Section: .. / 0607-exploits /
| /// File Name: |
os2a_1006.txt |
Description:
|
PHP-Blogger version 2.2.5 is susceptible to cross site scripting flaws.
| | Author: | Pavithra Hanchagaiah | | File Size: | 2784 | | Last Modified: | Jul 9 08:29:50 2006 |
| MD5 Checksum: | 8d7aa11f408b19758b1fabc968047364 |
|
| /// File Name: |
sturgeon.txt |
Description:
|
SturGeoN Upload version 1 remote command execution exploit.
| | Author: | DarkFig | | File Size: | 2714 | | Last Modified: | Jul 2 05:53:26 2006 |
| MD5 Checksum: | 0327a95ec14ba2e334d4d2efa9ae6dbd |
|
| /// File Name: |
filecopa101.txt |
Description:
|
Remote buffer overflow exploit for FileCOPA FTP server versions 1.01 and below that spawns a shell on tcp/4444.
| | Author: | acaro | | File Size: | 2657 | | Last Modified: | Jul 24 03:06:47 2006 |
| MD5 Checksum: | 400270e50448055136da6dddcc792892 |
|
| /// File Name: |
advisory-355.txt |
Description:
|
AjaxPortal version 3.0 is susceptible to a SQL injection flaw.
| | Author: | trueend5 | | Homepage: | http://www.kapda.ir/ | | File Size: | 2461 | | Last Modified: | Jul 9 08:57:56 2006 |
| MD5 Checksum: | 16f85693d2f33c14973fb134ce5c9fac |
|
| /// File Name: |
ERNW-02-2006.txt |
Description:
|
The sipXtapi library from sip foundry contains a buffer overflow when parsing the CSeq field. This flaw can be used by an attacker to gain control over EIP and execute arbitrary code.
| | Author: | Michael Thumann | | Homepage: | http://www.ernw.de/ | | File Size: | 2448 | | Last Modified: | Jul 12 04:23:54 2006 |
| MD5 Checksum: | c010346dac61c34e1e335b3013a60a2f |
|
| /// File Name: |
2006300687985463.txt |
Description:
|
The FlexWATCH camera server is susceptible to cross site scripting and authorization bypass flaws. Vulnerable versions include 3.0 for FW-3400-A (PAL), 2.0 (PAL), and 2.3 (NTSC).
| | Author: | Jaime Blasco | | Homepage: | http://www.digitalarmaments.com/ | | File Size: | 2437 | | Last Modified: | Jul 12 04:48:57 2006 |
| MD5 Checksum: | 5446201e1c72f57259c77a7eb8a58c4d |
|
| /// File Name: |
eIQ-LM-2.txt |
Description:
|
This Metasploit module exploits the buffer overflow found in the LICMGR_ADDLICENSE Field of EIQ networks network analyzer. This module exploits buffers of 1262 bytes in size. This module should work on all rebranded eiq analyzers. Exploitation assistance from KF of digital munition.
| | Author: | ri0t | | File Size: | 2435 | | Last Modified: | Jul 27 23:09:34 2006 |
| MD5 Checksum: | ddeca744de09b27c3a7b8b0c0df91427 |
|
| /// File Name: |
eIQ-LM-1.txt |
Description:
|
This Metasploit module exploits the buffer overflow found in the LICMGR_ADDLICENSE Field of EIQ networks network analyzer. This module exploits buffers of 494 bytes in size. This module should work on all EIQ branded analyzers. Exploitation assistance from KF.
| | Author: | ri0t | | File Size: | 2403 | | Last Modified: | Jul 27 23:08:16 2006 |
| MD5 Checksum: | 322367dffe353d69a331c65b0223c358 |
|
| /// File Name: |
mail2forum12.txt |
Description:
|
mail2forum versions 1.2 and below suffer from remote file inclusion vulnerabilities.
| | Author: | OLiBekaS | | File Size: | 2396 | | Last Modified: | Jul 20 04:58:01 2006 |
| MD5 Checksum: | 100df5055df08cc42525f737fa5eeee3 |
|
| /// File Name: |
ej3-exec.txt |
Description:
|
EJ3 TOPO version 2.2 remote command execution exploit.
| | Author: | Hessam-x | | File Size: | 2359 | | Last Modified: | Jul 12 05:59:00 2006 |
| MD5 Checksum: | 4396615047d47fa0054512c7f67aa81e |
|
| /// File Name: |
web-usermin.pl.txt |
Description:
|
Webmin / Usermin arbitrary file disclosure exploit for versions below 1.290.
| | Author: | UmZ! | | Homepage: | http://securitydot.net/ | | File Size: | 2205 | | Last Modified: | Jul 15 04:56:28 2006 |
| MD5 Checksum: | 1f52c79f85845a2eeba5142d3215b5df |
|
| /// File Name: |
bl4ck_ms06_014.tgz |
Description:
|
Functioning exploit for the MDAC code execution vulnerability in Internet Explorer as described in MS06-014.
