all things security
Showing 1 - 25 of 92 RSS Feed

Files

0501-exploits.tgz
Posted Feb 1, 2005
Authored by Todd J.

Packet Storm new exploits for January, 2005.

tags | exploit
MD5 | 37bd4fdc8193b756cddbabeaa2a60f7e
WC-ms05002-ani-expl-cb.c
Posted Jan 30, 2005
Authored by WhiskyCoders | Site bennupg.ath.cx

Microsoft Internet Explorer .ANI file handling exploit. Modified version of the houseofdabus exploit. Universal version of the exploit. Tested on: Windows Server 2003, Windows XP SP0/SP1, Windows 2000 SP2/SP3/SP4.

tags | exploit
systems | windows, 2k, xp
MD5 | d7655c62bf4f64164f7a24520e057746
imd_advisory.txt
Posted Jan 30, 2005
Authored by Steven | Site lovebug.org

The webmail portion of Infinite Mobile Delivery 2.6 from Captaris, Inc. contains a Cross Site Scripting vulnerability. In addition to the XSS, an even smaller issue exists where a user can determine the installation path of the client and where e-mails are stored.

tags | exploit, xss
MD5 | 73bf8815871d7d252113b66d4b21f75e
HexView Security Advisory 2601-20-05.03
Posted Jan 29, 2005
Authored by HexView, ShineShadow

Multiple versions of the Merak Mail Server with Icewarp Web Mail suffer from various flaws. Included are cross site scripting, path disclosure, arbitrary file manipulation/access, and weak password encryption vulnerabilities.

tags | exploit, web, arbitrary, vulnerability, xss
MD5 | 22281f06d752d9deb5bb3663a37d1d5c
WebAdmin302.txt
Posted Jan 29, 2005
Authored by David Alonso Perez

Alt-N WebAdmin, the web application used to administer MDaemon and RelayFax, is susceptible to cross site scripting, html injection, and unauthenticated account modification vulnerabilities. Versions 3.0.2 and below are susceptible.

tags | exploit, web, vulnerability, xss
MD5 | b3c073f533c811a3079686b8142631ff
WebWasherCONNECT.txt
Posted Jan 29, 2005
Authored by Oliver Karow | Site oliverkarow.de

WebWasher Classic has a design flaw weakness where the CONNECT method allows remote attackers to connect to any server listening on the localhost interface of the proxy server.

tags | exploit, remote
MD5 | 73ddc497f3ae9999b4e962bbea99a087
exploits-winamp.tgz
Posted Jan 28, 2005
Authored by Rojodos

Two exploits for Winamp 5.05 and 5.08. They make use of the buffer overflow vulnerability discovered by NSFOCUS.

tags | exploit, overflow
advisories | CVE-2004-1150
MD5 | b7230f0d8cc7a676a94142a80a56e9d4
OutlookMuteX.txt
Posted Jan 28, 2005
Authored by Anand Khare

Exploit for Outlook that can press a button to verify it is okay to access protected contact data. Tested against Windows XP SP1. This functionality may be utilized in future worm creation.

tags | exploit, worm
systems | windows, xp
MD5 | 55f67af1a82aec066bc16a4846d93360
antivir.txt
Posted Jan 28, 2005
Authored by Vladimir Kraljevic

An unnamed antivirus product can cause a denial of service on Microsoft Windows due to not closing open registry handles.

tags | exploit, denial of service, registry
systems | windows
MD5 | 177efb9580b2cc67ffc17e1178af9692
DMA-2005-0127a.txt
Posted Jan 28, 2005
Authored by Kevin Finisterre

Apple's OS X batch family of commands make poor use of setuid capabilities allowing for privilege escalation.

tags | exploit
systems | apple, osx
advisories | CVE-2005-0125
MD5 | 56dcf81c83031240460012b3ba4d6624
ie_attack.htm
Posted Jan 27, 2005
Authored by Seth Fogie | Site airscanner.com

Pocket IE on a Windows Mobile Pocket PC suffers from Unicode URL obfuscation, local file access, and cross site scripting vulnerabilities.

tags | exploit, local, vulnerability, xss
systems | windows
MD5 | 4a7aa53d0c4f547a8a6702e988be69d5
uselib24.c
Posted Jan 27, 2005
Authored by timhsu | Site chroot.org

Modified uselib() local exploit for the Linux kernel series. This version has been modified to also work on SMP kernels. Linux kernel versions 2.4 up to and including 2.4.29-pre3, 2.6 up to and including 2.6.10 are affected.

tags | exploit, kernel, local
systems | linux
advisories | CVE-2004-1235
MD5 | 7d1888194c26d9c12a40a81c1aa3e184
siteman.noam.txt
Posted Jan 27, 2005
Authored by Noam Rathaus

Siteman versions 1.1.10 and below remote administrative account addition exploit.

tags | exploit, remote
MD5 | 23d964d6078eb95f5bdac2764881067c
trn-test.txt
Posted Jan 27, 2005
Authored by ZzagorR | Site rootbinbash.com

