Section: .. / 0708-exploits /
| /// File Name: |
tourde-rfi.txt |
Description:
|
Tour de France Pool version 1.0.1 suffers from a remote file inclusion vulnerability.
| | Author: | Yollubunlar | | Homepage: | http://yollubunlar.org/ | | File Size: | 738 | | Last Modified: | Aug 8 02:34:52 2007 |
| MD5 Checksum: | 7c28c62f5761b502de9f4621507709de |
|
| /// File Name: |
TS-2007-002-0.txt |
Description:
|
Template Security has discovered a serious user input validation vulnerability in the BlueCat Networks Proteus IPAM appliance. Proteus can be used to upload files to managed Adonis appliances to be downloadable by TFTP from the appliance. A Proteus administrator with privilege to add TFTP files and perform TFTP deployments can overwrite existing files and create new files as root on the Adonis DNS/DHCP appliance. This can be used for example to overwrite the system password database and change the root account password. Exploitation details provided. E
| | Author: | Template Security | | File Size: | 3135 | | Last Modified: | Aug 8 03:26:55 2007 |
| MD5 Checksum: | 8a4de76d6997f2dba9b93bea297d4831 |
|
| /// File Name: |
TS-2007-003-0.txt |
Description:
|
Template Security has discovered a root privilege escalation vulnerability in the BlueCat Networks Adonis DNS/DHCP appliance which allows the admin user to gain root privilege from the Command Line Interface (CLI). Adonis version 5.0.2.8 is susceptible. Exploit details included.
| | Author: | forloop | | File Size: | 1840 | | Last Modified: | Aug 17 01:59:55 2007 |
| MD5 Checksum: | 8ddae6c8f1a26008bcb28a7971395730 |
|
| /// File Name: |
unrwebdos.zip |
Description:
|
Denial of service exploit that demonstrates a buffer overflow in the logging function of the Unreal engine.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | unrwebdos.txt | | File Size: | 7119 | | Last Modified: | Aug 19 21:38:21 2007 |
| MD5 Checksum: | e9bbd5c6b345291edd5f727a66a60eec |
|
| /// File Name: |
vbul368-xss.txt |
Description:
|
vBulletin version 3.6.8 suffers from multiple cross site scripting vulnerabilities.
| | Author: | Hasadya Raed | | File Size: | 3229 | | Last Modified: | Aug 19 20:47:39 2007 |
| MD5 Checksum: | e17cdad7756a64bbd3c02450599e3873 |
|
| /// File Name: |
vgallite-rfi.txt |
Description:
|
All versions of vgallite suffer from a remote file inclusion vulnerability.
| | Author: | Hasadya Raed | | File Size: | 755 | | Last Modified: | Aug 8 03:10:14 2007 |
| MD5 Checksum: | 7aa1282b0bb4f8d046466a9f5001a7c3 |
|
| /// File Name: |
vietphp-rfi.txt |
Description:
|
VietPHP suffers from a remote file inclusion vulnerability.
| | Author: | master-of-desastor | | File Size: | 281 | | Last Modified: | Aug 8 03:42:16 2007 |
| MD5 Checksum: | 703a6524e3f9e46d74e9362211e8e251 |
|
| /// File Name: |
vwar-rfi.txt |
Description:
|
VWar versions 1.5.0 R15 and below suffer from a remote file inclusion vulnerability in mvcw.php.
| | Author: | DNX | | File Size: | 1128 | | Last Modified: | Aug 29 00:26:37 2007 |
| MD5 Checksum: | c4f9598a25c7cea312d1038996332249 |
|
| /// File Name: |
wbb2-sql.txt |
Description:
|
WBB2-Addon for Acrotxt version 1 suffers from a remote SQL injection vulnerability.
| | Author: | D4m14n | | Homepage: | http://www.damians-world.dl.am/ | | File Size: | 822 | | Last Modified: | Aug 27 22:57:09 2007 |
| MD5 Checksum: | 1720ab52658f18af6df75adb5cf2acda |
|
| /// File Name: |
webnews-rfi.txt |
Description:
|
Web News version 1.1 suffers from a remote file inclusion vulnerability.
| | Author: | Rizgar | | File Size: | 1142 | | Last Modified: | Aug 11 17:33:24 2007 |
| MD5 Checksum: | cb6caef0b6af4cfe3d6baa35d654ec87 |
|
| /// File Name: |
wef-study.txt |
Description:
|
A write up that discusses buffer overflows in Windows Extended file attributes. Includes some exploits.
| | Author: | Lostmon | | Homepage: | http://lostmon.blogspot.com/ | | File Size: | 9619 | | Last Modified: | Aug 11 18:11:14 2007 |
| MD5 Checksum: | f0fbb628cc9a9d4cc40bbe17f4c2cb19 |
|
| /// File Name: |
wengophone-dos.txt |
Description:
|
WengoPhone SIP Phone version 2.x suffers from a remote denial of service vulnerability.
