Section: .. / 0601-exploits /
| /// File Name: |
mircfontexploitXPSP2.c |
Description:
|
mIRC /font exploit that spawns a cmd.exe.
| | Author: | Jordi Corrales | | File Size: | 3399 | | Last Modified: | Jan 29 22:52:43 2006 |
| MD5 Checksum: | cc354422b0b369da3ea499ad5264febe |
|
| /// File Name: |
homeftp_v1.1_xpl.c |
Description:
|
HomeFTP versions 1.1 and below remote denial of service exploit.
| | Author: | Pi3cH, cvh | | Homepage: | http://www.kapda.ir/ | | File Size: | 3339 | | Last Modified: | Jan 15 18:21:14 2006 |
| MD5 Checksum: | 928270b4d741a17745a9f45166872e89 |
|
| /// File Name: |
cijfer-vsczpl.pl.txt |
Description:
|
Valdersoft Shopping Cart versions 3.0 and below remote command execution exploit.
| | Author: | cijfer | | File Size: | 3120 | | Last Modified: | Jan 4 06:14:35 2006 |
| MD5 Checksum: | 1334d876f1f971b86d5eeb002c43ead9 |
|
| /// File Name: |
PaQFile_Share.txt |
Description:
|
eFileGo v3.01 contains multiple vulnerabilities including remote command execution, file upload, denial of service, and a directory traversal issue in upload.exe. The vulnerable eFileGo web server runs on TCP port 608.
| | Author: | dr_insane | | File Size: | 3069 | | Last Modified: | Jan 1 15:37:04 2006 |
| MD5 Checksum: | 26f8b9da7a9fec8026bda1b0fff8c34c |
|
| /// File Name: |
xmame-expl.c |
Description:
|
Xmame 0.102 and below local root exploit for Linux.
| | Author: | sj | | File Size: | 3015 | | Last Modified: | Jan 26 10:22:58 2006 |
| MD5 Checksum: | 1003466f064d3d3e07be0fc3c01e5fdd |
|
| /// File Name: |
icq-xss.txt |
Description:
|
An ICQ.com search script (search_result.php) is vulnerable to cross-site scripting attacks. An attacker can exploit the vulnerable script to have arbitrary script code executed in the browser of an authenticated ICQ user in the context of the ICQ webpage. resulting in the theft of cookie-based authentication giving the attacker temporary access to the victim's account, as well as other type of attacks.
| | Author: | _6mO_HaCk | | Homepage: | http://www.morx.org/iseekyowned.html | | File Size: | 2959 | | Last Modified: | Jan 25 08:37:37 2006 |
| MD5 Checksum: | 3b1bcaf74df52280df7119519cc15c27 |
|
| /// File Name: |
DSR-farmerswife44sp1.pl.txt |
Description:
|
Farmers WIFE version 4.4 sp1 ftpd remote exploit that allows for system compromise.
| | Author: | kokanin | | File Size: | 2957 | | Last Modified: | Jan 15 18:14:43 2006 |
| MD5 Checksum: | 8f952e01a07259244b3b2baf44fe55e3 |
|
| /// File Name: |
CAN-2005-4085_exploit.pl.txt |
Description:
|
Remote exploit that makes use of a buffer overflow vulnerability in the Host: string sent to Blue Coat Systems Inc.'s WinProxy. Successful exploitation binds a shell on tcp port 4444.
| | Author: | FistFuXXer | | Related File: | 01.05.06-2.txt | | File Size: | 2917 | | Related CVE(s): | CAN-2005-4085 | | Last Modified: | Jan 8 06:55:47 2006 |
| MD5 Checksum: | f4d52f7a8622879b4bfb2f3b61a9c7a3 |
|
| /// File Name: |
ciskill.c |
Description:
|
Cisco Aironet wireless access point ARP replies remote denial of service exploit. Takes advantage of the flaw originally discovered by Eric Smith.
| | Author: | Pasv | | Related File: | cisco-sa-20060112-wireless.txt | | File Size: | 2870 | | Last Modified: | Jan 30 09:56:00 2006 |
| MD5 Checksum: | 629b072695b012fb13d8be7b7386d0aa |
|
| /// File Name: |
aolXSS.txt |
Description:
|
Various America Online (AOL) scripts are susceptible to cross site scripting attacks. Full details provided.
| | Author: | Simo Ben youssef | | Homepage: | http://www.morx.org | | File Size: | 2814 | | Last Modified: | Jan 10 05:15:50 2006 |
| MD5 Checksum: | 7d3ea91b1319f5e39eac2a703642365b |
|
| /// File Name: |
winamp0day.c |
Description:
|
Winamp versions 5.12 and below remote buffer overflow universal exploit that makes use of the PLS file handing buffer overflow flaw.
