Section: .. / 0512-exploits /
| /// File Name: |
lyris_attachment_mssql.pm.txt |
Description:
|
This Metasploit module exploits a SQL injection flaw in the Lyris ListManager software for Microsoft SQL Server. This flaw allows for arbitrary commands to be executed with administrative privileges by calling the xp_cmdshell stored procedure. Versions 5.0 through 8.8a are affected.
| | Author: | H D Moore | | Homepage: | http://metasploit.com/ | | Related Exploit: | lyris-listmanager.txt | | File Size: | 4399 | | Last Modified: | Dec 14 01:14:50 2005 |
| MD5 Checksum: | f7190bb52ae23cbb1c9bd08505907146 |
|
| /// File Name: |
lyris-listmanager.txt |
Description:
|
The Lyris ListManager software versions 5.0 through 8.8a are vulnerable to numerous SQL injection, source code disclosure, and authentication bypass flaws. Full details provided.
| | Author: | H D Moore | | Homepage: | http://metasploit.com/ | | Related Exploit: | lyris_attachment_mssql.pm.txt | | File Size: | 6050 | | Last Modified: | Dec 14 01:11:49 2005 |
| MD5 Checksum: | 82ab2ed7706e828cab1028eedd58814c |
|
| /// File Name: |
ie_december_crash_xhtmltrans.txt |
Description:
|
A pre tag with the style element white-space:normal; crashes Internet Explorer 6.0 if the pre tag contains two or more 'single' tags (for example, <span />). The bug was tested with Windows XP SP2 and Internet Explorer 6.
| | Author: | Markus Heer | | Homepage: | http://www.pentagroup.ch | | File Size: | 305 | | Last Modified: | Dec 14 00:50:53 2005 |
| MD5 Checksum: | decaf32fa31d7424355eb484ea166a18 |
|
| /// File Name: |
browserDoS.txt |
Description:
|
Simple javascript related denial of service that primarily affects Internet Explorer. Version 6.0 was tested and stayed unresponsive for over 3 minutes. Firefox does not appear truly affected as it seems to recover although it may freeze for a short period of time.
| | Author: | Ziplock | | File Size: | 448 | | Last Modified: | Dec 14 00:43:26 2005 |
| MD5 Checksum: | 142b31ebaf4a6d1c5905efadfe640cc6 |
|
| /// File Name: |
perl-cal-29920.txt |
Description:
|
Perl-Cal version 2.99.20, the CGI script written by Acme Software, is susceptible to cross site scripting.
| | Author: | Sumit Siddharth | | File Size: | 3690 | | Last Modified: | Dec 14 00:00:06 2005 |
| MD5 Checksum: | b903eca64d8af5272644b0927b77790d |
|
| /// File Name: |
wbaker_260_xpl.txt |
Description:
|
Website Baker versions 2.6.0 and below suffer from SQL injection, login bypass, and remote code execution flaws. Exploit included.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 14910 | | Last Modified: | Dec 13 23:57:16 2005 |
| MD5 Checksum: | f51d6a97733a1d4570932cc029123f2c |
|
| /// File Name: |
envo.txt |
Description:
|
eNvolution, the fork of PostNuke, is susceptible to cross site scripting and SQL injection attacks.
| | Author: | X1ngBox | | File Size: | 521 | | Last Modified: | Dec 13 23:43:12 2005 |
| MD5 Checksum: | 7e2a2c7faa2be90e8362a75604e36d5c |
|
| /// File Name: |
toendaCMS.txt |
Description:
|
ToendaCMS version 0.6.2.1 is susceptible to cross site scripting attacks.
| | Author: | X1ngBox | | File Size: | 660 | | Last Modified: | Dec 13 23:42:20 2005 |
| MD5 Checksum: | 768f1ca26fca42e789fb5176ef97f15d |
|
| /// File Name: |
nodez.txt |
Description:
|
Nodez version 4.6.1.1 is susceptible to multiple cross site scripting flaws.
| | Author: | X1ngBox | | File Size: | 684 | | Last Modified: | Dec 13 23:41:34 2005 |
| MD5 Checksum: | 82a3c5d82fb2dc7b094bdd6c7e7c0b3a |
|
| /// File Name: |
flat.txt |
Description:
|
FlatCMS version 1.01 is susceptible to multiple cross site scripting flaws.
| | Author: | X1ngBox | | File Size: | 708 | | Last Modified: | Dec 13 23:40:48 2005 |
| MD5 Checksum: | d820169c55e3dddaa91e6d0a23c84cfd |
|
| /// File Name: |
ztml.txt |
Description:
|
TML CMS version 0.5 is susceptible to cross site scripting and SQL injection attacks.
