exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 251 RSS Feed

Files

ArticleBeach-2.0.txt
Posted Oct 27, 2006
Authored by Zeni Susanto

ArticleBeach Script versions 2.0 and prior suffer from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | 8466dccd2b2df63899cf1815a765f6d4d8df3651caebfb7eb9e042f70110682b
TextPattern-1.19.txt
Posted Oct 27, 2006
Authored by Zeni Susanto

TextPattern versions 1.19 and prior suffer from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | 22594dae7756eb0ada8fce7eadd80bff5a5bba808f5c94888d16a6767d9b63bd
0xf_ftpxq.c
Posted Oct 27, 2006
Authored by Federico Fazzi

0xf_ftpxq.c - FTPXQ Denial of service exploit.

tags | exploit, denial of service
SHA-256 | 17cffd597c28ed6f74c92fc0b1f188134a9142a7841dde1b098fb31dddcd101f
InteliEditor.txt
Posted Oct 27, 2006
Authored by XORON

InteliEditor suffers from a remote file inclusion vulnerability in sys_path.

tags | exploit, remote, file inclusion
SHA-256 | 8a0b2276403d545d1d676c5f336b15d1b0b574920602145cd45519ef926384f2
adobephpsdk.txt
Posted Oct 27, 2006
Authored by Crackers_Child | Site sibersavacilar.com

adobe php sdk suffers from a remote file inclusion vulnerability in CachedGateway.php.

tags | exploit, remote, php, file inclusion
SHA-256 | 6dd0ca24fd785b4c1838f18654274a650891d756a41779bd9c04fff0c949f149
CSLH2.9.9.txt
Posted Oct 27, 2006
Authored by Crackers_Child | Site sibersavacilar.com

Crafty Syntax Live Help (CSLH) 2.9.9 suffers from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, file inclusion
SHA-256 | b34b3fa80cea1b5a2e2858ec6acb712d1c823c8fe5c1f0c934b8be86e2fccd29
prdelka-vs-SUN-telnetd.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

Solaris in.telnetd 8.0 and prior remote exploit. A boundary condition error exists in telnet daemons derived from the BSD telnet daemon. Under certain circumstances, the buffer overflow can occur when a combination of telnet protocol options are received by the daemon. The function responsible for processing the options prepares a response within a fixed sized buffer, without performing any bounds checking. This exploit has been tested against Solaris 7 & Solaris 8 (sparc).

tags | exploit, remote, overflow, protocol
systems | solaris, bsd
SHA-256 | 8b1b9e7b12ccde64848ee3e68e52d71b897094c36e01d0c6aefb642d65d2014b
prdelka-vs-SGI-xrunpriv
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

SGI IRIX 6.5 /usr/sysadm/bin/runpriv local root exploit.

tags | exploit, local, root
systems | irix
SHA-256 | 87ee2433cea6d25492bbf29d76ac2dddfffb1036915de7f4e24d87a028286cbe
prdelka-vs-SCO-termshx.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

SCO Openserver 5.0.7 termsh exploit. 'termsh' is a program to view or modify an existing terminal entry on SCO Openserver. A stack based overflow exists in the handling of command line arguments, namely the [-o oadir] argument. It is installed setgid auth in a default SCO Openserver 5.0.7 install. An attacker may use this flaw to gain write access to /etc/passwd or /etc/shadow allowing for local root compromise.

tags | exploit, overflow, local, root
SHA-256 | 80848a38a842001ba4c5cb1a4aa2616cfde210738c9f9ac3f9e0ec9ee9fa8266
prdelka-vs-SCO-ptrace.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

SCO Unixware 7.1.3 ptrace local root exploit. SCO Unixware 7.1.3 kernel allows unprivileged users to debug binaries. The condition can be exploited by an attacker when he has execute permissions to a file which has the suid bit set.

tags | exploit, kernel, local, root
systems | unixware
SHA-256 | 5a1bb516b7d517521524776f7946fdb5d76fc8e72a5fbece7674002e32ad2a4e
prdelka-vs-SCO-netwarex.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

SCO Openserver 5.0.7 Netware Printing utilities exploit. Multiple buffer overflows exist in the handling of command line arguments in SCO Openserver Netware printing utils. EIP is overwritten after 997 bytes are supplied on the command line. The following binaries are installed setgid 'lp' as default and are vulnerable to this attack.

tags | exploit, overflow
SHA-256 | 83a9ce0000e4291a949433b76dd8e4502dbf1c5dbe40d16fb8f14962865b2148
prdelka-vs-SCO-enable
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

SCO Openserver 5.0.7 enable exploit. A standard stack-overflow exists in the handling of command line arguments in the 'enable' binary. A user must be configured with the correct permissions to use the "enable" binary. SCO user documentation suggests "You can use the asroot(ADM) command. In order to grant a user the right to enable and disable tty devices". This exploit assumes you have those permissions.

tags | exploit, overflow
SHA-256 | 817dbb560a816e2f79b66debcf45beb878184dc4c5bbaa5233467482a065771b
prdelka-vs-GNU-exim.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

Exim versions 4.43-r2 and prior host_aton() local root exploit.

