Section: .. / 0708-exploits /
| /// File Name: |
cisco-sql.txt |
Description:
|
A SQL injection vulnerability exists in the Log On page of the web interface for Cisco CallManager AKA Unified Communications Manager. An unauthenticated attacker who is able to access the Log On page could exploit this vulnerability to run arbitrary SQL commands as the logged in database user, usually cm_publisher. By running SQL commands, the attacker could gain information about the CallManager configuration, including call records. Exploitation details provided.
| | Author: | Elliot Kendall | | File Size: | 5355 | | Last Modified: | Aug 31 13:00:05 2007 |
| MD5 Checksum: | 3f7b845f8abbf592305551e6224d261d |
|
| /// File Name: |
telemark-xss.txt |
Description:
|
The Telemark.com search engine is susceptible to a cross site scripting vulnerability.
| | Author: | Tosser | | File Size: | 499 | | Last Modified: | Aug 31 12:56:40 2007 |
| MD5 Checksum: | c9940b9124caccd7386973aa56d9027a |
|
| /// File Name: |
chacha-xss.txt |
Description:
|
The ChaCha.com search functionality suffers from a cross site scripting vulnerability.
| | Author: | d3hydr8 | | Homepage: | http://darkcode.h1x.com/ | | File Size: | 755 | | Last Modified: | Aug 31 12:55:55 2007 |
| MD5 Checksum: | e9ebdea597e5f10ca9b9c99db9e3cf62 |
|
| /// File Name: |
ppstream-overflow.txt |
Description:
|
PPStream ActiveX remote overflow exploit that makes use of PowerPlayer.dll version 2.0.1.3829.
| | Author: | dummy | | File Size: | 2748 | | Last Modified: | Aug 31 12:48:45 2007 |
| MD5 Checksum: | 132a38ce0cc72b3c49ae42b164ffefa1 |
|
| /// File Name: |
norton-local.txt |
Description:
|
Norman Virus Control local exploit that makes use of nvcoaft51.sys.
| | Author: | inocraM | | Homepage: | http://www.48bits.com/ | | File Size: | 13859 | | Last Modified: | Aug 31 12:47:37 2007 |
| MD5 Checksum: | f7f06590d69b8657e3cc40e36b8f36f0 |
|
| /// File Name: |
phpbblinks-sql.txt |
Description:
|
phpBB Links MOD versions 1.2.2 and below remote SQL injection exploit.
| | Author: | Don | | File Size: | 1439 | | Last Modified: | Aug 31 12:45:56 2007 |
| MD5 Checksum: | f7c85f4b2a3d84bd57186a373ff8cce4 |
|
| /// File Name: |
ourspace-upload.txt |
Description:
|
Ourspace version 2.0.9 suffers from an upload vulnerability in uploadmedia.cgi.
| | Author: | Don | | File Size: | 363 | | Last Modified: | Aug 31 12:44:47 2007 |
| MD5 Checksum: | 49e68f901eb8af65054e494a64870126 |
|
| /// File Name: |
nmdeluxe-sql.txt |
Description:
|
NMDeluxe version 2.0.0 suffers from a remote SQL injection vulnerability.
| | Author: | not sec group | | Homepage: | http://www.notsec.com/ | | File Size: | 1744 | | Last Modified: | Aug 31 12:43:51 2007 |
| MD5 Checksum: | 7df7ee1cc55190e6e2306680ca06cd41 |
|
| /// File Name: |
wiresharkdnp3-dos.txt |
Description:
|
Wireshark versions below 0.99.5 DNP3 dissector infinite loop denial of service exploit.
| | Author: | Beyond Security | | Homepage: | http://www.BeyondSecurity.com | | File Size: | 2568 | | Last Modified: | Aug 31 12:42:02 2007 |
| MD5 Checksum: | db40242afee4ecc22686066188808a89 |
|
| /// File Name: |
hexamail-dos.txt |
Description:
|
Hexamail Server version 3.0.0.001 pop3 pre-auth remote overflow denial of service exploit.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 922 | | Last Modified: | Aug 31 12:40:35 2007 |
| MD5 Checksum: | e2ebdee6bf86c4327ab9df16adebf030 |
|
| /// File Name: |
dumsdei.zip |
Description:
|
Proof of concept exploit for Doomsday versions 1.9.0-beta5.1 and below which suffer from buffer overflow and format string vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | dumsdei.txt | | File Size: | 19740 | | Last Modified: | Aug 30 04:17:24 2007 |
| MD5 Checksum: | 8f83cc303809ac52f3c9e81d648f6099 |
|
| /// File Name: |
blizzard-dos.txt |
Description:
|
Blizzard StarCraft Brood War version 1.15.1 suffers from a remote denial of service vulnerability.