| | Author: | Zwell | | Homepage: | http://www.nosec.org/ | | File Size: | 5047 | | Last Modified: | Aug 13 22:41:30 2007 |
| MD5 Checksum: | 3c7e4535413d5462d0d7d69a6c2b83f1 |
|
| /// File Name: |
widgets-overflow.txt |
Description:
|
Yahoo! Widgets versions below 4.0.5 GetComponentVersion() remote overflow exploit.
| | Author: | lhoang8500 | | File Size: | 2136 | | Last Modified: | Jul 31 20:49:08 2007 |
| MD5 Checksum: | 2b96c8994647cae86a2d4f6f39458588 |
|
| /// File Name: |
wikiwebweaver-upload.txt |
Description:
|
WikiWebWeaver version 1.1 Beta suffers from a shell upload vulnerability.
| | Author: | yollubunlar | | File Size: | 1299 | | Last Modified: | Aug 8 00:30:17 2007 |
| MD5 Checksum: | 989ca6a1578878fb0323b6ee8a978bdc |
|
| /// File Name: |
wireshark-dos.txt |
Description:
|
WireShark versions below 0.99.6 suffer from a denial of service vulnerability when parsing MMS messages. Denial of service exploit included.
| | Author: | Zwell | | Homepage: | http://www.nosec.org/ | | File Size: | 3041 | | Last Modified: | Aug 14 23:38:58 2007 |
| MD5 Checksum: | 30d54c76454c1e4355441db12e9ebed9 |
|
| /// File Name: |
wiresharkdnp3-dos.txt |
Description:
|
Wireshark versions below 0.99.5 DNP3 dissector infinite loop denial of service exploit.
| | Author: | Beyond Security | | Homepage: | http://www.BeyondSecurity.com | | File Size: | 2568 | | Last Modified: | Aug 31 12:42:02 2007 |
| MD5 Checksum: | db40242afee4ecc22686066188808a89 |
|
| /// File Name: |
xampp-local.txt |
Description:
|
XAMPP for Windows version 1.6.3a local privilege escalation exploit.
| | Author: | Inphex | | File Size: | 1564 | | Last Modified: | Aug 27 22:58:09 2007 |
| MD5 Checksum: | c6ccbf09d52012d9314da6c2137fb5ae |
|
| /// File Name: |
xgb-bypass.txt |
Description:
|
xGB version 2.0 suffers from a remote permission bypass vulnerability.
| | Author: | DarkFuneral | | File Size: | 534 | | Last Modified: | Aug 30 03:04:47 2007 |
| MD5 Checksum: | f80c5be13198a61a85b89f8de7096270 |
|
| /// File Name: |
ymsg-crash.tgz |
Description:
|
Yahoo! Messenger version 8.1.0.413 webcam remote crash denial of service exploit.
| | Author: | wushi | | Homepage: | http://www.team509.com/ | | File Size: | 869095 | | Last Modified: | Aug 30 03:15:28 2007 |
| MD5 Checksum: | 4d8b681186b77f12dd8f8a994917c0c8 |
|
| /// File Name: |
ynp-lfi.txt |
Description:
|
YNP Portal System version 2.2.0 suffers from a remote file disclosure vulnerability via showpage.cgi.
| | Author: | GolD_M | | Homepage: | http://www.tryag.cc/ | | File Size: | 803 | | Last Modified: | Aug 8 00:09:36 2007 |
| MD5 Checksum: | 2870f4834ba60062a4a5bb4f051843f9 |
|
| /// File Name: |
ziyar-xss.txt |
Description:
|
Ziyaretçi Defteri version 1.0 suffers from cross site scripting vulnerabilities.
| | Author: | GeFORC3 | | Homepage: | http://WwW.GeFORC3.Org | | File Size: | 623 | | Last Modified: | Aug 8 00:34:06 2007 |
| MD5 Checksum: | 60abfda7ea6ef4dc1544f21674a761f2 |
|
| /// File Name: |
zoidboom2.zip |
Description:
|
Zoidcom versions 0.6.7 and below proof of concept exploit that demonstrates a crash vulnerability.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | zoidboom2.txt | | File Size: | 5997 | | Last Modified: | Aug 15 00:32:34 2007 |
| MD5 Checksum: | fdd1276767b240783b50fa34dbdc2544 |
|
| /// File Name: |
zyxel_070810.txt |
Description:
|
Zyxel Zywall 2 suffers from persistent cross site scripting, cross site request forgery, and persistent denial of service vulnerabilities.
| | Author: | Henri Lindberg | | Homepage: | http://www.louhi.fi/ | | File Size: | 4749 | | Last Modified: | Aug 11 18:08:28 2007 |
| MD5 Checksum: | 741aa9359ec5d00c3f3c3c9131ebfd6f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
