diff --git a/files.csv b/files.csv index 6b6d5097e..a4ae3cff2 100755 --- a/files.csv +++ b/files.csv @@ -4481,7 +4481,7 @@ id,file,description,date,author,platform,type,port 4838,platforms/php/webapps/4838.txt,"snetworks php classifieds 5.0 - Remote File Inclusion Vulnerability",2008-01-05,Crackers_Child,php,webapps,0 4839,platforms/windows/local/4839.pl,"CoolPlayer 2.17 - (.m3u) Stack Overflow Exploit",2008-01-05,Trancek,windows,local,0 4840,platforms/php/webapps/4840.php,"Tribisur <= 2.0 - Remote SQL Injection Exploit",2008-01-05,x0kster,php,webapps,0 -4841,platforms/php/webapps/4841.txt,"Invision Power Board <= 2.1.7 ACTIVE XSS/SQL Injection Exploit",2008-01-05,"Eugene Minaev",php,webapps,0 +4841,platforms/php/webapps/4841.txt,"Invision Power Board <= 2.1.7 - ACTIVE XSS/SQL Injection Exploit",2008-01-05,"Eugene Minaev",php,webapps,0 4842,platforms/php/webapps/4842.pl,"NetRisk 1.9.7 (change_submit.php) Remote Password Change Exploit",2008-01-05,Cod3rZ,php,webapps,0 4843,platforms/php/webapps/4843.txt,"modx CMS 0.9.6.1 - Multiple Vulnerabilities",2008-01-05,BugReport.IR,php,webapps,0 4844,platforms/php/webapps/4844.txt,"Wordpress Plugin Wp-FileManager 1.2 - Remote Upload Vulnerability",2008-01-06,Houssamix,php,webapps,0 @@ -5255,7 +5255,7 @@ id,file,description,date,author,platform,type,port 5629,platforms/php/webapps/5629.txt,"Web Slider <= 0.6 Insecure Cookie/Authentication Handling Vuln",2008-05-15,t0pP8uZz,php,webapps,0 5630,platforms/php/webapps/5630.txt,"Multi-Page Comment System 1.1.0 Insecure Cookie Handling Vulnerability",2008-05-15,t0pP8uZz,php,webapps,0 5631,platforms/php/webapps/5631.txt,"IMGallery 2.5 Multiply Remote SQL Injection Vulnerabilities",2008-05-15,cOndemned,php,webapps,0 -5632,platforms/multiple/remote/5632.rb,"Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit (ruby)",2008-05-16,L4teral,multiple,remote,22 +5632,platforms/multiple/remote/5632.rb,"Debian OpenSSL - Predictable PRNG Bruteforce SSH Exploit (ruby)",2008-05-16,L4teral,multiple,remote,22 5633,platforms/asp/webapps/5633.pl,"StanWeb.CMS (default.asp id) Remote SQL Injection Exploit",2008-05-16,JosS,asp,webapps,0 5634,platforms/php/webapps/5634.htm,"Zomplog <= 3.8.2 (newuser.php) Arbitrary Add Admin Exploit",2008-05-16,ArxWolf,php,webapps,0 5635,platforms/php/webapps/5635.pl,"Archangel Weblog 0.90.02 (post_id) SQL Injection Exploit",2008-05-16,Stack,php,webapps,0 @@ -32839,6 +32839,8 @@ id,file,description,date,author,platform,type,port 36415,platforms/java/remote/36415.rb,"ElasticSearch Search Groovy Sandbox Bypass",2015-03-16,metasploit,java,remote,9200 36417,platforms/windows/local/36417.txt,"Spybot Search & Destroy 1.6.2 Security Center Service - Privilege Escalation",2015-03-17,LiquidWorm,windows,local,0 36418,platforms/php/webapps/36418.txt,"Moodle 2.5.9/2.6.8/2.7.5/2.8.3 - Block Title Handler Cross-Site Scripting",2015-03-17,LiquidWorm,php,webapps,0 -36419,platforms/multiple/webapps/36419.txt,"Metasploit Project < 4.11.1 Initial User Creation CSRF",2015-03-17,"Mohamed Abdelbaset Elnoby",multiple,webapps,3790 +36419,platforms/multiple/webapps/36419.txt,"Metasploit Project < 4.11.1 - Initial User Creation CSRF",2015-03-17,"Mohamed Abdelbaset Elnoby",multiple,webapps,3790 36420,platforms/windows/remote/36420.rb,"Adobe Flash Player PCRE Regex Vulnerability",2015-03-17,metasploit,windows,remote,0 36421,platforms/linux/remote/36421.rb,"Exim GHOST (glibc gethostbyname) Buffer Overflow",2015-03-18,"Qualys Corporation",linux,remote,25 +36422,platforms/windows/dos/36422.txt,"Fortinet Single Sign On Stack Overflow",2015-03-18,"Core Security",windows,dos,8000 +36423,platforms/java/webapps/36423.txt,"Websense Appliance Manager Command Injection Vulnerability",2015-03-18,"Han Sahin",java,webapps,9447 diff --git a/platforms/android/local/9477.txt b/platforms/android/local/9477.txt index b3bb0ad90..de3c0b806 100755 --- a/platforms/android/local/9477.txt +++ b/platforms/android/local/9477.txt @@ -1,6 +1,6 @@ Source for exploiting CVE-2009-2692 on Android; Hole is closed in Android kernels released August 2009 or later. orig: http://zenthought.org/content/file/android-root-2009-08-16-source -back: http://www.exploit-db.com/sploits/android-root-20090816.tar.gz +back: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/android-root-20090816.tar.gz # milw0rm.com [2009-08-18] diff --git a/platforms/asp/remote/15213.pl b/platforms/asp/remote/15213.pl index cfb716940..5e2237066 100755 --- a/platforms/asp/remote/15213.pl +++ b/platforms/asp/remote/15213.pl @@ -10,7 +10,7 @@ # Note from Exploit-db: This very first exploit was meant to work with Padbusterdornet or Padbuster v0.2. # A similar exploitation vector was also added lately in Padbuster v0.3: # http://www.gdssecurity.com/l/b/2010/10/04/padbuster-v0-3-and-the-net-padding-oracle-attack/ -# http://www.exploit-db.com/sploits/padBuster.pl +# https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/padBuster.pl # # # Giorgio Fedon - (giorgio.fedon@mindedsecurity.com) diff --git a/platforms/beos/local/19840.txt b/platforms/beos/local/19840.txt index 502317423..27af71dd0 100755 --- a/platforms/beos/local/19840.txt +++ b/platforms/beos/local/19840.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1098/info A direct system call containing invalid parameters through int 0x25 will cause the BeOS to crash. Reboot of the machine is required in order to regain normal functionality. -http://www.exploit-db.com/sploits/19840.