| | Author: | Gynvael Coldwind | | File Size: | 2827 | | Last Modified: | Aug 30 03:47:49 2007 |
| MD5 Checksum: | a5789f2382d3d95d12aeb03dc5277771 |
|
| /// File Name: |
ymsg-crash.tgz |
Description:
|
Yahoo! Messenger version 8.1.0.413 webcam remote crash denial of service exploit.
| | Author: | wushi | | Homepage: | http://www.team509.com/ | | File Size: | 869095 | | Last Modified: | Aug 30 03:15:28 2007 |
| MD5 Checksum: | 4d8b681186b77f12dd8f8a994917c0c8 |
|
| /// File Name: |
msnmsg-overflow.tgz |
Description:
|
MSN Messenger 7.x VIDEO remote heap overflow exploit.
| | Author: | wushi | | Homepage: | http://www.team509.com/ | | File Size: | 11348 | | Last Modified: | Aug 30 03:13:22 2007 |
| MD5 Checksum: | 5d8ef6a8c46d57f1fc030024fcc7ece6 |
|
| /// File Name: |
pakupaku-rfulfi.txt |
Description:
|
Pakupaku CMS versions 0.4 and below remote file upload exploit.
| | Author: | GolD_M | | Homepage: | http://www.tryag.cc/ | | File Size: | 4403 | | Last Modified: | Aug 30 03:10:12 2007 |
| MD5 Checksum: | eb28e47bc15b4183419bd79aff5b9e8d |
|
| /// File Name: |
phpbg-rfi.txt |
Description:
|
phpBG version 0.9.1 suffers from remote file inclusion vulnerabilities.
| | Author: | GolD_M | | Homepage: | http://www.tryag.cc/ | | File Size: | 431 | | Last Modified: | Aug 30 03:08:31 2007 |
| MD5 Checksum: | 116652e271be17a3005faa5a4c319bff |
|
| /// File Name: |
phpns-sql.txt |
Description:
|
PHPNS version 1.1 suffers from a remote SQL injection vulnerability in shownews.php.
| | Author: | SmOk3 | | File Size: | 926 | | Last Modified: | Aug 30 03:06:58 2007 |
| MD5 Checksum: | 6b08efafff0de911f42fb36de79e2c35 |
|
| /// File Name: |
abcestore-sql.txt |
Description:
|
ABC estore version 3.0 remote blind SQL injection exploit.
| | Author: | k1tk4t | | Homepage: | http://newhack.org/ | | File Size: | 2681 | | Last Modified: | Aug 30 03:05:57 2007 |
| MD5 Checksum: | 4f20498b0ee8a8364d48c6f28ac2b801 |
|
| /// File Name: |
xgb-bypass.txt |
Description:
|
xGB version 2.0 suffers from a remote permission bypass vulnerability.
| | Author: | DarkFuneral | | File Size: | 534 | | Last Modified: | Aug 30 03:04:47 2007 |
| MD5 Checksum: | f80c5be13198a61a85b89f8de7096270 |
|
| /// File Name: |
gdi32-dos.txt |
Description:
|
Microsoft Windows denial of service exploit that makes use of GDI32.DLL. This vulnerability is related to MS07-046.
| | Author: | Gil-Dong / Woo-Chi | | File Size: | 1358 | | Last Modified: | Aug 30 03:03:14 2007 |
| MD5 Checksum: | 6b8e5d855533f6cd0c76c63947b807e6 |
|
| /// File Name: |
phpnukeclan-rfi.txt |
Description:
|
PHPNuke-Clan versions 4.2.0 and below suffer from a remote file inclusion vulnerability in mvcw_conver.php.
| | Author: | DNX | | File Size: | 1228 | | Last Modified: | Aug 29 00:27:57 2007 |
| MD5 Checksum: | 167c9ba6ce495d3de3731e4912a48952 |
|
| /// File Name: |
vwar-rfi.txt |
Description:
|
VWar versions 1.5.0 R15 and below suffer from a remote file inclusion vulnerability in mvcw.php.
| | Author: | DNX | | File Size: | 1128 | | Last Modified: | Aug 29 00:26:37 2007 |
| MD5 Checksum: | c4f9598a25c7cea312d1038996332249 |
|
| /// File Name: |
paycart-sql.txt |
Description:
|
DL PayCart version 1.01 blind SQL injection exploit that makes use of viewitem.php.
| | Author: | irvian | | File Size: | 1948 | | Last Modified: | Aug 29 00:24:35 2007 |
| MD5 Checksum: | d375f870619082511fa6b2c408e6d3bd |
|
| /// File Name: |
postcast-overflow.txt |
Description:
|
Postcast Server Pro version 3.0.61 and Quiksoft EasyMail emsmtp.dll version 6.0.1 buffer overflow exploit.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 3238 | | Last Modified: | Aug 28 11:48:51 2007 |
| MD5 Checksum: | d219f1ac5c8237428552cf151ffe1811 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
