Section: .. / 0703-exploits /
| /// File Name: |
BTP00012P002NF.zip |
Description:
|
Proof of concept exploit that demonstrates how Norton insufficiently protects its driver \Device\SymEvent against manipulation.
| | Homepage: | http://www.matousec.com/ | | Related File: | Norton-symtdi.txt | | File Size: | 3655 | | Last Modified: | Mar 20 00:53:25 2007 |
| MD5 Checksum: | 33aa94922de497dc63585160afb6e8e2 |
|
| /// File Name: |
phpnukesplat-lfi.txt |
Description:
|
PHP-Nuke Module splattforum version 4.0 RC1 local file inclusion exploit.
| | Author: | GolD_M | | File Size: | 3612 | | Last Modified: | Mar 19 23:38:44 2007 |
| MD5 Checksum: | b6f39bdeec9aec87be98aeefc75f3c28 |
|
| /// File Name: |
Advisory4-20022007.txt |
Description:
|
WordPress versions 2.1.0 and below suffer from cross site request forgery with cross site scripting vulnerabilities. Oh, the madness.
| | Author: | ciri | | File Size: | 3570 | | Last Modified: | Mar 6 00:33:55 2007 |
| MD5 Checksum: | 93806b027a2070a80c055dea2233591a |
|
| /// File Name: |
geblog01-lfi.txt |
Description:
|
GeBlog version 0.1 local file inclusion exploit.
| | Author: | GolD_M | | Homepage: | http://www.tryag.cc/ | | File Size: | 3553 | | Last Modified: | Mar 20 23:18:17 2007 |
| MD5 Checksum: | 3a88c21fd98452eb92aed8db09f9b763 |
|
| /// File Name: |
overtheledger.txt |
Description:
|
LedgerSMB versions below 1.1.10 and SQL-Ledger versions below 2.6.27 suffer from arbitrary code execution flaws. SQL-Ledger also suffers from an authentication bypass vulnerability. Details provided.
| | Author: | Chris Travers | | File Size: | 3546 | | Last Modified: | Mar 20 11:21:17 2007 |
| MD5 Checksum: | 1df79a09478cc2fde3152194518168e9 |
|
| /// File Name: |
SA-20070314-0.txt |
Description:
|
SEC Consult Security Advisory 20070314-0 - If the Apache HTTP Server and Tomcat are configured to interoperate with the common proxy modules (mod_proxy, mod_rewrite, mod_jk), an attacker might be able to break out of the intended destination path up to the webroot in Tomcat.
| | Author: | D. Matscheko | | Homepage: | http://www.sec-consult.com | | File Size: | 3512 | | Related CVE(s): | CVE-2007-0450 | | Last Modified: | Mar 19 23:26:18 2007 |
| MD5 Checksum: | 5262c705a158558fe3884f0bbf91fb63 |
|
| /// File Name: |
grandstream-dos.txt |
Description:
|
The Grandstream Budge Tone-200 IP phone is susceptible to denial of service attacks. Exploit included.
| | Author: | Humberto J. Abdelnur, Radu State, Olivier Festor | | Homepage: | http://madynes.loria.fr/ | | File Size: | 3439 | | Last Modified: | Mar 21 21:40:37 2007 |
| MD5 Checksum: | 9ebee1b7d1d227148e557f9ff1a36b05 |
|
| /// File Name: |
adv80-K-159-2007.txt |
Description:
|
Time-Assistant versions 6.2 and below suffer from a remote file inclusion vulnerability.
| | Author: | K-159 | | Homepage: | http://k-159.echo.or.id/ | | File Size: | 3411 | | Last Modified: | Apr 2 18:24:38 2007 |
| MD5 Checksum: | fe12846c2ca614269315d1d1cc1d0e71 |
|
| /// File Name: |
linux-dccp.txt |
Description:
|
The Linux kernel suffers from a DCCP memory disclosure vulnerability. Proof of concept exploit included. Kernel versions 2.6.20 and above are affected.