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19840.tgz \ No newline at end of file diff --git a/platforms/bsd/local/19411.txt b/platforms/bsd/local/19411.txt index dd498faec..5ff9784f3 100755 --- a/platforms/bsd/local/19411.txt +++ b/platforms/bsd/local/19411.txt @@ -10,4 +10,4 @@ Hacker writes directly to device previously mounted as /usr, clearing file flags Hacker mounts modified device as /usr. Hacker installs backdoored /usr/bin/login. -http://www.exploit-db.com/sploits/19411.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19411.tgz \ No newline at end of file diff --git a/platforms/bsd/local/23655.txt b/platforms/bsd/local/23655.txt index d5a773c57..af300446d 100755 --- a/platforms/bsd/local/23655.txt +++ b/platforms/bsd/local/23655.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9586/info A vulnerability has been reported to reside in the 'shmat()' system call used in the BSD kernel. Exploiting this issue may allow a local attacker to inject instructions into the memory of a privileged process. -http://www.exploit-db.com/sploits/23655.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23655.tar.gz \ No newline at end of file diff --git a/platforms/bsd/remote/19520.txt b/platforms/bsd/remote/19520.txt index 056f25fe6..f75228660 100755 --- a/platforms/bsd/remote/19520.txt +++ b/platforms/bsd/remote/19520.txt @@ -49,5 +49,5 @@ FreeBSD h4x.Belkin 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Thu Feb 17 root () mason cse buffalo edu:/usr/obj/usr/src/sys/GENERIC amd64 uid=0(root) gid=0(wheel) groups=0(wheel),5(operator) -Exploit-DB mirror: http://www.exploit-db.com/sploits/19520.zip +Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19520.zip diff --git a/platforms/freebsd/local/12090.txt b/platforms/freebsd/local/12090.txt index c3259e9b2..a90194645 100755 --- a/platforms/freebsd/local/12090.txt +++ b/platforms/freebsd/local/12090.txt @@ -15,4 +15,4 @@ Ironmail was found to allow any CLI user to run arbitrary commands with Admin ri improper handling of environment variables. Download: -http://www.exploit-db.com/sploits/cybsec_advisory_2010_0404.pdf \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/cybsec_advisory_2010_0404.pdf \ No newline at end of file diff --git a/platforms/freebsd/local/12091.txt b/platforms/freebsd/local/12091.txt index 21c419739..72f14238e 100755 --- a/platforms/freebsd/local/12091.txt +++ b/platforms/freebsd/local/12091.txt @@ -14,4 +14,4 @@ Vulnerability Description: Some files that allow to obtain usernames and other internal information can be read by any user inside the CLI. -http://www.exploit-db.com/sploits/cybsec_advisory_2010_0403.pdf \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/cybsec_advisory_2010_0403.pdf \ No newline at end of file diff --git a/platforms/freebsd/remote/17462.txt b/platforms/freebsd/remote/17462.txt index 9d35a699e..fa8ae0785 100755 --- a/platforms/freebsd/remote/17462.txt +++ b/platforms/freebsd/remote/17462.txt @@ -196,7 +196,7 @@ Kingcope A statically linked linux binary of the exploit can be found below attached is a diff to openssh-5.8p2. the statically linked binary can be downloaded from http://isowarez.de/ssh_0day -Mirror: http://www.exploit-db.com/sploits/ssh_0day.tar.gz +Mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/ssh_0day.tar.gz run like ./ssh -1 -z setup a netcat, port 443 on yourip first diff --git a/platforms/freebsd/remote/18181.txt b/platforms/freebsd/remote/18181.txt index b08ab2408..2f3bf5895 100755 --- a/platforms/freebsd/remote/18181.txt +++ b/platforms/freebsd/remote/18181.txt @@ -33,5 +33,5 @@ BTW my box (isowarez.de) got hacked so expect me in a zine :> /Signed "the awesome" Kingcope Code: -http://www.exploit-db.com/sploits/7350roaringbeastv3.tar +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/7350roaringbeastv3.tar diff --git a/platforms/freebsd/remote/20593.txt b/platforms/freebsd/remote/20593.txt index f8c986ec0..663308d55 100755 --- a/platforms/freebsd/remote/20593.txt +++ b/platforms/freebsd/remote/20593.txt @@ -8,4 +8,4 @@ It is possible for packets that are not part of an established connection to be Exploitation of this vulnerability may allow for unauthorized remote access to otherwise protected services. -http://www.exploit-db.com/sploits/20593.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20593.tgz \ No newline at end of file diff --git a/platforms/freebsd/webapps/12658.txt b/platforms/freebsd/webapps/12658.txt index 5f05bf36d..5c619d664 100755 --- a/platforms/freebsd/webapps/12658.txt +++ b/platforms/freebsd/webapps/12658.txt @@ -15,4 +15,4 @@ improper profile check. =========== Download: =========== -http://www.exploit-db.com/sploits/cybsec_advisory_2010_0501_Ironmail_Advisory_Web_Access_Broken_Access.pdf \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/cybsec_advisory_2010_0501_Ironmail_Advisory_Web_Access_Broken_Access.pdf \ No newline at end of file diff --git a/platforms/hardware/dos/11043.txt b/platforms/hardware/dos/11043.txt index d6d74e125..96e38b604 100755 --- a/platforms/hardware/dos/11043.txt +++ b/platforms/hardware/dos/11043.txt @@ -36,4 +36,4 @@ Email : f3arm3d3ar@gmail.com =============== Download =============== -http://www.exploit-db.com/sploits/Sony_Ericsson.rar \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/Sony_Ericsson.rar \ No newline at end of file diff --git a/platforms/hardware/dos/12093.txt b/platforms/hardware/dos/12093.txt index 41e9d74cb..680cd55dd 100755 --- a/platforms/hardware/dos/12093.txt +++ b/platforms/hardware/dos/12093.txt @@ -15,4 +15,4 @@ Users inside the CLI can run some kind of of an insecure ulimit value. Download: -http://www.exploit-db.com/sploits/cybsec_advisory_2010_0401.pdf \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/cybsec_advisory_2010_0401.pdf \ No newline at end of file diff --git a/platforms/hardware/dos/13823.txt b/platforms/hardware/dos/13823.txt index 38a8983f7..0bfdd3878 100755 --- a/platforms/hardware/dos/13823.txt +++ b/platforms/hardware/dos/13823.txt @@ -1,3 +1,3 @@ I wrote a fuzzer "dumb fuzzer" and used a sample from http://www.ccp14.ac.uk/ccp/web-mirrors/bca-spreadsheets/scanplot101.xls which I randomly found on the internet. I mutated the data and tested roughly 1000 cases on several Document Reader Applications for iPhone. -http://www.exploit-db.com/sploits/savysoda_poc.xls \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/savysoda_poc.xls \ No newline at end of file diff --git a/platforms/hardware/dos/13824.txt b/platforms/hardware/dos/13824.txt index c8efef933..5eabc9d4f 100755 --- a/platforms/hardware/dos/13824.txt +++ b/platforms/hardware/dos/13824.txt @@ -1,3 +1,3 @@ I wrote a fuzzer "dumb fuzzer" and used a sample from http://www.ccp14.ac.uk/ccp/web-mirrors/bca-spreadsheets/scanplot101.xls which I randomly found on the internet. I mutated the data and tested roughly 1000 cases on several Document Reader Applications for iPhone. -http://www.exploit-db.com/sploits/office2_poc.xls \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/office2_poc.xls \ No newline at end of file diff --git a/platforms/hardware/dos/13825.txt b/platforms/hardware/dos/13825.txt index d56aa3388..d9beeb330 100755 --- a/platforms/hardware/dos/13825.txt +++ b/platforms/hardware/dos/13825.txt @@ -1,3 +1,3 @@ I wrote a fuzzer "dumb fuzzer" and used a sample from http://www.ccp14.ac.uk/ccp/web-mirrors/bca-spreadsheets/scanplot101.xls which I randomly found on the internet. I mutated the data and tested roughly 1000 cases on several Document Reader Applications for iPhone. -http://www.exploit-db.com/sploits/goodreader_poc.xls \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/goodreader_poc.xls \ No newline at end of file diff --git a/platforms/hardware/dos/18751.txt b/platforms/hardware/dos/18751.txt index 4195b3199..d76f4e262 100755 --- a/platforms/hardware/dos/18751.txt +++ b/platforms/hardware/dos/18751.txt @@ -130,7 +130,7 @@ other bugs and understanding them :) http://aluigi.org/poc/samsux_1.zip -http://www.exploit-db.com/sploits/18751.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18751.zip ####################################################################### diff --git a/platforms/hardware/dos/20821.txt b/platforms/hardware/dos/20821.txt index 2e781d0aa..4e240c13c 100755 --- a/platforms/hardware/dos/20821.txt +++ b/platforms/hardware/dos/20821.txt @@ -6,4 +6,4 @@ A problem in the Cisco Hot Standby Routing Protocol (HSRP) makes it possible to This problem makes it possible for system local to the network to deny service to legitmate users of that network segment. -http://www.exploit-db.com/sploits/20821.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20821.tgz \ No newline at end of file diff --git a/platforms/hardware/dos/20824.txt b/platforms/hardware/dos/20824.txt index e147d5751..c0b85add3 100755 --- a/platforms/hardware/dos/20824.txt +++ b/platforms/hardware/dos/20824.txt @@ -6,4 +6,4 @@ A problem with the switch firmware could allow a Denial of Service to legitimate This problem makes it possible for a remote user to deny service to legitimate users of the switch. -http://www.exploit-db.com/sploits/20824.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20824.tgz \ No newline at end of file diff --git a/platforms/hardware/dos/21092.txt b/platforms/hardware/dos/21092.txt index cb143dc18..7a46e8f00 100755 --- a/platforms/hardware/dos/21092.txt +++ b/platforms/hardware/dos/21092.txt @@ -7,4 +7,4 @@ CBOS becomes unstable when it receives multiple TCP connections on one of the tw This problem affects the following Cisco 600 series routers: 627, 633, 673, 675, 675E, 677, 677i and 678. -http://www.exploit-db.com/sploits/21092.mrc \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21092.mrc \ No newline at end of file diff --git a/platforms/hardware/dos/22596.txt b/platforms/hardware/dos/22596.txt index 199fa79a8..2362e434f 100755 --- a/platforms/hardware/dos/22596.txt +++ b/platforms/hardware/dos/22596.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7575/info It has been reported that a problem with Verilink broadband routers exists in the handling of TFTP packets. Because of this, an attacker could potentially deny service to legitimate users of the network. -http://www.exploit-db.com/sploits/22596.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/22596.zip \ No newline at end of file diff --git a/platforms/hardware/dos/22978.txt b/platforms/hardware/dos/22978.txt index 578b07164..bba9f86ad 100755 --- a/platforms/hardware/dos/22978.txt +++ b/platforms/hardware/dos/22978.