Section: .. / 0605-exploits /
| /// File Name: |
ONE.zip |
Description:
|
Proof of concept CHM file that demonstrates a heap corruption vulnerability in the Microsoft Infotech Storage System Library (itss.dll).
| | Homepage: | http://www.reversemode.com | | Related File: | msinfotech.txt | | File Size: | 112444 | | Last Modified: | May 21 14:00:42 2006 |
| MD5 Checksum: | c6ba8f0637847f344f09749d03f8ee17 |
|
| /// File Name: |
phpbb_2020_admin_xpl.html |
Description:
|
phpBB versions 2.0.20 and below Admin/Restore Database/default_lang remote command execution exploit.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 35405 | | Last Modified: | May 21 23:13:28 2006 |
| MD5 Checksum: | b23c5dcf8fcc7a278dc123828afadaac |
|
| /// File Name: |
phpfusion600306.txt |
Description:
|
PHPFusion versions 6.00.306 and below avatar mod_mime arbitrary file upload and local inclusion exploit.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 22633 | | Last Modified: | May 17 03:21:56 2006 |
| MD5 Checksum: | f5bcf8710f13d1708ad87f44dc1fa466 |
|
| /// File Name: |
WordPress-2.0.2.txt |
Description:
|
WordPress versions less than or equal to 2.0.2 'cache' shell injection exploit.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org | | File Size: | 14847 | | Last Modified: | May 29 01:39:51 2006 |
| MD5 Checksum: | b6dda5f5447988566d4396753bec3891 |
|
| /// File Name: |
unb_161p1_incl_xpl.txt |
Description:
|
Remote exploit for an arbitrary file inclusion flaw in Unclassified NewsBoard versions 1.6.1 and below.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 14680 | | Last Modified: | May 21 14:51:40 2006 |
| MD5 Checksum: | e8f16fb1802a3ed9184772e24f918336 |
|
| /// File Name: |
sugarsuite.txt |
Description:
|
Sugar Suite Open Source versions 4.2 and below "OptimisticLock!" arbitrary remote inclusion exploit.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 11652 | | Last Modified: | May 21 23:42:54 2006 |
| MD5 Checksum: | 3d1e423c7170e7d676e17ca14394c9c3 |
|
| /// File Name: |
x7chatphp.txt |
Description:
|
Exploit for X7 Chat version 2.0 and below that makes use of an arbitrary local file inclusion flaw that allows for code execution.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 11240 | | Last Modified: | May 5 06:01:36 2006 |
| MD5 Checksum: | 8ddfeed4eb4f13bd76034699f8afff5b |
|
| /// File Name: |
Drupal-4.7.txt |
Description:
|
Drupal versions less than or equal to 4.7 attachment mod_mime poc exploit.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org | | File Size: | 10995 | | Last Modified: | May 26 19:25:12 2006 |
| MD5 Checksum: | c14c68c560eeda956bd59c8cc892cad3 |
|
| /// File Name: |
eBD-es.txt |
Description:
|
eBusiness Designer versions 3.1.4 and below suffer from arbitrary file upload, code execution, and cross site scripting flaws. Spanish version of this advisory.
| | Author: | Pedro Andujar | | Homepage: | http://www.digitalsec.es/ | | File Size: | 10305 | | Last Modified: | May 21 14:31:11 2006 |
| MD5 Checksum: | 0205f6041a18dab18e3cc221349d0add |
|
| /// File Name: |
cyruspop3d.c |
Description:
|
A remote stack-based buffer overrun exists in Cyrus-imapd pop3d. Details and an exploit are included.
| | Author: | kcope | | File Size: | 10019 | | Last Modified: | May 22 03:20:00 2006 |
| MD5 Checksum: | 68899d1810acb42fb37d1bfa4da967a3 |
|
| /// File Name: |
eBD-en.txt |
Description:
|
eBusiness Designer versions 3.1.4 and below suffer from arbitrary file upload, code execution, and cross site scripting flaws. English version of this advisory.
