Section: .. / 0704-exploits /
| /// File Name: |
mswin-dns-meta.txt |
Description:
|
Remote exploit for the Microsoft Windows DNS RPC service vulnerability. Tested on Windows 2000 SP4. Binds a shell to TCP port 4444.
| | Author: | Winny Thomas | | File Size: | 4837 | | Last Modified: | Apr 17 00:39:07 2007 |
| MD5 Checksum: | 59a3274fb97bad7d806445dbcd5c4d08 |
|
| /// File Name: |
modrewrite-offbyone.txt |
Description:
|
Apache mod_rewrite off-by-one remote overflow exploit for win32. Tested on 2.0.58.
| | Author: | axis | | Homepage: | http://www.ph4nt0m.org/ | | File Size: | 4827 | | Last Modified: | Apr 7 19:42:23 2007 |
| MD5 Checksum: | 16a9372c92198d71a06e290ed56d912b |
|
| /// File Name: |
devcode2.txt |
Description:
|
Exploit for the Microsoft Windows .ANI LoadAniIcon stack overflow vulnerability. (Hardware DEP).
| | Author: | devcode | | File Size: | 4785 | | Related CVE(s): | CVE-2007-1765 | | Last Modified: | Apr 5 02:03:00 2007 |
| MD5 Checksum: | 3ef5d0babe738f2a27c7e91cf240639e |
|
| /// File Name: |
papoo-sql.txt |
Description:
|
Papoo versions 3.02 and below remote SQL injection exploit.
| | Author: | Kacper | | Homepage: | http://www.rahim.webd.pl/ | | File Size: | 4770 | | Last Modified: | Apr 17 00:25:33 2007 |
| MD5 Checksum: | 714df45c45ed23bea86a7c36313a74d2 |
|
| /// File Name: |
phpnuke-bypass-sql.txt |
Description:
|
PHP-Nuke versions 8.0.0.3.3b and below suffer from a flaw that allows the SQL injection protection to be bypassed thus allowing for attacks. Details provided.
| | Author: | Aleksandar aka sale83 | | File Size: | 4702 | | Last Modified: | Apr 17 13:14:46 2007 |
| MD5 Checksum: | 6928b5bfa2f7257b5246640c3360611a |
|
| /// File Name: |
msdns_zonename.rb.txt |
Description:
|
This Metasploit module exploits a stack overflow in the RPC interface of the Microsoft DNS service. The vulnerability is triggered when a long zone name is supplied that contains escaped characters. This exploit will NOT work on Windows 2003 SP1 or SP2 if hardware DEP is enabled.
| | Author: | H D Moore | | Homepage: | http://metasploit.com/ | | File Size: | 4618 | | Related CVE(s): | CVE-2007-1748 | | Last Modified: | Apr 17 12:24:55 2007 |
| MD5 Checksum: | 5eaf4ad4892980ab9394b2204f8b0a6f |
|
| /// File Name: |
dotnet-bypass.txt |
Description:
|
By understanding how ASP .NET malicious request filtering functions, ProCheckUp has found that it is possible to bypass ASP .NET request filtering and perform cross site scripting and HTML injection attacks.
| | Author: | Richard Brain, Jan Fry, Adrian Pastor | | Homepage: | http://www.procheckup.com/ | | File Size: | 4170 | | Last Modified: | Apr 7 19:30:31 2007 |
| MD5 Checksum: | 97e745c033ec1da194ffc67d0bfca3af |
|
| /// File Name: |
VP-ASP-SQL.txt |
Description:
|
VP-ASP suffers from a SQL injection vulnerability. Details provided.
| | Author: | tracewar | | File Size: | 4078 | | Last Modified: | May 2 21:47:41 2007 |
| MD5 Checksum: | 62abaf2555cb5ce6eb0e01fb2253fe5f |
|
| /// File Name: |
dmcms-upload.txt |
Description:
|
DmCMS suffers from an upload flaw that allows for arbitrary code execution.
| | Author: | HACKERS PAL | | Homepage: | http://www.soqor.net/ | | File Size: | 4013 | | Last Modified: | Apr 24 03:48:31 2007 |
| MD5 Checksum: | 01f6bc9838f6ca171733555d2d1e31a7 |
|
| /// File Name: |
filecopa-101.txt |
Description:
|
FileCOPA FTP server versions 1.01 and below remote buffer overflow exploit.
| | Author: | Umesh Wanve | | File Size: | 3960 | | Last Modified: | Apr 7 19:40:01 2007 |
| MD5 Checksum: | b0e89705a0ad1bf1014e8a8ec67005a0 |
|
| /// File Name: |
irfanview399-ani.txt |
Description:
|
IrfanView version 3.99 .ANI file local buffer overflow exploit. Comes with multiple targets and binds a shell to TCP port 4444.