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8323/info It has been reported that under some circumstances, a Cisco appliance running IOS may answer malicious malformed UDP echo packets with replies that contain partial contents from the affected router's memory. -http://www.exploit-db.com/sploits/22978.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/22978.tgz \ No newline at end of file diff --git a/platforms/hardware/dos/23876.txt b/platforms/hardware/dos/23876.txt index d29485749..6d1d2853e 100755 --- a/platforms/hardware/dos/23876.txt +++ b/platforms/hardware/dos/23876.txt @@ -4,4 +4,4 @@ It has been reported that Picophone is prone to a remote buffer overflow vulnera Successful exploitation of this issue will cause a denial of service condition to be triggered. The attacker may also leverage this issue to execute arbitrary code; this code would be executed in the security context of the user running the affected process. -http://www.exploit-db.com/sploits/23876.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23876.zip \ No newline at end of file diff --git a/platforms/hardware/dos/23900.txt b/platforms/hardware/dos/23900.txt index 79a8dac06..9b0d03f74 100755 --- a/platforms/hardware/dos/23900.txt +++ b/platforms/hardware/dos/23900.txt @@ -6,4 +6,4 @@ If an attacker is able to overwrite sensitive memory locations, it may be possib All versions of cdp are assumed to be vulnerable to this issue. -http://www.exploit-db.com/sploits/23900.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23900.tgz \ No newline at end of file diff --git a/platforms/hardware/dos/28228.txt b/platforms/hardware/dos/28228.txt index 2c381503a..a01f6e60b 100755 --- a/platforms/hardware/dos/28228.txt +++ b/platforms/hardware/dos/28228.txt @@ -6,4 +6,4 @@ Exploitation of this vulnerability could cause the firewall application to crash The individual who discovered this vulnerability claims to have tested it on Sunbelt Kerio Personal Firewall versions 4.3.246 and 4.2.3.912. They were unable to reproduce the vulnerability on version 4.2.3.912, which is an older release. The vulnerable functionality may have been introduced at some point after the 4.2.3.912 release, but this has not been confirmed. -http://www.exploit-db.com/sploits/28228.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28228.zip \ No newline at end of file diff --git a/platforms/hardware/dos/8013.txt b/platforms/hardware/dos/8013.txt index 6545ab430..288722da5 100755 --- a/platforms/hardware/dos/8013.txt +++ b/platforms/hardware/dos/8013.txt @@ -27,7 +27,7 @@ POC/EXPLOIT you can open this url with the browser or send mms with this image. http://es.geocities.com/jplopezy/nokiacrash.jpg -alt: http://www.exploit-db.com/sploits/2009-nokiacrash.jpg +alt: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-nokiacrash.jpg ------------------------------------------------------ Juan Pablo Lopez Yacubian diff --git a/platforms/hardware/local/21001.txt b/platforms/hardware/local/21001.txt index 9695d8c54..973b0ab27 100755 --- a/platforms/hardware/local/21001.txt +++ b/platforms/hardware/local/21001.txt @@ -8,4 +8,4 @@ These files are created in /tmp with a guessable naming format, making it trivia Since user-supplied data is written to the target file, attackers may be able to elevate privileges. -http://www.exploit-db.com/sploits/21001.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21001.tar.gz \ No newline at end of file diff --git a/platforms/hardware/remote/12298.txt b/platforms/hardware/remote/12298.txt index 131b8fc09..7256d64f4 100755 --- a/platforms/hardware/remote/12298.txt +++ b/platforms/hardware/remote/12298.txt @@ -9,7 +9,7 @@ # V100R001B121Telmex # Exploit Download Link: # http://www.hakim.ws/huawei/HG520_udpinfo.tar.gz -# http://www.exploit-db.com/sploits/HG520_udpinfo.tar.gz +# https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/HG520_udpinfo.tar.gz By sending a specially crafted UDP packet you can remotely obtain the diff --git a/platforms/hardware/remote/18291.txt b/platforms/hardware/remote/18291.txt index daf734e02..cfe9b1398 100755 --- a/platforms/hardware/remote/18291.txt +++ b/platforms/hardware/remote/18291.txt @@ -7,6 +7,6 @@ # Tested on: Access points from Linksys, Cisco, D-Link, TP-Link, Trendnet, and others # CVE : No CVE US-CERT VU#723755 -http://www.exploit-db.com/sploits/reaver-1.1.tar.gz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/reaver-1.1.tar.gz diff --git a/platforms/hardware/remote/19538.txt b/platforms/hardware/remote/19538.txt index 680a67976..b8aae1932 100755 --- a/platforms/hardware/remote/19538.txt +++ b/platforms/hardware/remote/19538.txt @@ -2,6 +2,6 @@ source: http://www.securityfocus.com/bid/695/info Hybrid Network's cable modems are vulnerable to several different types of attack due to a lack of authentication for the remote administration/configuration system. The cable modems use a protocol called HSMP, which uses UDP as its transport layer protocol. This makes it trivial to spoof packets and possible for hackers to compromise cable-modem subscribers anonymously. The possible consequences of this problem being exploited are very serious and range from denial of service attacks to running arbitrary code on the modem. -http://www.exploit-db.com/sploits/19538-1.tar.gz -http://www.exploit-db.com/sploits/19538-2.tar.gz -http://www.exploit-db.com/sploits/19538-3.