Section: .. / 0611-exploits /
| /// File Name: |
VULNDISCO_META_FREE.tar.gz |
Description:
|
This VulnDisco Packet for Metasploit 2.7 has the following zero day exploits: vd_ldapinfo.pm - [0day] Query info from LDAP server, vd_xlink.pm - [0day] Omni-NFS Enterprise remote exploit, vd_openldap.pm - [0day] OpenLDAP denial of service exploit.
| | Author: | Evgeny Legerov | | Homepage: | http://gleg.net/vulndisco_meta.shtml | | File Size: | 5894 | | Last Modified: | Nov 7 00:34:34 2006 |
| MD5 Checksum: | 0c437d90c742652c42b96c35d7c8fe64 |
|
| /// File Name: |
cidstats.txt |
Description:
|
@cid stats version 2.3 suffers from a remote file inclusion vulnerability.
| | Author: | Mahmood_ali | | File Size: | 1003 | | Last Modified: | Nov 7 00:31:10 2006 |
| MD5 Checksum: | e634e8a4c567507e82b84620ae011a5c |
|
| /// File Name: |
scarf.txt |
Description:
|
The SCARF system from a person at Stanford suffers from a failure to verify administrative access.
| | Author: | navairum | | File Size: | 377 | | Last Modified: | Nov 7 00:30:00 2006 |
| MD5 Checksum: | d6f878cd0ff9b868d6369e048f191728 |
|
| /// File Name: |
paypalXSScorry.txt |
Description:
|
PayPal.com suffered from a cross site scripting vulnerability.
| | Author: | CorryL | | Homepage: | http://www.x0n3-h4ck.org | | File Size: | 5129 | | Last Modified: | Nov 7 00:28:46 2006 |
| MD5 Checksum: | 43aa988b09bb80927a6aef760f10ff81 |
|
| /// File Name: |
ag231-rfi.txt |
Description:
|
Advanced Guestbook version 2.3.1 suffers from a remote file inclusion vulnerability in Admin.php.
| | Author: | BrokeN-ProXy | | File Size: | 1059 | | Last Modified: | Nov 7 00:26:12 2006 |
| MD5 Checksum: | c690253ffcf339474cbf8a0d60cbee21 |
|
| /// File Name: |
hotmail_xss.txt |
Description:
|
Hotmail and Windows Live Mail suffer from a cross site scripting vulnerability.
| | Author: | Cheng Peng Su | | File Size: | 1847 | | Last Modified: | Nov 7 00:24:10 2006 |
| MD5 Checksum: | 2342d1f5c42db94ffc845bcae0ed6db9 |
|
| /// File Name: |
mwchat-rfi.txt |
Description:
|
MWChat Pro version 7.0 is susceptible to a remote file inclusion vulnerability.
| | Author: | Mr.3FReeT | | File Size: | 1416 | | Last Modified: | Nov 7 00:22:56 2006 |
| MD5 Checksum: | 5bec3e8aeb8b325a9b428b2ff6529f9d |
|
| /// File Name: |
Armorize-ADV-2006-0009.txt |
Description:
|
Armorize Technologies Security Advisory Armorize-ADV-2006-0009 - ZendFramework Preview version 0.2.0 is susceptible to a cross site scripting vulnerability.
| | Author: | Armorize | | Homepage: | http://www.armorize.com | | File Size: | 2038 | | Last Modified: | Nov 7 00:22:08 2006 |
| MD5 Checksum: | f518cab422a2c60f549a3b28c5f3882b |
|
| /// File Name: |
efsStream.txt |
Description:
|
EFS Easy Address Book web server versions 1.2 and below remote file stream exploit.
| | Author: | Greg Linares | | File Size: | 7426 | | Last Modified: | Nov 6 23:53:56 2006 |
| MD5 Checksum: | a0e60c4c0b0df7017a24f65de41eef52 |
|
| /// File Name: |
XHNB-Novell-eDirectory_remote_bof.c |
Description:
|
Novell eDirectory versions 9.0 and below DHost remote buffer overflow exploit.
| | Author: | FistFuXXer, Expanders | | File Size: | 8643 | | Last Modified: | Nov 6 23:52:47 2006 |
| MD5 Checksum: | 1ed95b6be03b156bf4d22e7d5f95b29e |
|
| /// File Name: |
easyFilePwn.txt |
Description:
|
Easy File Sharing Web Server version 4 remote information stealing exploit.
| | Author: | Greg Linares | | File Size: | 6379 | | Last Modified: | Nov 6 23:50:42 2006 |
| MD5 Checksum: | 69d0257dcbcbdabff405d804a597d5dc |
|
| /// File Name: |
privatewire.pm.txt |
Description:
|
This Metasploit module exploits a buffer overflow in the ADMCREG.EXE used in the PrivateWire Online Registration Facility version 3.7.
| | Author: | Michael Thumann | | File Size: | 3264 | | Last Modified: | Nov 6 23:49:32 2006 |
| MD5 Checksum: | cf9712e8fc1f7280af99ece060197f53 |
|
| /// File Name: |
novelleDir88.pl.txt |
Description:
|
Novell eDirectory 8.8 NDS server remote stack overflow exploit.
