Section: .. / 0803-exploits /

Page 1 of 9
<< 1 2 3 4 5 6 7 8 9 >> Files 1 - 25 of 203

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	ZyWALL.pdf
Description:	The ZyXEL ZyWALL Quagga/Zebra appliance suffers from a remote root vulnerability due to a hardcoded password.
Author:	Pranav Joshi
File Size:	176233
Related CVE(s):	CVE-2008-1160
Last Modified:	Mar 19 18:50:32 2008
MD5 Checksum:	f68fd54572eda9a59b61287df04d39ba

/// File Name:	zha0_ms08_014.rar
Description:	Microsoft Office Excel code execution exploit that makes use of the vulnerability noted in MS08-014.
Author:	zha0
Homepage:	http://chroot.org/
File Size:	105031
Last Modified:	Mar 21 17:31:13 2008
MD5 Checksum:	98c61b24ed45d40016da5211b9d5d0b4

/// File Name:	ms08-016.tgz
Description:	Microsoft Office XP SP3 Powerpoint file buffer overflow exploit that spawns calc.exe. Based off of the vulnerability listed in MS08-016.
Author:	Marsu
File Size:	66734
Last Modified:	Mar 31 20:21:48 2008
MD5 Checksum:	862448b46ec7362c469ba9d98a907038

/// File Name:	linksys-bypass.txt
Description:	The Linksys WRT54G firmware version 1.00.9 suffers from a slew of bypass vulnerabilities. Full details provided.
Author:	meathive
Homepage:	http://kingpinz.info/
File Size:	29628
Related CVE(s):	CVE-2008-1247
Last Modified:	Mar 26 17:47:04 2008
MD5 Checksum:	8559281ba032422a38a3c872fcc31a74

/// File Name:	CORE-2008-0124.txt
Description:	Core Security Technologies Advisory - Google's Android SDK suffers from heap and integer overflow vulnerabilities. Proof of concept code included.
Homepage:	http://www.coresecurity.com/corelabs/
File Size:	25015
Related CVE(s):	CVE-2008-0986, CVE-2008-0985, CVE-2006-5793, CVE-2007-2445, CVE-2007-5267, CVE-2007-5266, CVE-2007-5268, CVE-2007-5269
Last Modified:	Mar 4 17:33:55 2008
MD5 Checksum:	c9c5bb3ad0e49a29b6d4c10f2f816f66

/// File Name:	peelcms-upload.txt
Description:	PEEL CMS administrative hash extraction and remote upload exploit.
Author:	real
File Size:	24750
Last Modified:	Mar 19 18:55:55 2008
MD5 Checksum:	a6df4f28ff0b9aece407aef838a642c1

/// File Name:	vhcs-root.txt
Description:	VHCS versions 2.4.7.1 and below vhcs2_daemon remote root exploit.
Author:	DarkFig
File Size:	24633
Last Modified:	Mar 12 18:57:56 2008
MD5 Checksum:	df760d0d58a74a7d16f198387ff6d50a

/// File Name:	CORE-2008-0204.txt
Description:	Core Security Technologies Advisory - Timbuktu Pro suffers from remote path traversal and log injection vulnerabilities.
Author:	Sebastian Muniz
Homepage:	http://www.coresecurity.com/corelabs/
File Size:	22369
Related CVE(s):	CVE-2008-1117, CVE-2008-1118
Last Modified:	Mar 13 00:18:57 2008
MD5 Checksum:	6c5293cfd619976962978d9f5c616f1e

/// File Name:	starteamz.zip
Description:	Proof of concept exploit for Borland StarTeam server 2008 versions 10.0.0.57 and below which suffer from multiple integer overflow vulnerabilities.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	starteamz.txt
File Size:	12766
Last Modified:	Mar 3 17:55:54 2008
MD5 Checksum:	6815a2764f68ec83603e65807f84410f

/// File Name:	CORE-2008-0123.txt
Description:	Core Security Technologies Advisory - MacOS X Server 10.5, also known as Leopard Server, features a Wiki Server, which is a multiuser web application written in Python. The Wiki Server is vulnerable to a path traversal attack, which can be exploited by non-privileged system users via a forged file upload to write arbitrary files on locations in the server filesystem, restricted only by privileges of the Wiki Server application.
Author:	Sebastian Muniz
Homepage:	http://www.coresecurity.com/corelabs/
File Size:	12296
Related CVE(s):	CVE-2008-1000
Last Modified:	Mar 18 22:29:50 2008
MD5 Checksum:	a8297f60a8f4c62384f507aa8201b0eb

/// File Name:	tftpx.zip
Description:	Proof of concept exploit for Argon Client Management Services versions 1.31 and below which suffer from a directory traversal vulnerability. Example use of this would be tftpx SERVER ../../windows/win.ini none or tftpx SERVER ..\boot.ini none.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	tftpx.txt
File Size:	12240
Last Modified:	Mar 12 23:03:10 2008
MD5 Checksum:	06a2d2ed65471289db737ab86db4e121

/// File Name:	versantcmd.zip
Description:	Proof of concept exploit for Vershant Object Database versions 7.0.1.3 and below which suffer from an arbitrary command execution vulnerability.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	versantcmd.txt
File Size:	9531
Last Modified:	Mar 4 17:41:09 2008
MD5 Checksum:	ec88fd8522f638131105b8ed0c3c8210