| | Author: | ATmaCA | | Homepage: | http://www.atmacasoft.com/ | | File Size: | 2630 | | Last Modified: | Jan 30 10:00:19 2006 |
| MD5 Checksum: | dbc47c8a4f8105ead181869a3cab0c13 |
|
| /// File Name: |
cijfer-mnxpl.pl.txt |
Description:
|
Magic News Plus versions 1.0.3 and below remote administrative password changing exploit.
| | Author: | cijfer | | File Size: | 2586 | | Last Modified: | Jan 10 06:19:06 2006 |
| MD5 Checksum: | 666a953c3a41152b27c593aa367262b4 |
|
| /// File Name: |
phpflaw.php.zip |
Description:
|
PHP 4.3.10 and 4.4.0 Windows remote stack overflow exploit which works on certain systems by overflowing the mysql_connect function. Includes an advisory and workaround information.
| | Author: | mercenary | | File Size: | 2548 | | Last Modified: | Jan 6 10:47:06 2006 |
| MD5 Checksum: | 77f826297bb36e8891bdac9ce5515e63 |
|
| /// File Name: |
BitCometURI.c |
Description:
|
A vulnerability in BitComet allows remote attackers to construct a special .torrent file and put it on any BitTorrent publishing web site. When a user downloads the .torrent file and clicks on publishers name, BitComet will crash. An attacker can run arbitrary code on victims' host by specially crafted .torrent file.
| | Author: | nick58 | | File Size: | 2441 | | Last Modified: | Jan 27 08:10:04 2006 |
| MD5 Checksum: | 14470abea96e7bf3ad397bff3fa16165 |
|
| /// File Name: |
xmame.c |
Description:
|
xmame version 0.102 -lang local buffer overflow exploit.
| | Author: | Qnix | | Related File: | Xmamebo.txt | | File Size: | 2381 | | Last Modified: | Jan 15 18:09:07 2006 |
| MD5 Checksum: | bdd219342e85d52090960f09a93a0678 |
|
| /// File Name: |
PHPNukeEV77.txt |
Description:
|
PHPNuke EV 7.7 is susceptible to SQL injection attacks via the query variable in the search module.
| | Author: | Lostmon | | Homepage: | http://lostmon.blogspot.com/ | | File Size: | 2100 | | Last Modified: | Jan 9 19:29:07 2006 |
| MD5 Checksum: | 7ca002b57ef50d700af013243ac2d80f |
|
| /// File Name: |
windowsMem.txt |
Description:
|
Windows DOS emulation allows dumping of the first 1 Mo of RAM with no particular privileges needed. asm code that demonstrates this is included.
| | Author: | endrazine | | File Size: | 2052 | | Last Modified: | Jan 29 22:55:58 2006 |
| MD5 Checksum: | 1ff8a5eb6ca89e1f9f4d6b4f5253478d |
|
| /// File Name: |
kapda-25.txt |
Description:
|
MYBB 1.x does not properly sanitize user supplied input leading to a XSS vulnerability.
| | Author: | Roozbeh Afrasiabi | | Homepage: | http://www.KAPDA.ir | | File Size: | 2023 | | Last Modified: | Jan 27 08:24:13 2006 |
| MD5 Checksum: | d64d3cd4e2838d832b42972566e22d20 |
|
| /// File Name: |
drupal.txt |
Description:
|
Drupal is susceptible to cross site scripting attacks via IMG tags.
| | Author: | Liz0ziM | | Homepage: | http://www.biyo.tk | | File Size: | 1922 | | Last Modified: | Jan 3 03:46:39 2006 |
| MD5 Checksum: | 435c1a197381b2c0f151a3a79bf6cda4 |
|
| /// File Name: |
EV0018.txt |
Description:
|
427BB versions 2.2 and 2.2.1 are susceptible to cookie-based authentication bypass, SQL injection, and cross site scripting attacks. Exploitation details provided.
| | Author: | Aliaksandr Hartsuyeu | | File Size: | 1914 | | Last Modified: | Jan 10 05:11:01 2006 |
| MD5 Checksum: | 48c087b5e1986dea3c9e6141391d6172 |
|
| /// File Name: |
EXPL-A-2006-001.txt |
Description:
|
exploitlabs.com Advisory 047 - AspTopSites is susceptible to SQL injection attacks. Details on exploitation provided.
| | Author: | Donnie Werner | | Homepage: | http://exploitlabs.com | | File Size: | 1791 | | Last Modified: | Jan 11 07:11:06 2006 |
| MD5 Checksum: | f9c2e8e3609609e6f71aa5bf40246ae8 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