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19538-1.tar.gz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19538-2.tar.gz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19538-3.tar.gz \ No newline at end of file diff --git a/platforms/hardware/remote/2034.txt b/platforms/hardware/remote/2034.txt index 2cc48f423..8ffbbc628 100755 --- a/platforms/hardware/remote/2034.txt +++ b/platforms/hardware/remote/2034.txt @@ -1,5 +1,5 @@ BT Voyager 2091 (Wireless ADSL) Multiple Vulnerabilities -http://www.exploit-db.com/sploits/07182006-btvoyager.tgz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/07182006-btvoyager.tgz # milw0rm.com [2006-07-18] diff --git a/platforms/hardware/remote/22532.txt b/platforms/hardware/remote/22532.txt index acccce684..25ef69bef 100755 --- a/platforms/hardware/remote/22532.txt +++ b/platforms/hardware/remote/22532.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7423/info When a VPN is configured to use a pre-shared master secret and a client attempts to negotiate keys in aggressive mode, a hash of the secret is transmitted across the network in clear-text. This may result in the hash being leaked to eavesdroppers or malicious clients. An offline brute-force attack on this hash may then be performed to obtain the clear-text secret. -http://www.exploit-db.com/sploits/22532.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/22532.tar.gz \ No newline at end of file diff --git a/platforms/hardware/remote/23212.txt b/platforms/hardware/remote/23212.txt index 7002701c2..3054c4c31 100755 --- a/platforms/hardware/remote/23212.txt +++ b/platforms/hardware/remote/23212.txt @@ -5,4 +5,4 @@ Authentication Protocol) is prone to a password disclosure weakness that may all Successful exploitation of this weakness may allow a remote attacker to steal authentication information, potentially allowing for unauthorized network access. -http://www.exploit-db.com/sploits/23212.tar.bz2 \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23212.tar.bz2 \ No newline at end of file diff --git a/platforms/hardware/remote/28056.txt b/platforms/hardware/remote/28056.txt index 63cb5a535..50047c965 100755 --- a/platforms/hardware/remote/28056.txt +++ b/platforms/hardware/remote/28056.txt @@ -13,4 +13,4 @@ Shodanhq.com shows >290.000 entries for the ROSSSH search term. The 50 megs Mikrotik package including the all research items can be downloaded here: http://www.farlight.org/mikropackage.zip -http://www.exploit-db.com/sploits/28056.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28056.zip diff --git a/platforms/hardware/remote/31132.txt b/platforms/hardware/remote/31132.txt index 1fdd7c2b8..01a5d5a0f 100755 --- a/platforms/hardware/remote/31132.txt +++ b/platforms/hardware/remote/31132.txt @@ -6,4 +6,4 @@ Attackers can exploit these issues to cause denial-of-service conditions or to o These issues affect versions prior to ExtremeZ-IP File Server 5.1.2x15 and ExtremeZ-IP Print Server 5.1.2x15. -http://www.exploit-db.com/sploits/31132.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31132.zip \ No newline at end of file diff --git a/platforms/hardware/remote/33869.txt b/platforms/hardware/remote/33869.txt index 6232e4dae..abdef038f 100755 --- a/platforms/hardware/remote/33869.txt +++ b/platforms/hardware/remote/33869.txt @@ -8,4 +8,4 @@ The following Huawei EchoLife HG520 firmware and software versions are vulnerabl Firmware 3.10.18.7-1.0.7.0, 3.10.18.5-1.0.7.0, 3.10.18.4 Software Versions: V100R001B120Telmex, V100R001B121Telmex -http://www.exploit-db.com/sploits/33869.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33869.tar.gz \ No newline at end of file diff --git a/platforms/hardware/remote/34465.txt b/platforms/hardware/remote/34465.txt index 62e2266cf..605507c1c 100755 --- a/platforms/hardware/remote/34465.txt +++ b/platforms/hardware/remote/34465.txt @@ -1,4 +1,4 @@ When configured in a high availability mode, the F5 solution suffers from an unauthenticated rsync access vulnerability that can be leveraged to upload a malicious SSH key and gain remote root access to the appliance. The BigIP platform configures an rsync daemon listening on the ConfigSync interfaces when the system is configured in a failover mode. The rsync daemon as currently configured does not require any authentication and the “cmi” module has complete read/write access to the system. If the ConfigSync IP addresses are accessible by a malicious third party, it is possible to upload an authorized_keys file directly into the /var/ssh/root directory and then open a root SSH session on the f5 device. -Advisory: http://www.exploit-db.com/sploits/34465.pdf \ No newline at end of file +Advisory: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34465.pdf \ No newline at end of file diff --git a/platforms/hardware/remote/8269.txt b/platforms/hardware/remote/8269.txt index 319258f2d..302e63290 100755 --- a/platforms/hardware/remote/8269.txt +++ b/platforms/hardware/remote/8269.txt @@ -197,7 +197,7 @@ name="backdoor"> Proof-of-concept brute force tool available at http://www.louhinetworks.fi/advisory/Louhi_CMC-brute_090323.zip -http://www.exploit-db.com/sploits/2009-Louhi_CMC-brute_090323.