| | Author: | Breno Silva Pinto | | File Size: | 3868 | | Last Modified: | Apr 10 01:39:19 2007 |
| MD5 Checksum: | 246f813f684fbd9b4b793821ccbbee1e |
|
| /// File Name: |
dbms_aq-enqueue.txt |
Description:
|
Oracle 10g DBMS_AQ.ENQUEUE remote SQL injection exploit that allows you to grant or revoke dba permission to an unpriviileged user.
| | Author: | bunker | | Homepage: | http://rawlab.mindcreations.com/ | | File Size: | 3653 | | Related CVE(s): | CVE-2007-0268 | | Last Modified: | Apr 2 19:58:01 2007 |
| MD5 Checksum: | 9f23af7318c2c6ebd3b09e68dd6638d6 |
|
| /// File Name: |
hpmercury-overflow.txt |
Description:
|
HP Mercury Quality Center Spider90.ocx ProgColor proof of concept overflow exploit.
| | Author: | ri0t | | File Size: | 3649 | | Last Modified: | Apr 5 02:07:07 2007 |
| MD5 Checksum: | 497bc99722608ec01e022441eb714fe7 |
|
| /// File Name: |
chatness253-multi.txt |
Description:
|
Chatness versions 2.5.3 and below suffer from multiple vulnerabilities including file overwrite and password disclosure issues.
| | Author: | Gammarays | | File Size: | 3638 | | Last Modified: | Apr 12 19:09:55 2007 |
| MD5 Checksum: | 7cdfadda86edf41fbbc518afa7073c4c |
|
| /// File Name: |
mydns-rr-smash.c |
Description:
|
Remote heap smash exploit for mydns versions 1.1.0 and below.
| | Author: | mu-b | | Homepage: | http://www.digit-labs.org/ | | File Size: | 3604 | | Last Modified: | May 2 20:39:13 2007 |
| MD5 Checksum: | 274b37368d8dc2f5b79d524cbae37f53 |
|
| /// File Name: |
extremail-v9.c |
Description:
|
Proof of concept exploit that exploit a trivial stack smash in the DNS parsing code of eXtremail versions 2.1.1 and below.
| | Author: | mu-b | | File Size: | 3567 | | Last Modified: | Apr 22 23:52:51 2007 |
| MD5 Checksum: | fb6a8a8fad0a27414194d5750a30d0e7 |
|
| /// File Name: |
BTP00001P000ZA.zip |
Description:
|
Proof of concept exploit that demonstrates a denial of service condition in ZoneAlarm 6.
| | Homepage: | http://www.matousec.com/ | | Related File: | zonealarm6.txt | | File Size: | 3484 | | Last Modified: | Apr 17 00:59:50 2007 |
| MD5 Checksum: | 65ad6955722d70aba40ad9cc38ec61f7 |
|
| /// File Name: |
shoutpro-pwn.txt |
Description:
|
ShoutPro version 1.5.2 arbitrary code execution exploit that makes use of a failure to properly sanitize user input.
| | Author: | Gammarays | | File Size: | 3391 | | Last Modified: | Apr 18 21:00:49 2007 |
| MD5 Checksum: | ca2c517c10c8fd409cf799a13d079f52 |
|
| /// File Name: |
BTP00000P002NF.zip |
Description:
|
Symantec Norton Personal Firewall hooks many functions in SSDT and in at least two cases it fails to validate arguments that come from the user mode. This exploit demonstrates this vulnerability.
| | Homepage: | http://www.matousec.com/ | | Related File: | BTP00000P002NF.txt | | File Size: | 3384 | | Last Modified: | Apr 2 19:13:05 2007 |
| MD5 Checksum: | fdc7023165c36f1ace4158846a58485e |
|
| /// File Name: |
e107-overwrite.txt |
Description:
|
E107 version 0.7.8 access escalation overwrite exploit.
| | Author: | Gammarays | | File Size: | 3294 | | Last Modified: | Apr 12 18:05:14 2007 |
| MD5 Checksum: | 14a3d45f48424a38e3b4fdbe4e18e0c7 |
|
| /// File Name: |
ipix-overflow.txt |
Description:
|
IPIX Image Well ActiveX buffer overflow exploit that executes calc.exe.
| | Author: | Umesh Wanve | | File Size: | 3280 | | Last Modified: | May 2 22:58:35 2007 |
| MD5 Checksum: | c39411b3574e4f123916fe6b7f8cffb3 |
|
| /// File Name: |
adv81-K-159-2007.txt |
Description:
|
WordPress plugin wordTube versions 1.43 and below suffer from a remote file inclusion vulnerability.
| | Author: | K-159 | | Homepage: | http://k-159.echo.or.id/ | | File Size: | 3273 | | Last Modified: | May 2 22:43:52 2007 |
| MD5 Checksum: | ade67937e2f164bf0db1b9fe63a69e00 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
