MS Windows Plug-and-Play Service Remote Universal Exploit (spanish fix)

No description provided by source. / HOD-ms05039-pnp-expl-spanish.c 25.Aug.2005 Very slightly modified version by Roman Medina [email protected] Tested on Win2k SP4 Spanish. Original credits & comments follow. / / HOD-ms05039-pnp-expl.c: 2005-08-10: PUBLIC v.0.2 Copyright c 2005 houseofdabus...

Ethereal 10.x - AFP Protocol Dissector Remote Format String

Ethereal 10.x - AFP Protocol Dissector Remote Format String / etherealv0.10.: AFP remote format string exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc xethereal-afp-fmt.c -o xethereal-afp-fmt ethereal homepage/url: http://www.ethereal.com syntax: ./xethereal-afp-fmt -spSrPanc...

dosPlanet.txt

Software: PlanetFileServer Corporation: PlanetDNS Software Version: v2.0.1.3 Vulnerability: Denial of Service - Crash Vulnerability ------------------------------- BACKGROUND PlanetFileServer v2.0.1.3 is a BETA product PlanetDNS provides products and services that enable you to host your own web...

Mozilla FireFox <= 1.0.1 Remote GIF Heap Overflow Exploit

Exploit for unknown platform in category remote exploits ========================================================= Mozilla FireFox = 1.0.1 Remote GIF Heap Overflow Exploit ========================================================= / Mozilla FireFox = 1.0.1 Remote GIF Heap Overflow Exploit by...

[SECURITY] [DSA 727-1] New libconvert-uulib-perl packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 727-1 [email protected] http://www.debian.org/security/ Martin Schulze May 20th, 2005 http://www.debian.org/security/faq -...

[Full-disclosure] Pico Server &#40;pServ&#41; Remote Command Injection

Advisory: Pico Server pServ Remote Command Injection RedTeam found a remote command injection in Pico Server pServ which results in a remote attacker being able to issue arbitrary commands on the server. Details ======= Product: Pico Server pServ Affected Version: 3.2verified, =3.2 probably too...

Golden Ftp Server Pro - Directory Traversal Vuln

Product: Golden Ftp Server Pro Affected Versions : v2.52 Credit / Discovered by: Lachlan. H Date vendor notified: 02/05/2005 Patch Released: N/A Disclosure: 03/05/2005 External References: http://secunia.com/advisories/15175/ http://www.securityfocus.com/bid/13479/info/ Product Description: Golde...

BitchX &lt;= 1.0c20 Local Buffer Overflow Exploit

No description provided by source. / Tested on BitchX-1.0c19 /str0ke / / P.o.C Exploit Code for BitchX made for Version BitchX-1.0c20cvs -- Date 20020325 C 2004. GroundZero Security Research and Software Development http://www.groundzero-security.com released under the GNU GPL -...

ie_dhtml_poc.txt

Details and PoC code for MSIE DHTML Object handling vulnerabilities are available online at my website: http://www.edup.tudelft.nl/bjwever Note: page is not up-to-date, since it was written in August/September 2004. Additional information will be added when found during testing of MS05-20 patch...

Arbitrary file overwrite possible by Musicmatch ActiveX control

Hyperdose Security Advisory Name: Arbitrary file overwrite in Musicmatch Systems Affected: Musicmatch v10.00.2047 or earlier according to Yahoo v9.00.5059 and earlier are also affected Severity: Important Author: Robert Fly - [email protected] Advisory URL:...

-==CoolForum Path Disclosure & Possible SQL Injection==-

/ -------------------------------------------------------- Neo Security Team NST® - Advisory 11 - 20/03/05 -------------------------------------------------------- Program: CoolForum Homepage: http://coolforum.net/ Vulnerable Versions: CoolForum v.0.8.1 beta & Lowers Risk: Low!! Impact: Path...

socialMPN.txt

!/usr/bin/perl -w Remote Testing SocialMPN Remote File Inclusion by y3dips for testing only Bug find by zer0-c00l , Bug published at http://waraxe.us/ftopic-542-0-days0-orderasc-.html print " Remote Testing File Inclusion for SocialMPN by y3dips \n"; require LWP::UserAgent; if@ARGV == 2 $target=...

Ethereal 0.10.9 (Windows) - 3G-A11 Remote Buffer Overflow

Ethereal 0.10.9 Windows - 3G-A11 Remote Buffer Overflow / Ethereal IAPP remote buffer overflow 2 PoC exploit --------------------------------------------------- To test this vulnerability on windows, try to send 3-10 packets that will trigger the crash, and scroll between captured packets in...

SocialMPN Arbitrary File Injection Exploit

No description provided by source. !/usr/bin/perl -w Remote Testing SocialMPN Remote File Inclusion by y3dips for testing only Bug find by zer0-c00l , Bug published at http://waraxe.us/ftopic-542-0-days0-orderasc-.html print " Remote Testing File Inclusion for SocialMPN by y3dips \n"; require...

SocialMPN - Arbitrary File Injection

!/usr/bin/perl -w Remote Testing SocialMPN Remote File Inclusion by y3dips for testing only Bug find by zer0-c00l , Bug published at http://waraxe.us/ftopic-542-0-days0-orderasc-.html print " Remote Testing File Inclusion for SocialMPN by y3dips \n"; require LWP::UserAgent; if@ARGV == 2 $target=...

SocialMPN - Arbitrary File Injection

SocialMPN - Arbitrary File Injection !/usr/bin/perl -w Remote Testing SocialMPN Remote File Inclusion by y3dips for testing only Bug find by zer0-c00l , Bug published at http://waraxe.us/ftopic-542-0-days0-orderasc-.html print " Remote Testing File Inclusion for SocialMPN by y3dips \n"; require...

SocialMPN Arbitrary File Injection Exploit

Exploit for unknown platform in category web applications ========================================== SocialMPN Arbitrary File Injection Exploit ========================================== !/usr/bin/perl -w Remote Testing SocialMPN Remote File Inclusion by y3dips for testing only Bug find by...

Remote Testing SocialMPN Remote File Inclusion by y3dips

!/usr/bin/perl -w Remote Testing SocialMPN Remote File Inclusion by y3dips for testing only Bug find by zer0-c00l , Bug published at http://waraxe.us/ftopic-542-0-days0-orderasc-.html print " Remote Testing File Inclusion for SocialMPN by y3dips n"; require LWP::UserAgent; if@ARGV == 2 $target=...

typo3sql.txt

Here is a POC for the typo3 issue to test if you are vulnerable. This doesn't pull the password, just the username : http://path/?&action=getviewcategory&categoryuid=-99%20UNION%20SELECT%20use rname%20FROM%20beusers%20WHERE%20uid=1/ Also, it's easy to pull lists of data from the database using th...

Apache &lt;= 2.0.52 HTTP GET request Denial of Service Exploit

No description provided by source. !/usr/bin/perl Based on - apache-squ1rt.c exploit. Original credit goes to Chintan Trivedi on the FullDisclosure mailing list: http://seclists.org/lists/fulldisclosure/2004/Nov/0022.html More info - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0942...