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-Louhi_CMC-brute_090323.zip Other information: diff --git a/platforms/hardware/shellcode/13294.txt b/platforms/hardware/shellcode/13294.txt index 6d9555186..f36d13c09 100755 --- a/platforms/hardware/shellcode/13294.txt +++ b/platforms/hardware/shellcode/13294.txt @@ -1,6 +1,6 @@ The pdf is located at: -http://www.exploit-db.com/sploits/lynn-cisco.pdf +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/lynn-cisco.pdf /str0ke diff --git a/platforms/hardware/webapps/11101.txt b/platforms/hardware/webapps/11101.txt index 55c891e70..e2bd0b002 100755 --- a/platforms/hardware/webapps/11101.txt +++ b/platforms/hardware/webapps/11101.txt @@ -16,5 +16,5 @@ firmware versions have been confirmed to date: Detailed description available here: http://www.sourcesec.com/Lab/dlink_hnap_captcha.pdf -POC code available here: http://www.exploit-db.com/sploits/hnap0wn.tar.gz +POC code available here: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/hnap0wn.tar.gz diff --git a/platforms/hardware/webapps/12092.txt b/platforms/hardware/webapps/12092.txt index 2d59e1a3f..6eb714712 100755 --- a/platforms/hardware/webapps/12092.txt +++ b/platforms/hardware/webapps/12092.txt @@ -17,4 +17,4 @@ because the application fails to sanitize user-supplied input. The vulnerabiliti logged-in user. Download: -http://www.exploit-db.com/sploits/cybsec_advisory_2010_0402.pdf \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/cybsec_advisory_2010_0402.pdf \ No newline at end of file diff --git a/platforms/hardware/webapps/29959.txt b/platforms/hardware/webapps/29959.txt index 3a0af9793..e99a23ba0 100755 --- a/platforms/hardware/webapps/29959.txt +++ b/platforms/hardware/webapps/29959.txt @@ -44,4 +44,4 @@ http://alguienenlafisi.blogspot.com Root-Node -Exploit-DB mirror: http://www.exploit-db.com/sploits/29959.nse \ No newline at end of file +Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29959.nse \ No newline at end of file diff --git a/platforms/hardware/webapps/34254.txt b/platforms/hardware/webapps/34254.txt index 03684812c..a6967b6ba 100755 --- a/platforms/hardware/webapps/34254.txt +++ b/platforms/hardware/webapps/34254.txt @@ -9,7 +9,7 @@ http://www.tp-link.com.de/resources/software/TL-WR740N_V4_130529.zip # Tested on: TP-Link TL-WR740N v4 Exploit: -http://www.exploit-db.com/sploits/34254.7z +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34254.7z Vulnerability description: The domain name parameters of the "Parental Control" and "Access diff --git a/platforms/ios/local/14538.txt b/platforms/ios/local/14538.txt index 5556f137f..38aafd2e6 100755 --- a/platforms/ios/local/14538.txt +++ b/platforms/ios/local/14538.txt @@ -1,3 +1,3 @@ The files contained in the archive link below are those that make use of a pdf exploit in order to jailbreak devices running Apple iOS. These pdf's are of interest in that they originate in userland and give root access to the devices. -http://www.exploit-db.com/sploits/ios_pdf_exploit.7z \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/ios_pdf_exploit.7z \ No newline at end of file diff --git a/platforms/ios/remote/28081.txt b/platforms/ios/remote/28081.txt index 6220dbcbb..7d8a95168 100755 --- a/platforms/ios/remote/28081.txt +++ b/platforms/ios/remote/28081.txt @@ -54,7 +54,7 @@ into the JS code). The full exploit code is available here: http://packetstormsecurity.com/files/123088/ -http://www.exploit-db.com/sploits/28081.tgz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28081.tgz +------------------------------------------------------------------------------+ diff --git a/platforms/java/remote/30502.txt b/platforms/java/remote/30502.txt index e8d7d4354..c792e1f84 100755 --- a/platforms/java/remote/30502.txt +++ b/platforms/java/remote/30502.txt @@ -4,4 +4,4 @@ The Sun Java Runtime Environment is prone to a remote privilege-escalation vulne An attacker can exploit this issue to execute arbitrary code within the context of the user who invoked the Java applet. Successfully exploiting this issue may result in the remote compromise of affected computers. -http://www.exploit-db.com/sploits/30502.tti \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30502.tti \ No newline at end of file diff --git a/platforms/java/webapps/36423.txt b/platforms/java/webapps/36423.txt new file mode 100755 index 000000000..7d04824f0 --- /dev/null +++ b/platforms/java/webapps/36423.txt @@ -0,0 +1,38 @@ +Abstract + + +A command injection vulnerability was found in Websense Appliance Manager that allows an attacker to execute arbitrary code on the appliance. This issue can be combined with other vulnerabilities, like Cross-Site Scripting, to perform a remote unauthenticated attacks to compromise the appliance. + +Tested versions + + +This issue was discovered on Websense Triton v7.8.3 and Websense appliance modules V-Series v7.7. Other versions may be affected as well. + +Fix + + +Websense released hotfix 02 for Websense Triton v7.8.4 in which this issue is fixed. More information about this hotfix can be found at the following location: +http://www.websense.com/support/article/kbarticle/v7-8-4-About-Hotfix-02-for-Web-Security-Solutions + +This issue is resolved in TRITON APX Version 8.0. More information about the fixed can be found at the following location: +http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 + +Introduction + + +Websense Data Security Suite contains three modules - Data Security Gateway, Data Discover, and Data Endpoint - that can help manage the risk of losing your data to malicious users or accidental misuse. + +The Websense Appliance Manager GUI has a web-based 'command line utility' that provides the ability to execute various network debugging commands, which can be run on any module; Appliance Controller, Content Gateway, Web Security, Network Agent, Email Security Gateway. This command line utility is affected by command injection that allows an attacker to execute arbitrary code on the appliance. This issue can be combined with other vulnerabilities, like Cross-Site Scripting, to perform a remote unauthenticated attacks to compromise the appliance. + +Details + + +The CommandLineServlet Java Servlet is responsible for enforcing limitations on the type of network debugging commands users are allowed to run using the GUI. An attacker is able to bypass these limitations by breaking out of any network diagnostics command that requires a second parameter (in this example Destination). This allows the attacker to inject arbitrary system commands. For example, the pipe character (|) is used to redirect the output from one process into the input of another, enabling multiple commands to be chained together. An attacker can leverage this behavior to execute any available system command (such as adduser or nc to start a reverse shell). The output is returned to the user, the commands are executed with elevated privileges (root). + +With a little help of social engineering (like sending a link via email/chat), an attacker may trick authenticated users to execute arbitrary commands on behalf of the attacker. A more effective attack would be to abuse other Websense vulnerabilities like Cross-Site Scripting. + +The following proof of concept will return the contents of /etc/shadow on affected appliances: + +https://host:9447/appmng/servlet/CommandLineServlet?type=exec&uuid=asdfasdf&module=na1&command=ping&Destination=127.0.0.1'|cat%20/etc/shadow' + +Other attack scenarios are also possible, like creating a backdoor account on the appliance. \ No newline at end of file diff --git a/platforms/lin_amd64/local/35472.txt b/platforms/lin_amd64/local/35472.txt index 25355bbe7..dceec48fc 100755 --- a/platforms/lin_amd64/local/35472.txt +++ b/platforms/lin_amd64/local/35472.txt @@ -43,7 +43,7 @@ by knowing only an address belonging to the application and the offset2lib value +------------------+ The proof of concept exploit code is available here: -http://www.exploit-db.com/sploits/35472.tgz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/35472.tgz http://packetstormsecurity.com/files/129398 +------------------------------------------------------------------------------+ diff --git a/platforms/lin_x86-64/local/36310.txt b/platforms/lin_x86-64/local/36310.txt index 7ad3afe3b..44625b348 100755 --- a/platforms/lin_x86-64/local/36310.txt +++ b/platforms/lin_x86-64/local/36310.txt @@ -2,7 +2,7 @@ Sources: http://googleprojectzero.blogspot.ca/2015/03/exploiting-dram-rowhammer-bug-to-gain.html https://code.google.com/p/google-security-research/issues/detail?id=283 -Full PoC: http://www.exploit-db.com/sploits/36310.tar.gz +Full PoC: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/36310.tar.gz This is a proof-of-concept exploit that is able to gain kernel privileges on machines that are susceptible to the DRAM "rowhammer" diff --git a/platforms/lin_x86-64/local/36311.txt b/platforms/lin_x86-64/local/36311.txt index 98be47622..ef794a88c 100755 --- a/platforms/lin_x86-64/local/36311.txt +++ b/platforms/lin_x86-64/local/36311.txt @@ -2,7 +2,7 @@ Sources: http://googleprojectzero.blogspot.ca/2015/03/exploiting-dram-rowhammer-bug-to-gain.html https://code.google.com/p/google-security-research/issues/detail?id=284 -Full PoC: http://www.exploit-db.com/sploits/36311.tar.gz +Full PoC: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/36311.tar.gz This is a proof-of-concept exploit that is able to escape from Native diff --git a/platforms/lin_x86/remote/20032.txt b/platforms/lin_x86/remote/20032.txt index eb5643d32..73277ef32 100755 --- a/platforms/lin_x86/remote/20032.txt +++ b/platforms/lin_x86/remote/20032.txt @@ -4,4 +4,4 @@ Washington University ftp daemon (wu-ftpd) is a very popular unix ftp server shi It should be noted that the SITE INDEX command is affected as well. -http://www.exploit-db.com/sploits/20032.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20032.tar.gz \ No newline at end of file diff --git a/platforms/lin_x86/shellcode/13366.txt b/platforms/lin_x86/shellcode/13366.txt index 92624f6e1..07715dfcb 100755 --- a/platforms/lin_x86/shellcode/13366.txt +++ b/platforms/lin_x86/shellcode/13366.txt @@ -1,5 +1,5 @@ # linux/x86 xor-encoded Connect Back Shellcode 371 bytes -http://www.exploit-db.com/sploits/black-RXenc-con-back.tar.gz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/black-RXenc-con-back.tar.gz # milw0rm.com [2006-04-18] \ No newline at end of file diff --git a/platforms/linux/dos/10203.txt b/platforms/linux/dos/10203.txt index 8f1d11b12..a18cfa2c3 100755 --- a/platforms/linux/dos/10203.txt +++ b/platforms/linux/dos/10203.txt @@ -61,4 +61,4 @@ Remote attackers may leverage this issue to cause denial-of-service conditions. NOTE: BibTeX may be shipped with various packages, such as TeTeX or TexLive, that may also be vulnerable. -Exploit-DB mirror: http://www.exploit-db.com/sploits/2009-11-22-bibtex-crash.tar.bz2 \ No newline at end of file +Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-11-22-bibtex-crash.tar.bz2 \ No newline at end of file diff --git a/platforms/linux/dos/10206.txt b/platforms/linux/dos/10206.txt index 09504d379..bc140dbe9 100755 --- a/platforms/linux/dos/10206.txt +++ b/platforms/linux/dos/10206.txt @@ -146,5 +146,5 @@ Exploiting this issue allows remote attackers to cause denial-of-service conditi Expat 2.0.1 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/2009-11-22-36097.gz -http://www.exploit-db.com/sploits/2009-11-22-36097-2.