| | Author: | Robert Swiecki | | Homepage: | http://www.swiecki.net/ | | File Size: | 3394 | | Last Modified: | Mar 29 01:54:07 2007 |
| MD5 Checksum: | 0a85b24758c65f57b208b459d9d1215a |
|
| /// File Name: |
roc-lfi.txt |
Description:
|
RoseOnlineCMS version 3 beta 2 local file inclusion exploit.
| | Author: | Mahmood_ali | | File Size: | 3272 | | Last Modified: | Mar 23 20:52:38 2007 |
| MD5 Checksum: | 718b499f5d18594f162dc23f5e4e9ba0 |
|
| /// File Name: |
phpnuke-ab-lfi.txt |
Description:
|
PHP-Nuke module Addressbook version 1.2 local file inclusion exploit.
| | Author: | bd0rk | | Homepage: | http://www.soh-crew.it.tt/ | | File Size: | 3264 | | Last Modified: | Mar 26 22:38:16 2007 |
| MD5 Checksum: | 242e8e28ebf166b8f981bbfe7e24301d |
|
| /// File Name: |
libero-xss.txt |
Description:
|
The libero.it ISP web site is susceptible to more cross site scripting attacks.
| | Author: | Rosario Valotta | | File Size: | 3246 | | Last Modified: | Mar 26 23:41:31 2007 |
| MD5 Checksum: | 4d0637f6fef82874f64126e9e000fe08 |
|
| /// File Name: |
grayscale-multi.txt |
Description:
|
Grayscale Blog version 0.8.0 suffers from SQL injection, security bypass, and cross site scripting vulnerabilities.
| | Author: | omnipresent | | File Size: | 3093 | | Last Modified: | Mar 13 20:38:31 2007 |
| MD5 Checksum: | 2918d72fe508a8bae80cff4f9ea28405 |
|
| /// File Name: |
icebb-1.0-exec.txt |
Description:
|
IceBB version 1.0-rc5 remote code execution exploit.
| | Author: | Hessam-x | | Homepage: | http://www.hessamx.net | | File Size: | 3085 | | Last Modified: | Mar 26 22:36:05 2007 |
| MD5 Checksum: | f96b06c1528206699755dc7b5789143f |
|
| /// File Name: |
katalog-sql.txt |
Description:
|
Katalog Plyt Audio versions 1.0 and below remote SQL injection exploit.
| | Author: | Kacper | | Homepage: | http://www.rahim.webd.pl/ | | File Size: | 3060 | | Last Modified: | Mar 19 23:35:10 2007 |
| MD5 Checksum: | 385f51b972ef05e24c6e0df60e68b5a7 |
|
| /// File Name: |
PBLang-466.txt |
Description:
|
PBlang versions 4.66z and below remote create Admin exploit.
| | Author: | Hessam-x | | Homepage: | http://www.hessamx.net | | File Size: | 2834 | | Last Modified: | Mar 26 22:33:31 2007 |
| MD5 Checksum: | 6a8f5f94ff0455416ce9915e3af15445 |
|
| /// File Name: |
asterisk-sip-kill.c |
Description:
|
Remote denial of service exploit for Asterisk PBX that makes use of a bug in the SIP channel driver. Versions below 1.2.16 and below 1.4.1 are affected.
| | Author: | Anonymous | | File Size: | 2817 | | Last Modified: | Mar 8 17:42:48 2007 |
| MD5 Checksum: | 7bc997a83ca3b9c66f2f973b835daed5 |
|
| /// File Name: |
phpraid-rfi.txt |
Description:
|
phpRaid versions 3.0.7 and below suffer from a remote file inclusion vulnerability.
| | Author: | Cold Zero | | File Size: | 2697 | | Last Modified: | Mar 20 23:20:27 2007 |
| MD5 Checksum: | 2656dc0a423e40b1f65ac1dbf8b746c1 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
