Showing 1 - 8 of 8

Files from Carl Livitt

First Active	2002-11-30
Last Active	2007-07-07

asteridex-exec.txt: Posted Jul 7, 2007; Authored by Carl Livitt; AsteriDex versions 3.0 and below suffer from a remote code execution vulnerability in callboth.php. Full exploit provided.; tags | exploit, remote, php, code execution; SHA-256 | 794379780fb3e3988a39c423bf0d884ff440774220df9bdf836c25beaaf1e46d; Download | Favorite | View

Saleslogix-1-2004.txt: Posted Oct 26, 2004; Authored by Carl Livitt | Site agenda-security.co.uk; SaleLogix Server and Web Client suffer from bypass authentication, privilege escalation, SQL injection, information leak, arbitrary file creation, and directory traversal flaws.; tags | exploit, web, arbitrary, sql injection; SHA-256 | cf52df7a7caebca0796139424646c88526767a6d48c7e79e1dfe9288dfa48f9e; Download | Favorite | View

lsh_exploit.c: Posted Sep 23, 2003; Authored by Carl Livitt; Remote exploit for lsh 1.4.x that makes use of a boundary error in read_line.c when checking for errors. Spawns a bindshell on port 45295.; tags | exploit, remote; SHA-256 | e168f8955d32dfb71b3687b375f1e860d3b0793aad3026a1c30016d53a3c21eb; Download | Favorite | View

CLIVITT-2003-5.txt: Posted Jul 29, 2003; Authored by Carl Livitt; Apache 1.3.x using the mod_mylo module version 0.2.1 and below is vulnerable to a buffer overflow. The mod_mylo module is designed to log HTTP requests to a MySQL database and insufficient bounds checking in mylo_log() allows a remote attacker to gain full webserver uid access. Remote exploit for SuSE 8.1 Linux with Apache 1.3.27, RedHat 7.2/7.3 Linux with Apache 1.3.20, and FreeBSD 4.8 with Apache 1.3.27 included.; tags | exploit, remote, web, overflow; systems | linux, redhat, freebsd, suse; SHA-256 | 35db86fbefd818ae72497d5bec23002b6922e45da53d40b85d2ee31a56599032; Download | Favorite | View

CLIVITT-2003-4-Citadel-exploit.c: Posted Jul 17, 2003; Authored by Carl Livitt; Citadel/UX BBS version 6.07 remote exploit that yields a bindshell of the user id running the software. Related advisory is here.; tags | exploit, remote; SHA-256 | cce805d9b2f7de8f751fa627e8d554c704a82f2b001a4e1d329686ae2155bb8d; Download | Favorite | View

CLIVITT-2003-4-Citadel.txt: Posted Jul 17, 2003; Authored by Carl Livitt, B-r00t; Citadel/UX BBS versions 6.07 and below have faulty boundary checking that allows arbitrary code execution, poor random number seeding that allows predictable authentication tokens, and do not keep a user from filling up the harddrive when entering in data via the biography section.; tags | advisory, arbitrary, code execution; SHA-256 | 85126978760da416df1927103a59644cf4487bcea2d8fd64641318e7d07a0eb7; Download | Favorite | View

CLIVITT-2003-2.txt: Posted Jan 30, 2003; Authored by Carl Livitt; Carl Livitt security advisory CLIVITT-2003-2 - A format string vulnerability has been found in the plpnfsd daemon that comes with versions of the plptools package prior to 0.7. This issue can allow code execution with elevated privileges and has been fixed in newer versions of plptools. This advisory contains exploit code that may be used against affected SuSE Linux systems.; tags | advisory, code execution; systems | linux, suse; SHA-256 | f829611591f0d2e1fe21f665a3734db57a1c622bdeb93d60a441b30612987c9e; Download | Favorite | View

traceroute-exploit.c: Posted Nov 30, 2002; Authored by Carl Livitt; Nanog traceroute v6.0 to 6.1.1 local root stack overflow exploit. Tested on SuSE 7.1, 7.2, 7.3 & 8.0, and should work on 7.0 and 6.x.; tags | exploit, overflow, local, root; systems | linux, suse; SHA-256 | c117a8279378925e5c59c548d1f41f7d690bedabece5621ae083f62735be93c1; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days