Local root exploit for /usr/bin/trn. Tested on Mandrake 9.2, Slackware 9.1.0/10.0.0.

tags | exploit, local, root
systems | linux, slackware, mandrake
MD5 | eccb9e46d859b8d7283889195634aa02
ex_gpsd.c
Posted Jan 27, 2005
Authored by Kevin Finisterre, John H. | Site digitalmunition.com

Remote format string exploit for Berlios gpsd, a remake of pygps. On Debian, it achieves uid of gpsd. On Redhat, it achieves root.

tags | exploit, remote, root
systems | linux, redhat, debian
MD5 | 827e4de2273f8b6087f440740e1ddaaf
phpEventCalendar.txt
Posted Jan 27, 2005
Authored by Madelman

phpEventCalendar version 0.2 does not check title and event text when the data is inserted in the database, allowing for arbitrary HTML injection.

tags | exploit, arbitrary
MD5 | e9a569c32f80bca6c0ffb8d8af9ac8ff
Echo Security Advisory 2005.10
Posted Jan 26, 2005
Authored by y3dips, Echo Security | Site y3dips.echo.or.id

Exponent CMS version 0.95 is susceptible to full path disclosure and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 724c9736a6bc618a34641f4f77dcfcb6
AWStatsVulnAnalysis.pdf
Posted Jan 26, 2005
Authored by newbug | Site chroot.org

Detailed analysis of three different vulnerabilities that reside in AWStats which all allow for remote command execution.

tags | exploit, remote, vulnerability
MD5 | b80c768c3977749e69e1d763168985e4
codebug7.txt
Posted Jan 25, 2005
Site codebug.org

Codebug Labs Advisory 07 - MercuryBoard version 1.1.1 suffers from full path disclosure, cross site scripting, and SQL injection vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
MD5 | 4cd7f78f29b25991daec36c2ccd910d3
w32dasmbof.disasm_me
Posted Jan 25, 2005
Authored by Luigi Auriemma | Site aluigi.altervista.org

Local proof of concept exploit for W32Dasm which suffers from a classic buffer overflow vulnerability when analyzing files.

tags | exploit, overflow, local, proof of concept
MD5 | c47e3a1d1537b77c56f9e8f526960c2f
GHCaws.pl
Posted Jan 25, 2005
Authored by GHC | Site ghc.ru

AwStats exploit that makes use of a remote command execution vulnerability in versions 6.2 and below.

tags | exploit, remote
MD5 | cd4e6e2173c331307cd924b556c45421
awexpl.c
Posted Jan 25, 2005
Authored by Robert Molnar

AwStats exploit that makes use of a remote command execution vulnerability in versions 6.2 and below.

tags | exploit, remote
MD5 | ad96eacf2a2869f6c15ae4c2c84b43ee
crafted.c
Posted Jan 25, 2005
Authored by ATmaCA | Site atmacasoft.com

Funduc search and replace compressed file local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | 844f3c4379637e8d9face8f6c77724a7
siteman.pl.txt
Posted Jan 25, 2005
Authored by shoaliesefid7

Siteman version 1.0.x remote perl exploit that adds an administrative account.

tags | exploit, remote, perl
MD5 | 1b882d55dd0ffddcd81e52c52d19acba
fm-iSink.c
Posted Jan 25, 2005
Authored by nemo

Local root exploit for mRouter installed by iSync on Mac OS X 10.3.

tags | exploit, local, root
systems | apple, osx
MD5 | 9dd5712dae885584c97c7a9575e3d4f6
Page 1 of 4
Back1234Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Even Pokemon Go Was Used By Russia To Meddle In The Election
Posted Oct 13, 2017

tags | headline, government, usa, russia, cyberwar
US Voices Frustration With Warrant-Proof Encryption
Posted Oct 13, 2017

tags | headline, government, privacy, usa, cryptography
An Unknown Hacker Stole Sensitive Data On Australia's War Planes
Posted Oct 13, 2017

tags | headline, hacker, government, australia, data loss, cyberwar
Legacy Office Feature Used In Novel Document Attacks
Posted Oct 13, 2017

tags | headline, hacker, malware, microsoft, flaw
Equifax Rival TransUnion Also Sends Site Visitors To Malicious Pages
Posted Oct 12, 2017

tags | headline, malware
The Myth Of Responsible Encryption: Experts Say It Can't Work
Posted Oct 12, 2017

tags | headline, government, backdoor, cryptography
Equifax Removes Webpage After Malware Issue
Posted Oct 12, 2017

tags | headline, malware, fraud, flaw, adobe
Malware Checks Into Hyatt Hotels Again
Posted Oct 12, 2017

tags | headline, privacy, malware, bank, cybercrime, data loss, fraud
Rick And Morty Episode? Nope, Another CoinMiner
Posted Oct 12, 2017

tags | headline, fraud, cryptography
Judge Says US Government Has No Right To Rummage Through Anti-Trump Protest Website Logs
Posted Oct 12, 2017

tags | headline, government, privacy, usa, fraud
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close