Section: .. / 0907-exploits /
| /// File Name: |
0907-exploits.tgz |
Description:
|
This archive contains all of the 397 exploits added to Packet Storm in July, 2009.
| | Homepage: | http://packetstormsecurity.org/ | | File Size: | 747830 | | Last Modified: | Aug 5 13:37:04 2009 |
| MD5 Checksum: | 5183b9f14105bf0438f2cf2dcf80c31a |
|
| /// File Name: |
CVE-2009-1963.tgz |
Description:
|
This advisory and proof of concept code demonstrates a denial of service vulnerability in Oracle 11g.
| | Author: | Dennis Yurichev | | File Size: | 70586 | | Related CVE(s): | CVE-2009-1963 | | Last Modified: | Jul 24 21:40:49 2009 |
| MD5 Checksum: | 76fa54dfec37f0978cb2618e5821c487 |
|
| /// File Name: |
liveforspeed-overflow.txt |
Description:
|
Live For Speed 2 version Z local buffer overflow exploit that creates a malicious .mpr file.
| | Author: | n00b | | File Size: | 46291 | | Last Modified: | Jul 14 15:50:11 2009 |
| MD5 Checksum: | e0051adb2f19a2d3410ba132eac3ed0a |
|
| /// File Name: |
CVE-2009-1020.tgz |
Description:
|
The Network Foundation component in Oracle Database versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 suffers from an unspecified vulnerability. Proof of concept code included.
| | Author: | Dennis Yurichev | | File Size: | 44362 | | Related CVE(s): | CVE-2009-1020 | | Last Modified: | Jul 24 21:48:01 2009 |
| MD5 Checksum: | 5cbe81ca8ff50bd26315940033c3a0f3 |
|
| /// File Name: |
adobe-flash.tgz |
Description:
|
The pdf in this tarball takes advantage of an Adobe Flash vulnerability. This is real malware and should only be used for analysis purposes. Be careful and do not view this unless you want to get rooted.
| | File Size: | 43572 | | Last Modified: | Jul 23 13:00:56 2009 |
| MD5 Checksum: | 82d023f5c64e632ce65802b7350b816e |
|
| /// File Name: |
CVE-2009-1019.tgz |
Description:
|
Oracle version 11.1.0.6.0 win32 denial of service exploit.
| | Author: | Dennis Yurichev | | File Size: | 35641 | | Related CVE(s): | CVE-2009-1019 | | Last Modified: | Jul 24 21:44:17 2009 |
| MD5 Checksum: | 56de590482620d9eed57ab2616404d58 |
|
| /// File Name: |
CVE-2009-1970.tgz |
Description:
|
This advisory and proof of concept exploit demonstrates a denial of service vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7.
| | Author: | Dennis Yurichev | | File Size: | 34398 | | Related CVE(s): | CVE-2009-1970 | | Last Modified: | Jul 24 21:37:05 2009 |
| MD5 Checksum: | 2b60fd4d71bb8e2e2180830212dae8a9 |
|
| /// File Name: |
zenphoto125-sql.txt |
Description:
|
ZenPhoto version 1.2.5 blind SQL injection exploit.
| | Author: | petros | | Related Exploit: | zenphoto-sql.txt | | File Size: | 19801 | | Last Modified: | Jul 15 11:18:15 2009 |
| MD5 Checksum: | 482e4aaba26f4a1ef28eca2705d6c682 |
|
| /// File Name: |
CORE-2009-0515.txt |
Description:
|
Core Security Technologies Advisory - A vulnerability was found in the way that WordPress handles some URL requests. This results in unprivileged users viewing the content of plugins configuration pages, and also in some plugins modifying plugin options and injecting JavaScript code. Arbitrary native code may be run by a malicious attacker if the blog administrator runs injected JavasScript code that edits blog PHP code.
| | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 17554 | | Related CVE(s): | CVE-2009-2334, CVE-2009-2335, CVE-2009-2336 | | Last Modified: | Jul 8 19:04:34 2009 |
| MD5 Checksum: | 33e7dc69441396610a6945868f030b1f |
|
| /// File Name: |
photodvd-overflow.txt |
Description:
|
Photo DVD Maker Pro versions 8.02 and below buffer overflow exploit that creates a malicious exploit.pdm file.
| | Author: | His0k4 | | Related Exploit: | Bkis-10-2009.txt | | File Size: | 16020 | | Last Modified: | Jul 10 13:04:51 2009 |
| MD5 Checksum: | 0bcd553fdfc89c1d7f006545b25f6190 |
|
| /// File Name: |
mysql-format.txt |
Description:
|
MySQL version 5.0.45 suffers from a format string vulnerability. Proof of concept demonstration code is provided.