| | Author: | Pedro Andujar | | Homepage: | http://www.digitalsec.es/ | | File Size: | 9858 | | Last Modified: | May 21 14:30:48 2006 |
| MD5 Checksum: | 8e1244d56d06ba6677b6b713ca60b897 |
|
| /// File Name: |
outgunx.zip |
Description:
|
Proof of concept exploit for Outgun versions 1.0.3 bot 2 and below which suffer from various flaws including a buffer overflow and invalid memory access.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | outgunx.txt | | File Size: | 9757 | | Last Modified: | May 21 23:05:25 2006 |
| MD5 Checksum: | e09d9ae80f73445ad8e0d751614419fe |
|
| /// File Name: |
deluxebb.txt |
Description:
|
DeluxeBB versions 1.06 and below attachment momd_mime exploit.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 9191 | | Last Modified: | May 22 01:17:44 2006 |
| MD5 Checksum: | 5782aee529a3ac5c704cf126960aa250 |
|
| /// File Name: |
raydiumx.zip |
Description:
|
Remote proof of concept exploit for Raydium versions SVN revision 309 and below.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | raydiumx.txt | | File Size: | 7354 | | Last Modified: | May 21 18:42:01 2006 |
| MD5 Checksum: | 840c51521229c96ec8befa14174f520e |
|
| /// File Name: |
xoops20132.txt |
Description:
|
XOOPS versions 2.0.13.2 and below xoopsOptions[nocommon] exploit.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 7190 | | Last Modified: | May 23 04:29:43 2006 |
| MD5 Checksum: | 6cf58227b6752d94bb378d1d44285c83 |
|
| /// File Name: |
libextho.zip |
Description:
|
Proof of concept exploit for heap overflow vulnerabilities in libextractor versions 0.5.13 and below.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | libextho.txt | | File Size: | 7060 | | Last Modified: | May 22 01:47:29 2006 |
| MD5 Checksum: | b4d9b6668ca12959ed3e04d3db7a389b |
|
| /// File Name: |
genecysbof.zip |
Description:
|
Proof of concept exploit for Genecys versions 0.2 and below, which suffer from a buffer overflow and a NULL pointer crash.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | genecysbof.txt | | File Size: | 6990 | | Last Modified: | May 21 20:49:06 2006 |
| MD5 Checksum: | b6d569d0788e33d99ad72af2b72898f5 |
|
| /// File Name: |
invision215-SQL.txt |
Description:
|
Invision Power Board version 2.1.5 remote SQL injection exploit.
| | Author: | Ykstortion Security Team | | File Size: | 6619 | | Last Modified: | May 2 02:38:45 2006 |
| MD5 Checksum: | e117594ca9ad4e5fc2779a31025f6f57 |
|
| /// File Name: |
empiredos.zip |
Description:
|
Proof of concept denial of service exploit for Empire versions 4.3.2 and below.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | empiredos.txt | | File Size: | 6595 | | Last Modified: | May 21 20:54:00 2006 |
| MD5 Checksum: | d3add439b06223e603dc0497beb9b317 |
|
| /// File Name: |
neo-Advisory-20.txt |
Description:
|
CuteNews version 1.4.1 suffers from cross site scripting and path disclosure vulnerabilities.
| | Author: | k4p0 | | Homepage: | http://NeoSecurityTeam.net/ | | File Size: | 5797 | | Last Modified: | May 6 17:42:05 2006 |
| MD5 Checksum: | dce0eadd94bc32fd89637afe02ed2f8b |
|
| /// File Name: |
NucleusCMS.txt |
Description:
|
Nucleus CMS versions 3.22 and below arbitrary remote inclusion exploit.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 5587 | | Last Modified: | May 26 18:17:18 2006 |
| MD5 Checksum: | e4a99251c24a10c81dda88a9d0abe698 |
|
| /// File Name: |
PunkBuster-1.229.txt |
Description:
|
The WebTool service of PunkBuster is vulnerable to a buffer overflow. POC included.
| | Homepage: | http://aluigi.org | | File Size: | 5214 | | Last Modified: | May 26 18:36:08 2006 |
| MD5 Checksum: | 284bbeb329bfd03f9b7c11de0fc64f32 |
|
| /// File Name: |
rt-sa-2006-003.txt |
Description:
|
RedTeam identified a security flaw in perlpodder versions 0.4 and below which makes it possible for a malicious podcast server to execute arbitrary shell commands on the victim's client.
| | Author: | RedTeam Pentesting | | Homepage: | http://www.redteam-pentesting.de/ | | File Size: | 4895 | | Last Modified: | May 24 04:51:45 2006 |
| MD5 Checksum: | 2ce1556c7e33703d3897b94f9c7ad28c |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
