin on Solaris/SPARC 2.5.1/2.6/7/8. This remote root exploit uses the (old) System V based /bin/login vulnerability via the rlogin attack vector, returning into the .bss section to effectively bypass the non-executable stack protection (noexec_user_stack=1 in /etc/system).
bfeb19101920045f9d6f6904868ad67701158aa7b9bc94f200fad68320b7c937