| | Author: | Kingcope | | File Size: | 15502 | | Last Modified: | Jul 8 19:08:03 2009 |
| MD5 Checksum: | c7051db441b1868e23f8edd0bd7733e2 |
|
| /// File Name: |
CORE-2009-0707.txt |
Description:
|
Core Security Technologies Advisory - A remote denial of service vulnerability has been found in Firebird SQL, which can be exploited by a remote attacker to force the server to close the socket where it is listening for incoming connections and to enter an infinite loop, by sending an unexpected 'op_connect_request' message with invalid data to the server. Proof of concept code included.
| | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 13159 | | Related CVE(s): | CVE-2009-2620 | | Last Modified: | Jul 28 15:29:43 2009 |
| MD5 Checksum: | a3a1b73706a9f3a5051b67b289be9ea2 |
|
| /// File Name: |
cheddar_bay.tgz |
Description:
|
Linux 2.6.30+/SELinux/RHEL5 local root exploit. Works on both 32bit and 64bit kernels.
| | Author: | Brad Spengler | | File Size: | 12345 | | Last Modified: | Jul 17 15:23:06 2009 |
| MD5 Checksum: | 3c1f32c8c2d4538788f1c5fc52b1a8a5 |
|
| /// File Name: |
allomanimoviesclips-sql.txt |
Description:
|
Allomani Movies and Clips version 2.7.0 remote blind SQL injection exploit.
| | Author: | Qabandi | | File Size: | 8792 | | Last Modified: | Jul 27 21:56:00 2009 |
| MD5 Checksum: | c5afcbb805a7c432d6d6dde62938a4a5 |
|
| /// File Name: |
allomanimobile-sql.txt |
Description:
|
Allomani Mobile version 2.5 remote blind SQL injection exploit.
| | Author: | Qabandi | | File Size: | 8789 | | Last Modified: | Jul 27 21:54:07 2009 |
| MD5 Checksum: | b37f6e9334283e7ed353084cdf2494c7 |
|
| /// File Name: |
allomanisongsclips-sql.txt |
Description:
|
Allomani Songs and Clips version 2.7.0 blind SQL injection exploit.
| | Author: | Qabandi | | File Size: | 8769 | | Last Modified: | Jul 27 21:55:05 2009 |
| MD5 Checksum: | 4dc0bcf19728cda498f1b3444aeb0be7 |
|
| /// File Name: |
iliaslms-disclose.txt |
Description:
|
ILIAS LMS versions 3.10.7 and below and 3.9.9 and below suffer from arbitrary information disclosure vulnerabilities.
| | Author: | YEnH4ckEr | | File Size: | 8381 | | Last Modified: | Jul 15 11:14:24 2009 |
| MD5 Checksum: | 971f73aed0f30bbc9bf0c62eb13e95e9 |
|
| /// File Name: |
msie-overflow.txt |
Description:
|
Microsoft Internet Explore 7 DirectShow heap spray exploit that leverages msvidctl.dll.
| | Author: | David Kennedy,John Melvin,Steve Austin | | Homepage: | http://www.securestate.com/ | | File Size: | 8239 | | Last Modified: | Jul 10 11:19:13 2009 |
| MD5 Checksum: | 4e33a901d265d85fa27696b425b3babc |
|
| /// File Name: |
iscdhcp-overflow.txt |
Description:
|
ISC DHCP dhclient versions below 3.1.2p1 remote buffer overflow proof of concept exploit.
| | Author: | Jon Oberheide | | File Size: | 7717 | | Related CVE(s): | CVE-2009-0692 | | Last Modified: | Jul 27 20:42:31 2009 |
| MD5 Checksum: | 5a864fd4128cd438f38a0e7b62ef558b |
|
| /// File Name: |
CORE-2009-0519.txt |
Description:
|
Core Security Technologies Advisory - Awakening's Winds3D Viewer, which runs as a plugin within most popular web browsers, is vulnerable to a remotely exploitable arbitrary command execution vulnerability which can be triggered by making the user visit a malicious link/website. Versions 3.5.0.0 and 3.0.0.5 are vulnerable.
| | Author: | Diego Juarez | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 7257 | | Related CVE(s): | CVE-2009-2386 | | Last Modified: | Jul 8 18:54:03 2009 |
| MD5 Checksum: | dd8314606e5d9fe5e80ed6775b92d050 |
|
| /// File Name: |
htcobex-traversal.txt |
Description:
|
The HTC / Windows Mobile OBEX FTP service suffers from a directory traversal vulnerability.
| | Author: | Alberto Moreno Tablado | | File Size: | 6972 | | Last Modified: | Jul 10 18:52:43 2009 |
| MD5 Checksum: | d43a2b63fef3ed7716e7af7c7b35a915 |
|
| /// File Name: |
traidntup-blindsql.txt |
Description:
|
Traidnt UP version 2.0 remote blind SQL injection exploit.
| | Author: | Qabandi | | Related Exploit: | traidntup-sql.txt | | File Size: | 6854 | | Last Modified: | Jul 14 14:31:42 2009 |
| MD5 Checksum: | d690d77e3d17be7f9c4303ce37af1a93 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