/// File Name:	maildisable.zip
Description:	Proof of concept code for MailEnable Professional and Enterprise versions 3.13 and below which suffer from buffer overflow and null pointer vulnerabilities.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	maildisable.txt
File Size:	8320
Last Modified:	Mar 12 18:00:58 2008
MD5 Checksum:	00081b658d10b2a437090f20108af307

/// File Name:	timbuto.zip
Description:	Proof of concept exploit for Timbuktu Pro Remote Control Software version 8.6.5 and below which suffer from denial of service and limited upload directory traversal vulnerabilities.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	timbuto.txt
File Size:	8093
Last Modified:	Mar 12 23:17:23 2008
MD5 Checksum:	f2021eab5c3ffe7fe8d3e24e84f91f9a

/// File Name:	RecurityLabs_Cisco_ACS_UCP_advisory..>
Description:	The Cisco Secure Access Control Server (ACS) for Windows User-Changeable Password (UCP) application suffers from buffer overflow and cross site scripting vulnerabilities. Details provided.
Author:	FX
Homepage:	http://www.recurity-labs.com/
File Size:	7922
Related CVE(s):	CVE-2008-0532, CVE-2008-0533
Last Modified:	Mar 13 01:40:20 2008
MD5 Checksum:	961e3eb6859ac0685950a52be2066222

/// File Name:	netwin-list.txt
Description:	NetWin Surgemail version 3.8k4-4 IMAP post-auth remote LIST universal exploit that binds a shell to port 4444.
Author:	Matteo Memelli
Homepage:	http://be4mind.com/
File Size:	7777
Last Modified:	Mar 15 16:45:03 2008
MD5 Checksum:	99b94e615985921c4d1069b2d2579afe

/// File Name:	auracms-bypass.txt
Description:	AuraCMS versions 2.0 through 2.2.1 security code bypass and add administrator exploit.
Author:	NTOS-Team
Homepage:	http://newhack.org/
File Size:	7685
Last Modified:	Mar 31 20:28:47 2008
MD5 Checksum:	712057a75b49ad6414cca3c757d2c833

/// File Name:	perforces.zip
Description:	Proof of concept exploit for Perforce Servers versions 2007.3/143793 and below which suffer from NULL pointer, invalid memory access, and endless loop vulnerabilities.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	perforces.txt
File Size:	7655
Last Modified:	Mar 12 16:25:00 2008
MD5 Checksum:	9adbab222706b40bb0b2d9d11943484c

/// File Name:	soliduro.zip
Description:	Demonstration exploit code for IBM solidDB versions 6.00.1018 and below which suffer from format string, crash, NULL pointer, and server termination vulnerabilities.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	soliduro.txt
File Size:	7582
Last Modified:	Mar 26 18:19:42 2008
MD5 Checksum:	8d76275f73d80dc5ec96a9080080b81c

/// File Name:	visibroken.zip
Description:	Proof of concept exploit for Borland VisiBroker Smart Agent versions 08.00.00.C1.03 and below which suffer from a heap overflow vulnerability.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	visibroken.txt
File Size:	7157
Last Modified:	Mar 3 17:54:19 2008
MD5 Checksum:	32730376095f199dcfecd236fa824c02

/// File Name:	meccaffi.zip
Description:	Proof of concept exploit for McAfee Framework versions 3.6.0.569 and below which suffer from a format string vulnerability.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	meccaffi.txt
File Size:	7043
Last Modified:	Mar 13 01:55:42 2008
MD5 Checksum:	926d29e336b9bf10cf97decaaccaf564

/// File Name:	xinehof.zip
Description:	Proof of concept exploit for xine-lib versions 1.1.11 and below which suffer from six heap overflow vulnerabilities.
Author:	Luigi Auriemma
Homepage:	http://aluigi.org/
Related File:	xinehof.txt
File Size:	6408
Last Modified:	Mar 20 17:18:44 2008
MD5 Checksum:	d02c0ba73314b12c4d3e8add20c0d98b

/// File Name:	danneo-sql.txt
Description:	Danneo CMS version 0.5.1 and below remote blind SQL injection exploit.
Author:	InATeam
Homepage:	http://inattack.ru/
File Size:	6398
Last Modified:	Mar 13 00:44:08 2008
MD5 Checksum:	6ca493856204b404ae7c8820c9eabdf5

/// File Name:	mdaemon-overflow.txt
Description:	MDaemon IMAP server version 9.6.4 FETCH command remote buffer overflow universal exploit that binds a shell to port 4444.
Author:	Matteo Memelli
Homepage:	http://be4mind.com/
File Size:	6316
Last Modified:	Mar 13 16:36:15 2008
MD5 Checksum:	5c3dca8af2b66bd7bdccb920792c39bf

/// File Name:	blackboard-xss.txt
Description:	Blackboard versions 7.x and below suffer from multiple cross site scripting vulnerabilities.
Author:	Knight4vn
File Size:	5623
Last Modified:	Mar 26 16:25:27 2008
MD5 Checksum:	0a8b01d36622434b60afb5e0e9ff8583