Section: .. / 0708-exploits /
| /// File Name: |
dalai-rfi.txt |
Description:
|
Dalai Forum suffers from a remote file inclusion vulnerability.
| | Author: | Darkdewil | | File Size: | 975 | | Last Modified: | Aug 21 15:55:57 2007 |
| MD5 Checksum: | c32794ad38122264702f990d12e1100c |
|
| /// File Name: |
unrwebdos.zip |
Description:
|
Denial of service exploit that demonstrates a buffer overflow in the logging function of the Unreal engine.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | unrwebdos.txt | | File Size: | 7119 | | Last Modified: | Aug 19 21:38:21 2007 |
| MD5 Checksum: | e9bbd5c6b345291edd5f727a66a60eec |
|
| /// File Name: |
belgacom_xss.txt |
Description:
|
Belgacom suffers from a cross site scripting vulnerability.
| | Author: | Tosser | | File Size: | 340 | | Last Modified: | Aug 19 21:25:36 2007 |
| MD5 Checksum: | 2c10a49166f03a0ae1331d2875a6601c |
|
| /// File Name: |
mercury-poc.txt |
Description:
|
Mercury SMTP remote preauth stack based overrun proof of concept exploit.
| | Author: | eliteb0y | | File Size: | 1071 | | Last Modified: | Aug 19 21:24:46 2007 |
| MD5 Checksum: | 655ed6e89a814b75be25f920fe14a9e1 |
|
| /// File Name: |
discussmaster_2-xss.txt |
Description:
|
discussMaster version 2.0 suffers from a cross site scripting vulnerability in forum.asp.
| | Author: | nfw0rm | | File Size: | 306 | | Last Modified: | Aug 19 20:58:51 2007 |
| MD5 Checksum: | 3ed820f0efb40e7c2547701fe4f9c563 |
|
| /// File Name: |
vbul368-xss.txt |
Description:
|
vBulletin version 3.6.8 suffers from multiple cross site scripting vulnerabilities.
| | Author: | Hasadya Raed | | File Size: | 3229 | | Last Modified: | Aug 19 20:47:39 2007 |
| MD5 Checksum: | e17cdad7756a64bbd3c02450599e3873 |
|
| /// File Name: |
squirrelcart-rfi.txt |
Description:
|
Squirrelcart versions 1.x.x and below suffer from a remote file inclusion vulnerability in cart.php.
| | Author: | ShaiMagal | | File Size: | 433 | | Last Modified: | Aug 19 20:43:04 2007 |
| MD5 Checksum: | b3895764e853762ad08f58032d5580b5 |
|
| /// File Name: |
aspnet-xss.txt |
Description:
|
The ASP.NET version of Text File Search suffers from a cross site scripting vulnerability.
| | Author: | GeFORC3 | | Homepage: | http://WwW.GeFORC3.Org | | File Size: | 514 | | Last Modified: | Aug 17 02:05:33 2007 |
| MD5 Checksum: | 1a29eed921a70a5b9de236daa1be2cbe |
|
| /// File Name: |
tfsc-xss.txt |
Description:
|
Text File Search Classic ASP suffers from a cross site scripting vulnerability.
| | Author: | GeFORC3 | | Homepage: | http://WwW.GeFORC3.Org | | File Size: | 471 | | Last Modified: | Aug 17 02:04:46 2007 |
| MD5 Checksum: | 540a9d55646455b498dc99492ba1e379 |
|
| /// File Name: |
TS-2007-003-0.txt |
Description:
|
Template Security has discovered a root privilege escalation vulnerability in the BlueCat Networks Adonis DNS/DHCP appliance which allows the admin user to gain root privilege from the Command Line Interface (CLI). Adonis version 5.0.2.8 is susceptible. Exploit details included.
| | Author: | forloop | | File Size: | 1840 | | Last Modified: | Aug 17 01:59:55 2007 |
| MD5 Checksum: | 8ddae6c8f1a26008bcb28a7971395730 |
|
| /// File Name: |
edraw-insecure.txt |
Description:
|
EDraw Office Viewer Component version 5.1 HttpDownloadFile() insecure method exploit.
| | Author: | shinnai | | Homepage: | http://shinnai.altervista.org/ | | File Size: | 1445 | | Last Modified: | Aug 16 21:21:40 2007 |
| MD5 Checksum: | 84c779928913e5da3e38f4c0ea24717c |
|
| /// File Name: |
2wire-csrf.txt |
Description:
|
2wire routers versions 1701HG and 2071 Gateway are susceptible to cross site request forgery attacks.
| | Author: | hkm | | File Size: | 1357 | | Last Modified: | Aug 16 04:39:07 2007 |
| MD5 Checksum: | 1cd9dcc85c631ceb685b593c17d415a5 |
|
| /// File Name: |
systemedevote-rfi.txt |
Description:
|
Systeme de vote en temps version 1 suffers from a remote file inclusion vulnerability.
| | Author: | Crackers_Child | | File Size: | 952 | | Last Modified: | Aug 16 04:30:25 2007 |
| MD5 Checksum: | 360d17dae01dfe96a6df7e35a10317a6 |
|
| /// File Name: |
zoidboom2.zip |
Description:
|
Zoidcom versions 0.6.7 and below proof of concept exploit that demonstrates a crash vulnerability.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | zoidboom2.txt | | File Size: | 5997 | | Last Modified: | Aug 15 00:32:34 2007 |
| MD5 Checksum: | fdd1276767b240783b50fa34dbdc2544 |
|
| /// File Name: |
bv2x.zip |
Description:
|
Babo Violent 2 versions 2.08.00 and below proof of concept exploit that demonstrates multiple vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | bv2x.txt | | File Size: | 10359 | | Last Modified: | Aug 15 00:28:55 2007 |
| MD5 Checksum: | cdf284f54c0e4ae9a1b96a2c8f1466b8 |
|
| /// File Name: |
lfsfp.zip |
Description:
|
Live For Speed versions 0.5X10 and below proof of concept exploit that demonstrates buffer overflow vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | lfsfp.txt | | File Size: | 182566 | | Last Modified: | Aug 15 00:24:43 2007 |
| MD5 Checksum: | bcdf5b6ec8765b8aa3d286faec157045 |
|
| /// File Name: |
ecs-dos.txt |
Description:
|
Easy Chat Server version 2.2 remote denial of service exploit.
| | Author: | NetJackal | | Homepage: | http://netjackal.by.ru/ | | File Size: | 1643 | | Last Modified: | Aug 15 00:03:32 2007 |
| MD5 Checksum: | 6a52fcbc034380fead5b15c67d498983 |
|
| /// File Name: |
ibm-sql.txt |
Description:
|
IBM Rational ClearQuest Web suffers from a SQL injection vulnerability that allows for login bypass.
| | Author: | sasquatch, rel1k | | Homepage: | http://www.securestate.com/ | | File Size: | 1657 | | Last Modified: | Aug 14 23:41:22 2007 |
| MD5 Checksum: | b6c9972bcf71f1988cea664db277c92c |
|
| /// File Name: |
wireshark-dos.txt |
Description:
|
WireShark versions below 0.99.6 suffer from a denial of service vulnerability when parsing MMS messages. Denial of service exploit included.
| | Author: | Zwell | | Homepage: | http://www.nosec.org/ | | File Size: | 3041 | | Last Modified: | Aug 14 23:38:58 2007 |
| MD5 Checksum: | 30d54c76454c1e4355441db12e9ebed9 |
|
| /// File Name: |
CVE-2007-3386.txt |
Description:
|
Tomcat versions 5.5.0 to 5.5.24 and 6.0.0 to 6.0.13 suffer from a cross site scripting vulnerability in the host manager functionality.
| | Author: | Mark Thomas | | Homepage: | http://tomcat.apache.org/ | | File Size: | 1096 | | Related CVE(s): | CVE-2007-3386 | | Last Modified: | Aug 14 13:52:16 2007 |
| MD5 Checksum: | 858f7fe6d9165bfd0e7d3f14286f66b9 |
|
| /// File Name: |
SURGEMAIL.py.txt |
Description:
|
Surgemail 38k 0-day exploit that binds a shell to TCP/9999.
| | Author: | Joey Mengele | | File Size: | 5359 | | Last Modified: | Aug 14 13:42:08 2007 |
| MD5 Checksum: | 329b80d7aef354d323a4f91268f566ff |
|
| /// File Name: |
diskeeper-disclose.txt |
Description:
|
Diskeeper suffers from a remote memory disclosure vulnerability. Exploit included.
| | Author: | Pravus | | File Size: | 12060 | | Last Modified: | Aug 13 23:40:30 2007 |
| MD5 Checksum: | 50a8b93665caf2e392b51b8a7be205ee |
|
| /// File Name: |
joblister-sql.txt |
Description:
|
JobLister3 by SkilMatch Staffing Systems is susceptible to multiple SQL injection vulnerabilities.
| | Author: | Joseph Giron | | File Size: | 877 | | Last Modified: | Aug 13 23:35:20 2007 |
| MD5 Checksum: | 534495d7db3ba4589717d919ee9f2726 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