| | Author: | redsand | | Homepage: | http://www.blacksecurity.org/ | | File Size: | 2178 | | Last Modified: | Jul 24 01:53:06 2006 |
| MD5 Checksum: | e466b397f2672c648c1057681274e760 |
|
| /// File Name: |
QBoard11.txt |
Description:
|
free QBoard version 1.1 suffers from multiple remote file inclusion flaws.
| | Author: | CrAsh_oVeR_rIdE | | Homepage: | http://www.lezr.com | | File Size: | 2174 | | Last Modified: | Jul 9 05:20:32 2006 |
| MD5 Checksum: | e91cb144dfbbb72eaf368c324d7a942e |
|
| /// File Name: |
guestbook130.txt |
Description:
|
Guestbook Mambo Module versions 1.3.0 and below suffer from a remote file inclusion vulnerability.
| | Author: | Matdhule | | File Size: | 2163 | | Last Modified: | Aug 3 00:36:03 2006 |
| MD5 Checksum: | 38c3ee0c0b9298fa22d43844ce3cac76 |
|
| /// File Name: |
msnXSSCB.txt |
Description:
|
A cross site scripting vulnerability exists on MSN.com.
| | Homepage: | http://www.securiteam.com | | File Size: | 2163 | | Last Modified: | Jul 26 04:51:30 2006 |
| MD5 Checksum: | 325d5613fba3c9b4c75cee2fbc3f6400 |
|
| /// File Name: |
namc10.txt |
Description:
|
New Article Mambo Component versions 1.0 and below suffer from remote file inclusion vulnerabilities.
| | Author: | Matdhule | | File Size: | 2150 | | Last Modified: | Jul 20 04:16:42 2006 |
| MD5 Checksum: | dc2d1d8b5f3c982253ac104129ed147f |
|
| /// File Name: |
boastMachineSQL.txt |
Description:
|
boastMachine versions 3.1 and below remote SQL injection exploit that also demonstrates a cross site scripting vulnerability.
| | Author: | DarkFig | | File Size: | 2129 | | Last Modified: | Jul 20 04:13:59 2006 |
| MD5 Checksum: | a54b1e7f01f8ed14f5f702de53812fce |
|
| /// File Name: |
lazarus16.txt |
Description:
|
Lazarus Guestbook versions 1.6 and below suffer from cross site scripting flaws.
| | Author: | simo64 | | File Size: | 2024 | | Last Modified: | Jul 13 16:56:01 2006 |
| MD5 Checksum: | f50b1889ee833358a963cc0a8aed5064 |
|
| /// File Name: |
lifesucks.pl.txt |
Description:
|
LifeType version 1.0.5 remote SQL injection exploit.
| | Author: | Alejandro Ramos, Pedro Andujar | | File Size: | 1855 | | Last Modified: | Jul 9 07:23:04 2006 |
| MD5 Checksum: | c29e926e788a2d4e1d4cec6e913fb4bd |
|
| /// File Name: |
mobb.tgz |
Description:
|
Exploit for Mozilla Firefox versions 1.5.0.4 and below. The demonstration exploit below will attempt to launch "calc.exe" on Windows systems, execute "touch /tmp/METASPLOIT" on Linux systems, and bind a command shell to port 4444 for Mac OS X Intel and PowerPC systems. An anonymous researcher for TippingPoint and the Zero Day Initiative showed that when used in a web page Java would reference properties of the window.navigator object as it started up. If the page replaced the navigator object before starting Java then the browser would crash in a way that could be exploited to run native code supplied by the attacker.
| | Homepage: | http://browserfun.blogspot.com/2006/07/mobb-28-mozilla-navigator-object.html | | File Size: | 1855 | | Related CVE(s): | CVE-2006-3677 | | Last Modified: | Aug 3 01:18:08 2006 |
| MD5 Checksum: | 99310b4fff62cfdeb795aeed9747822c |
|
| /// File Name: |
wonderedit.txt |
Description:
|
WonderEdit Pro CMS is susceptible to remote file inclusion vulnerabilities.
| | Author: | OLiBekaS | | File Size: | 1782 | | Last Modified: | Jul 9 06:53:27 2006 |
| MD5 Checksum: | becd5e25dd9f025a77765ae3ccbb2050 |
|
| /// File Name: |
solpot-adv-01.txt |
Description:
|
PHP Event Calendar version 1.4 suffers from a remote inclusion vulnerability.
| | Author: | Solpot | | Homepage: | http://www.solpotcrew.org/ | | File Size: | 1713 | | Last Modified: | Jul 19 01:36:52 2006 |
| MD5 Checksum: | 84c3f3d2d4b5347aeaab0a0b7dcd9346 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
