EXPL-A-2005-001 exploitlabs.com Advisory 030 - A vulnerability in Microsoft Outlook Web Access allows malicious attackers to redirect the login to any URL they wish.
cc0fadb803b3aa16e9acd02377c86e4024ea510cee5b3e6bb7f1f5c8d1dfa1bfA lack of validation in BXCP 0.2.9.7 scripts allow for local php file inclusion and path disclosure.
682e5f0612f5d2564293d0855b1b47b08d7056fdf09cf28a436caffa3a24ef43VP-ASP Shopping Cart version 5.x stores sensitive user data in .mdb files.
90dcfb16a60d5e1b02b29f56f2079072234eeef0b3e2d8c2b391eed68f41e7b3Linux v2.6.10 and below kernel exploit which allows non-privileged users to read kernel memory.
64668cf27bf96d59d1d1f9aeceaa70ae1834d86bc88475e6ae009a8b38a70a8bvBulletin v3.0 through 3.0.4 remote command execution exploit, written in PHP. Takes advantage of a bug in forumdisplay.php.
9298c75854aa587dfdd3e80741730d6f2b862b5d96bfb83aeddbe88066b7cad1vBulletin v3.0.4 remote command execution exploit. Takes advantage of a bug in forumdisplay.php.
d4524c7e2e8566f6e4f5d23e18d2fb7a5b4bedeac23a5e39c07cff16fff4f799This script is an XSS attack controller which allows an attacker to force a victim to read pages off a XSS vulnerable server and relay contents back to this controller. This process also provides client with new script commands.
0b27ece0f83b8dea923f98d2bfd7fbb0b2ab348556d89d44948eac0530dfa175The CA BrightStor ArcServe Discovery Service overflow exploit takes advantage of a vulnerability in the CA BrightStor Discovery Service which occurs when a large request is sent to UDP port 41524, triggering a stack overflow.
7d0b4a2e24e12ce44e33a8962a865ecfdab582d552df7e09621a2b9dfe423ccaCA BrightStor Discovery Service SERVICEPC Overflow for Win32, win2000, winxp, and win2003 which exploits a vulnerability in the TCP listener on port 45123. Affects all known versions of the BrightStor product. More information available here.
06aea5c93f017821b6f5bb745269cc286814e9aac984c4e232a1da82215c07b2The CA BrightStor Discovery Service overflow exploit is a perl module exploits a vulnerability in the CA BrightStor Discovery Service which occurs when a large request is sent to UDP port 41524, triggering a stack overflow. Targets include Win32, win2000, winxp, and win2003. More information available here.
6ebf5e3c394cc6d934ad22365dc61149ffa66fc65a6227931ed9237c32d8be19Exim <= 4.4.3 exploit for the SPA authentication vulnerability. Takes advantage of the spa_base64_to_bits() call.
d290358d63001c6fed4824d7d8bda0f645b150ab15fca97112a1d0cd421de646Mercuryboard <= 1.1.1 remote sql injection exploit.
1a5ee612aa7218d1e301bf5ac4bc98b6cb169d340b1b5bfa8dd94a59aa7833caMyPHPForum v1.0 remote sql injection exploit. Shows administrators name and password. MyPHP Forum is available here.
6cd1c3d8353e7558ac8dd9f5b96f18be76d6c86edacd05ecc29d53784a443ad6CMS Core remote SQL injection exploit. CMS Core is available here.
d352c17e29e51f28fab9caf8dc1125f5aa0c16058c15c070d22256ed0186d71aChipmunk Forum remote SQL injection exploit. Chipmunk forum is available here.
79b0a3c4fc4f911965e6c040f69341a77bb31810050eb6aec57eade7e3c99981PHP-Nuke v7.4 remote exploit which allows you to create new admin with relative passwd that you specify on the command line. Allows you to take administrative control of the webPortal. See here for more information.
d4519b08516e4a2b394f9870d72fa7a2e76009da122c00757f5e8ba8dabc2814Postnuke Postwrap remote command execution exploit. Includes information on finding vulnerable systems with google.
7485adac9a7f99f5fec2d43521344bc6ce806e1156b799b3e86948debe621742MSN Messenger PNG image buffer overflow download (ms05-007) remote exploit for Windows. Tested against MSN Messenger 6.2.0137. This vulnerability can be exploited on Windows 2000 (all service packs) and Windows XP (all service packs) that run vulnerable MSN Messenger clients.
c30c3511146addce1842ff9014814c1afd908e35efb8b7c35a338901c14f83a3MSN Messenger PNG image buffer overflow download (ms05-007) remote exploit for Linux. Tested against MSN Messenger 6.2.0137. This vulnerability can be exploited on Windows 2000 (all service packs) and Windows XP (all service packs) that run vulnerable MSN Messenger clients.
7f4fd2c135fdf617b1189c77097199a161a47f41e34cbc4b66d71870dd2a774fRaidenHTTPD version 1.1.27 is susceptible to a directory traversal flaw where any file can be extracted from the disk partition where the httpd is installed.
269edca2c20fc62296721fc364efa750631965f3d26ff48a5c321679256841a2Foxmail server version 2.0 is susceptible to a boundary error condition in the MAIL FROM: directive. Sample denial of service exploit provided.
12684f6fba7180492c27e286a2d4c1d83bb3e0a4bc6e225b01f207228fe4972eSavant Web Server 3.1 remote buffer overflow exploit. Tested on Windows 2003 Server.
1ed148f916799f97a798ed6d48fe21c3a6acb343828fce74c7b209352c2ad419Remote proof of concept exploit for the buffer overflow vulnerability discovered in Exim 4.41 by iDEFENSE.
753d89e248ed9f5367270763d2d68d1468737e48ae16a35a50dcfe7aa88d72f4Operator Shell (osh) 1.7-12 local root exploit.
fe3a929faff57858b299fc1c0d1660e3387d19c65452c581dd20e06aa4b548d6LiteForum version 2.1.1 SQL injection exploit with one char bruteforce.
40746b70c57b6cd7eccff85b84ff592efd5ba6e911b74ca4c0dc26104e4c031b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed