Section: .. / 0712-exploits /
| /// File Name: |
runcms-sql.txt |
Description:
|
RunCMS version 1.6 get admin cookie remote blind SQL injection exploit.
| | Author: | Sh2kerr | | Homepage: | http://www.dsec.ru/ | | File Size: | 6020 | | Last Modified: | Dec 28 17:25:14 2007 |
| MD5 Checksum: | 087b777aa997d970867589f82d3062e7 |
|
| /// File Name: |
smb_mailslot.c |
Description:
|
Proof of concept denial of service exploit for Samba version 3.0.27a that makes use of the send_mailslot() remote buffer overflow vulnerability.
| | Author: | x86 | | File Size: | 5859 | | Last Modified: | Dec 17 20:13:51 2007 |
| MD5 Checksum: | 3485bae9e408f3c94dc69a10d99e5e75 |
|
| /// File Name: |
mpc-overflow.txt |
Description:
|
Media Player Classic version 6.4.9 MP4 stack overflow that spawns a shell on port 49152.
| | Author: | SYS 49152 | | File Size: | 5800 | | Last Modified: | Dec 8 17:36:37 2007 |
| MD5 Checksum: | b07e824571fddb46fa6ac45f05631500 |
|
| /// File Name: |
runcms-multi.txt |
Description:
|
RunCMS version 1.6 suffers from SQL injection, cross site scripting, predictable session id, and other vulnerabilities.
| | Author: | Alexandr Polyakov,Stas Svistunovich | | File Size: | 5746 | | Last Modified: | Dec 28 17:29:08 2007 |
| MD5 Checksum: | 81623bea6360468867a46926a84073b5 |
|
| /// File Name: |
cisco7940-dos.txt |
Description:
|
The Cisco 7940 is susceptible to a denial of service vulnerability when sent a sequence of SIP INVITE transactions. Demonstration exploit included.
| | Author: | Humberto J. Abdelnur, Olivier Festor, Radu State | | File Size: | 5444 | | Last Modified: | Dec 6 01:01:28 2007 |
| MD5 Checksum: | 476d20825458cc4dc9ed9f787cda002e |
|
| /// File Name: |
nokia-dos.txt |
Description:
|
The Nokia RM-159 version 12.0.013 suffers from a denial of service vulnerability when accepting a special sequence of SIP messages. Demonstration exploit included.
| | Author: | Humberto J. Abdelnur, Olivier Festor, Radu State | | File Size: | 5351 | | Last Modified: | Dec 6 00:59:46 2007 |
| MD5 Checksum: | 427fc82126eac8abc607bf6ba463852a |
|
| /// File Name: |
runcms-sqlids.txt |
Description:
|
RunCMS version 1.6 remote blind SQL injection exploit with IDS evasion capabilities.
| | Author: | Sh2kerr | | Homepage: | http://www.dsec.ru/ | | File Size: | 5245 | | Last Modified: | Dec 28 17:54:59 2007 |
| MD5 Checksum: | 91053be594c500d5c8d4bf8e2c602710 |
|
| /// File Name: |
seclog-2007-001.txt |
Description:
|
NoseRub versions 0.5.2 and below suffer from a SQL injection vulnerability.
| | Author: | Felix Groebert | | Homepage: | http://seclog.de/ | | File Size: | 4944 | | Last Modified: | Dec 28 20:23:30 2007 |
| MD5 Checksum: | 082b8e4c54ce3efe96c596a7cfe889dc |
|
| /// File Name: |
nmn-rfi.txt |
Description:
|
NmnNewsletter version 1.0.7 is susceptible to remote file inclusion attacks.
| | Author: | CraCkEr | | File Size: | 4774 | | Last Modified: | Dec 24 14:47:47 2007 |
| MD5 Checksum: | 59fdbe7befce99be4efa31de4d8196e1 |
|
| /// File Name: |
imesh-heap.txt |
Description:
|
iMesh versions 7.1.0.x and below IMWebControl Class remote heap exploit that takes advantage of IMWeb.dll 7.0.0.x.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 4764 | | Last Modified: | Dec 18 12:35:49 2007 |
| MD5 Checksum: | 42930ee1dd8cb7baee59504d0ce136cb |
|
| /// File Name: |
teamcal-rfilfi.txt |
Description:
|
TeamCalpro version 3.1.000 suffers from multiple remote and local file inclusion vulnerabilities.
| | Author: | GolD_M | | Homepage: | http://www.tryag.cc/ | | File Size: | 4627 | | Last Modified: | Dec 28 17:22:33 2007 |
| MD5 Checksum: | b4538f15fe51b92d7ea8c6340634d2d2 |
|
| /// File Name: |
backdoored-bluetooth.c |
Description:
|
Local root exploit for the Bluetooth stack that is a part of Linux kernel versions below 2.6.11.5.
| | Homepage: | http://backdoored.net/ | | File Size: | 4574 | | Last Modified: | Dec 7 19:27:09 2007 |
| MD5 Checksum: | d35e87593cf1e517e7343d9981c8d1e2 |
|
| /// File Name: |
hpopen-overflow.txt |
Description:
|
HP OpenView Network Node Manager version 07.50 CGI remote buffer overflow exploit that spawns a shell on tcp/4444.
| | Author: | Muts | | Homepage: | http://www.offensive-security.com/ | | File Size: | 4492 | | Last Modified: | Dec 12 17:47:12 2007 |
| MD5 Checksum: | b951951b30d381eef1be4d2ef5fcb558 |
|
| /// File Name: |
xnu-superblob-dos.c |
Description:
|
Apple Mac OS X xnu versions 1228.0 and below local kernel denial of service proof of concept exploit.
| | Author: | mu-b | | File Size: | 4429 | | Last Modified: | Dec 12 17:43:21 2007 |
| MD5 Checksum: | 10a647463477175d18b997a41f947014 |
|
| /// File Name: |
xzero-lfisql.txt |
Description:
|
XZero Community Classifieds versions 4.95.11 and below suffer from local file inclusion and SQL injection vulnerabilities.
| | Author: | Kw3rLN | | Homepage: | http://rstzone.net/ | | File Size: | 4357 | | Last Modified: | Dec 28 18:04:02 2007 |
| MD5 Checksum: | 772f2fe989b9c4b0e01aea6fcbdb1d3c |
|
| /// File Name: |
badblue-overflow.txt |
Description:
|
BadBlue version 2.72 PassThru remote buffer overflow exploit that binds a shell to port 4444.
| | Author: | Jacopo Cervini | | Related Exploit: | badbluebof.zip | | File Size: | 4333 | | Related CVE(s): | CVE-2007-6379 | | Last Modified: | Dec 24 19:19:11 2007 |
| MD5 Checksum: | c4b6a955a3684ba4dbc25ba4c3285f11 |
|
| /// File Name: |
trivantis-sql.txt |
Description:
|
The Trivantis CourseMill Enterprise Learning Management System version 4.1 SP4 suffers from a remote SQL injection vulnerability.
| | Author: | sasquatch | | Homepage: | http://www.securestate.com/ | | File Size: | 4257 | | Related CVE(s): | CVE-2007-6338 | | Last Modified: | Dec 13 18:12:06 2007 |
| MD5 Checksum: | d11f9998484219744a0afb2467c1aa7a |
|
| /// File Name: |
pmos-exec.txt |
Description:
|
PMOS Help Desk versions 2.4 and below remote command execution exploit.
| | Author: | EgiX | | File Size: | 4253 | | Last Modified: | Dec 28 17:51:45 2007 |
| MD5 Checksum: | 38a0ab698014f8f7c7c898f6bc84147a |
|
| /// File Name: |
realpdos_au.txt |
Description:
|
RealPlayer 11 suffers from a denial of service condition when handling a malformed AU file exploit.
| | Author: | Abed Adonis | | Homepage: | http://www.safehack.com/ | | File Size: | 4226 | | Last Modified: | Dec 2 16:11:19 2007 |
| MD5 Checksum: | 90c2bb1c01945a3dd9a72b22cde47e8a |
|
| /// File Name: |
barracuda-multi.txt |
Description:
|
The BarracudaDrive Web Server versions 3.7.2 and below suffer from directory traversal, arbitrary file deletion, and multiple other vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | File Size: | 4176 | | Last Modified: | Dec 10 20:07:12 2007 |
| MD5 Checksum: | 113bb500b222f40b5ac4215124d35eca |
|
| /// File Name: |
zeuscms-blindsql.txt |
Description:
|
ZeusCMS versions 0.3 and below remote blind SQL injection exploit.
| | Author: | EgiX | | File Size: | 4164 | | Last Modified: | Dec 28 19:41:52 2007 |
| MD5 Checksum: | a157260b8ca969efcfb0a9158879a48b |
|
| /// File Name: |
tikiwiki-traverse.txt |
Description:
|
The Tikiwiki CMS has a vulnerability that allows an attacker to get the first 1000 bytes from an arbitrary file through the tiki-listmovies.php script.
| | Author: | Jesus Olmos Gonzalez | | File Size: | 4142 | | Last Modified: | Dec 24 18:54:10 2007 |
| MD5 Checksum: | 5eee6c20979ac907f14a5250773f0b54 |
|
| /// File Name: |
rosoft-player-expl.c |
Description:
|
Rosoft Media Player versions 4.1.7 and below .M3U file stack overflow exploit that binds a shell to port 4444.
| | Author: | devcode | | File Size: | 4003 | | Last Modified: | Dec 18 19:53:35 2007 |
| MD5 Checksum: | b0d500f7a138af644f1478ce0bd1a532 |
|
| /// File Name: |
xmpbof.zip |
Description:
|
Proof of concept exploit for Extended Module Player (XMP) versions 2.5.1 and below which suffer from multiple buffer overflow vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | xmpbof.txt | | File Size: | 3860 | | Last Modified: | Dec 28 19:53:07 2007 |
| MD5 Checksum: | 8d7bfaa9c293f0bd225507608417a07e |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