| | Author: | X1ngBox | | File Size: | 702 | | Last Modified: | Dec 13 23:39:44 2005 |
| MD5 Checksum: | c8e300ec3369d30d228c71e2fc4c1835 |
|
| /// File Name: |
bbs.c |
Description:
|
SimpleBBS versions 1.1 and below remote command execution exploit.
| | Author: | unitedasia | | File Size: | 4424 | | Last Modified: | Dec 13 23:24:12 2005 |
| MD5 Checksum: | 153d8fadee80804f06dda5d29fad686a |
|
| /// File Name: |
ThWboard.txt |
Description:
|
ThWboard version 3 beta 2.8 is susceptible to HTML injection, cross site scripting, and SQL injection attacks. Details provided.
| | Author: | trueend5 | | Homepage: | http://kapda.ir/ | | File Size: | 2349 | | Last Modified: | Dec 13 23:22:53 2005 |
| MD5 Checksum: | 83304c54e2bbb7b0fe3c031772285bab |
|
| /// File Name: |
appfluent.txt |
Description:
|
Appfluent Database IDS version 2.0 suffers from an environment variable overflow that can be manipulated using sudo as an attack vector. Exploit provided.
| | Author: | c0ntex | | Homepage: | http://www.open-security.org | | File Size: | 6908 | | Last Modified: | Dec 13 23:21:23 2005 |
| MD5 Checksum: | 32c5b58d9d21114244ca445df9985b02 |
|
| /// File Name: |
sugar_suite_40beta.txt |
Description:
|
SugarSuite Open Source versions 4.0beta and below suffer from remote code execution and file inclusion flaws. Exploit provided.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 10408 | | Last Modified: | Dec 13 23:19:41 2005 |
| MD5 Checksum: | ff2fa3cc8d3377e7cc559a9c0fb94fc3 |
|
| /// File Name: |
VPNcheckpoint.txt |
Description:
|
Checkpoint SecureClient NGX Security Policy can be easily disabled.
| | Author: | Viktor Steinmann | | File Size: | 2511 | | Last Modified: | Dec 13 23:18:25 2005 |
| MD5 Checksum: | 87814a3c0a01296907ec97561588d477 |
|
| /// File Name: |
DRZESHMS.txt |
Description:
|
DRZES HMS is susceptible to cross site scripting and SQL injection vulnerabilities.
| | Author: | vipsta | | File Size: | 603 | | Last Modified: | Dec 13 23:09:35 2005 |
| MD5 Checksum: | bcd5ac7dff7d91a3078343a35c127666 |
|
| /// File Name: |
hordeGraphic.txt |
Description:
|
All versions of the Horde IMP Webmail client are susceptible to cross site scripting attacks.
| | Author: | Igor | | File Size: | 4751 | | Last Modified: | Dec 9 11:22:17 2005 |
| MD5 Checksum: | 557d9a6ec0002e632527b6ca8121083c |
|
| /// File Name: |
blog12SQL.txt |
Description:
|
The Blog System version 1.2 is susceptible to SQL injection attacks.
| | Author: | vipsta | | File Size: | 267 | | Last Modified: | Dec 9 11:15:56 2005 |
| MD5 Checksum: | 9f22d03b751f8205fb13d1528e7da44e |
|
| /// File Name: |
mambo452_xpl.html |
Description:
|
Mambo versions 4.5.2 and below Globals overwrite and remote command execution exploit.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org | | File Size: | 10846 | | Last Modified: | Dec 9 11:14:28 2005 |
| MD5 Checksum: | 6d5cda257b3443d29067a4e7e9e83872 |
|
| /// File Name: |
firefox-1.5.txt |
Description:
|
Firefox 1.5 suffers from a denial of service condition when a large topic gets saved automatically to the history.dat file. This only works on a small amount of the Firefox 1.5 users, and it is not apparent that the problem is a buffer overflow. More information available here. Official Mozilla response here.
| | Author: | ZIPLOCK | | File Size: | 1021 | | Last Modified: | Dec 7 01:27:14 2005 |
| MD5 Checksum: | 9c066c92de070c906d61510c03fcccac |
|
| /// File Name: |
eXtremeTraversal.txt |
Description:
|
eXtreme Styles mod versions 2.2.1 and below are susceptible to directory traversal attacks.
| | Author: | tommie1 | | File Size: | 707 | | Last Modified: | Dec 6 20:56:22 2005 |
| MD5 Checksum: | 9c2189dc03c81b3f9a974e2e9b07179d |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