tags | exploit, local, root
SHA-256 | aebac98246454607fa35d16a81b2ca598ce612832413121e7c0d3f85eac98cf7
prdelka-vs-GNU-adabas2.txt
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

Adabas D 13.01 (GNU/Linux & Win32) Multiple Vulns in WebApps including directory traversal and SQL injection.

tags | exploit, sql injection
systems | linux, windows
SHA-256 | 693290f05e0b0840b9b91832cbcf89d077f7c7515d33a03cc02acc2ec5bf1135
prdelka-vs-GNU-adabas.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

GNU/Linux adabas v1301 universal local root exploit. Standard stack overflow in the command line arguments of SUID root(default) clr_kernel & stop bins. The exploit calculates the value to use for return address.

tags | exploit, overflow, local, root
systems | linux
SHA-256 | ed833915fb367c22a24bae21eeb3b2964eb4dfac2a260b2bcaab81b34fb8697b
prdelka-vs-CISCO-vpnftp.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

Cisco VPN Concentrator 3000 FTP remote exploit. A vulnerability exists in the Cisco VPN Concentrator 3000, an unauthenticated user may access the file system through manipulation of FTP service commands.

tags | exploit, remote
systems | cisco
SHA-256 | 4a0105294cbe6f0ee0f0bf817086a0b2f875637c7acc2e15634b0a8695cb01d5
prdelka-vs-AEP-smartgate.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

AEP/Smartgate arbitrary file download exploit. A vulnerability exists in the smartgate SSL server (listens on port 443 by default) which may allow a malicious user to download arbitrary files with the privileges of the smartgate server.

tags | exploit, arbitrary
SHA-256 | 458fcf07885e8ffe5f837843edcf30c3a17eb5e839951995e800bb8570220cd0
prdelka-vs-HPUX-swmodify.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

HP-UX swmodify buffer overflow exploit. HP-UX 'swmodify' contains an exploitable stack overflow in the handling of command line arguements. Specifically the problem occurs due to insufficient bounds checking in the "-S" optional argument. 'swmodify' is installed setuid root by default in HP-UX and allows for local root compromise when exploiting this issue.

tags | exploit, overflow, local, root
systems | hpux
SHA-256 | 6b1717b21f6b056cf18126c41c392c3e1536cac16fd737bd04e4d45e08ff85de
prdelka-vs-HPUX-swask.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

HP-UX swask format string local root exploit. HP-UX 'swask' contains an exploitable format string vulnerability. The 'swask' utility is installed setuid root by default. Specifically the vulnerability is in the handling of the "-s" optional argument which is passed to a format function as verbatim.

tags | exploit, local, root
systems | hpux
SHA-256 | 3023aa994493e76bd2f6ffff2ce173e8623eb8396ee93dd2faebae1841d15ffe
prdelka-vs-HPUX-libc.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

HP-UX libc timezone environment overflow exploit. HP-UX libc contains an exploitable stack overflow in the handling of "TZ" environment variable. The problem occurs due to insufficient bounds checking in the localtime_r() and related functions. Any suid or sgid program which uses the timezone functions can be used as an attack vector. This exploit uses "su" to obtain root privileges.

tags | exploit, overflow, root
systems | hpux
SHA-256 | 34d846e3e0a8d4700592a69b16c25ca882966c58bb1de3a7e74d3cb507960e1a
prdelka-vs-HPUX-swpackage.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

HP-UX swpackage buffer overflow exploit. HP-UX 'swpackage' contains an exploitable stack overflow in the handling of command line arguments. Specifically the problem occurs due to insufficient bounds checking in the "-S" optional argument. 'swpackage' is installed setuid root by default in HP-UX and allows for local root compromise when exploiting this issue.

tags | exploit, overflow, local, root
systems | hpux
SHA-256 | 02450b690464a6879577282db8258a809e36d37c3095b86ce73f246a5e8dae97
sbwebapp.txt
Posted Oct 27, 2006
Authored by nikyt0x | Site soulblack.com.ar

WebAPP v0.9.9.2.1 apage.cgi remote command execution exploit.

tags | exploit, remote, cgi
SHA-256 | 570cbcdd4473796143ad45dea24ba9487d965bfb9e3539fb0df926476863622c
ProgSys-0.151.txt
Posted Oct 27, 2006
Authored by Moran Zavdi | Site vigilon.com

ProgSys 0.151 and below suffer from multiple instances of cross site scripting.

tags | exploit, xss
SHA-256 | 12c2b4c1ca50ef10c00652fd6ecfdf01ebe996921db9a3af71195ad5e4a9260e
INCA_IM-204Dsl.txt
Posted Oct 27, 2006
Authored by Crackers_Child

The INCA IM-204 Dsl router suffers from several directory traversal vulnerabilities.

tags | exploit, vulnerability
SHA-256 | d154a28851a5ecc232276eaba8aa654f16f4143959d76d61325fc495678c0f96
WikiNi-xss.txt
Posted Oct 27, 2006
Authored by Raphael Huck | Site zone14.free.fr

WikiNi suffers from several cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | cbcfca9ea57027397d41e1d395565f510b4bdfa73a403ae9fad24c5f94d90bc2
Page 2 of 10
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close