| | Author: | Manuel Santamarina Suarez | | File Size: | 4345 | | Last Modified: | Nov 6 23:47:47 2006 |
| MD5 Checksum: | 5daed4de215b093baea043c39238ece5 |
|
| /// File Name: |
iwarePro.txt |
Description:
|
iWare Pro versions 5.0.4 and below suffer from a remote code execution vulnerability in chat_panel.php.
| | Author: | nuffsaid | | File Size: | 2331 | | Last Modified: | Nov 6 23:43:20 2006 |
| MD5 Checksum: | e264fc3b8e961e83aaad0a3e82b8e9e4 |
|
| /// File Name: |
adv57-theday-2006.txt |
Description:
|
Soholaunch Pro versions 4.9 r36 and below suffer from remote file inclusion vulnerabilities.
| | Author: | the_day | | Homepage: | http://advisories.echo.or.id/ | | File Size: | 3244 | | Last Modified: | Nov 6 23:42:06 2006 |
| MD5 Checksum: | bd7920df47fa125843a510e68950126e |
|
| /// File Name: |
adv59-theday-2006.txt |
Description:
|
Agora version 1.4 RC1 suffers from a remote file inclusion vulnerability in MysqlfingerAdmin.php.
| | Author: | the_day | | Homepage: | http://advisories.echo.or.id/ | | File Size: | 2950 | | Last Modified: | Nov 6 23:38:30 2006 |
| MD5 Checksum: | 63e3c861a66664f7c71e6b9f29d246a3 |
|
| /// File Name: |
adv60-theday-2006.txt |
Description:
|
OpenEMR versions 2.8.1 and below suffer from multiple remote file inclusion vulnerabilities.
| | Author: | the_day | | Homepage: | http://advisories.echo.or.id/ | | File Size: | 3994 | | Last Modified: | Nov 6 23:36:32 2006 |
| MD5 Checksum: | 15419ef746e1a4cb2b4b0656c06a5dd1 |
|
| /// File Name: |
articleSQL.txt |
Description:
|
Article Script versions 1.6.3 and below remote SQL injection exploit that makes use of rss.php.
| | Author: | Liz0ziM | | File Size: | 785 | | Last Modified: | Nov 6 23:34:36 2006 |
| MD5 Checksum: | 0cba4788f49b6c653321cd074e4fbc03 |
|
| /// File Name: |
IF-CMS.txt |
Description:
|
IF-CMS suffers from a cross site scripting vulnerability in index.php.
| | Author: | benjamin moss, laurent gaffi | | File Size: | 226 | | Last Modified: | Nov 6 00:33:48 2006 |
| MD5 Checksum: | 0ce1d042e4851bd40e121f36d9523e08 |
|
| /// File Name: |
essentia215.txt |
Description:
|
Essentia Web Server version 2.15 suffers from a buffer overflow vulnerability. Denial of service exploit included.
| | Author: | CorryL | | Homepage: | http://www.x0n3-h4ck.org | | File Size: | 2077 | | Last Modified: | Nov 6 00:32:43 2006 |
| MD5 Checksum: | 451677b193bcfd7e60f47f5e5d921aa0 |
|
| /// File Name: |
drakeCMS.txt |
Description:
|
Drake CMS version 0.2 suffers from a cross site scripting vulnerability.
| | Author: | CorryL | | Homepage: | http://www.x0n3-h4ck.org | | File Size: | 1697 | | Last Modified: | Nov 6 00:31:16 2006 |
| MD5 Checksum: | 7e6c8136290a2aae4338a136364b343e |
|
| /// File Name: |
daringphucball.rb |
Description:
|
The Apple Airport driver provided with Orinoco-based Airport cards (1999-2003 PowerBooks, iMacs) is vulnerable to a remote memory corruption flaw. When the driver is placed into active scanning mode, a malformed probe response frame can be used to corrupt internal kernel structures, leading to arbitrary code execution. This vulnerability is triggered when a probe response frame is received that does not contain valid information element (IE) fields after the fixed-length header. The data following the fixed-length header is copied over internal kernel structures, resulting in memory operations being performed on attacker-controlled pointer values. This is the Metasploit module for this vulnerability.
| | Author: | H D Moore | | Homepage: | http://metasploit.com/ | | File Size: | 6172 | | Last Modified: | Nov 2 21:08:16 2006 |
| MD5 Checksum: | b3bece5770fb6b8baf288b1f5e1f6148 |
|
| /// File Name: |
MOKB-02-11-2006.img.gz |
Description:
|
The following filesystem image can be used to reproduce a bug in the Linux 2.6.x kernel series where the squashfs module fails to properly handle corrupted fs structures.
| | Author: | LMH | | Homepage: | http://projects.info-pull.com/ | | Related File: | MOKB-02-11-2006.html | | File Size: | 42078 | | Last Modified: | Nov 2 21:04:07 2006 |
| MD5 Checksum: | 3719d5a0c2b221e4289b5ee452838af3 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