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-11-22-36097.gz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-11-22-36097-2.gz \ No newline at end of file diff --git a/platforms/linux/dos/14573.txt b/platforms/linux/dos/14573.txt index 1eebe2e32..c3f7b4048 100755 --- a/platforms/linux/dos/14573.txt +++ b/platforms/linux/dos/14573.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to crash an application that uses the vulnera Versions up to and including libTIFF 3.9.4 are vulnerable. PoC: -http://www.exploit-db.com/sploits/lp589145-sample.tif.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/lp589145-sample.tif.gz \ No newline at end of file diff --git a/platforms/linux/dos/18295.txt b/platforms/linux/dos/18295.txt index b1ea6b4d4..db67d88a5 100755 --- a/platforms/linux/dos/18295.txt +++ b/platforms/linux/dos/18295.txt @@ -218,5 +218,5 @@ Adam 'pi3' Zabrocki -- http://pi3.com.pl -http://www.exploit-db.com/sploits/p_cve-2011-4362.c +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/p_cve-2011-4362.c http://blog.pi3.com.pl/?p=277 diff --git a/platforms/linux/dos/23427.txt b/platforms/linux/dos/23427.txt index f582caf99..e7c1c197e 100755 --- a/platforms/linux/dos/23427.txt +++ b/platforms/linux/dos/23427.txt @@ -52,4 +52,4 @@ si_addr:$2 = (void *) 0xaf625080 Proof of concept included. http://www41.zippyshare.com/v/13083235/file.html -http://www.exploit-db.com/sploits/23427.rar +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23427.rar diff --git a/platforms/linux/dos/23757.txt b/platforms/linux/dos/23757.txt index aeabfb7c0..579b01b62 100755 --- a/platforms/linux/dos/23757.txt +++ b/platforms/linux/dos/23757.txt @@ -4,4 +4,4 @@ It has been reported that the GameSpy SDK is prone to a remote denial of service Exploitation of this issue may cause the affected GameSpy developed game to crash, denying service to legitimate users. -http://www.exploit-db.com/sploits/23757.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23757.zip \ No newline at end of file diff --git a/platforms/linux/dos/24815.txt b/platforms/linux/dos/24815.txt index ffbf9df04..ebff97f9c 100755 --- a/platforms/linux/dos/24815.txt +++ b/platforms/linux/dos/24815.txt @@ -4,4 +4,4 @@ It has been reported that the GameSpy SDK is prone to a buffer overflow vulnerab Exploitation of this issue may allow attackers to execute arbitrary machine code in the context of the affected GameSpy developed game. -http://www.exploit-db.com/sploits/24815.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24815.zip \ No newline at end of file diff --git a/platforms/linux/dos/24865.txt b/platforms/linux/dos/24865.txt index cb40fc028..5291d996c 100755 --- a/platforms/linux/dos/24865.txt +++ b/platforms/linux/dos/24865.txt @@ -10,7 +10,7 @@ Sorry I forgot to write headers in previous mail. # Tested on: [GNU/Linux] # CVE : [CVE-2012-1663] -PoC: http://www.exploit-db.com/sploits/24865.tar.bz2 +PoC: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24865.tar.bz2 I'm glad to share this to you guys. The test code was attached. You also could find them here: diff --git a/platforms/linux/dos/27762.txt b/platforms/linux/dos/27762.txt index 65d5464bc..6b1514606 100755 --- a/platforms/linux/dos/27762.txt +++ b/platforms/linux/dos/27762.txt @@ -4,8 +4,8 @@ LibTIFF is affected by multiple denial-of-service vulnerabilities. An attacker can exploit these vulnerabilities to cause a denial of service in applications using the affected library. -http://www.exploit-db.com/sploits/27762-1.tiff.0 +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27762-1.tiff.0 -http://www.exploit-db.com/sploits/27762-2.tiff.1 +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27762-2.tiff.1 -http://www.exploit-db.com/sploits/27762-3.tiff.100 \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27762-3.tiff.100 \ No newline at end of file diff --git a/platforms/linux/dos/27764.txt b/platforms/linux/dos/27764.txt index 68bca96ad..dcaebce2b 100755 --- a/platforms/linux/dos/27764.txt +++ b/platforms/linux/dos/27764.txt @@ -4,4 +4,4 @@ Applications using the LibTIFF library are prone to an integer-overflow vulnerab An attacker could exploit this vulnerability to execute arbitrary code in the context of the vulnerable application that uses the affected library. Failed exploit attempts will likely cause denial-of-service conditions. -http://www.exploit-db.com/sploits/27764.tiff.11 \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27764.tiff.11 \ No newline at end of file diff --git a/platforms/linux/dos/27765.txt b/platforms/linux/dos/27765.txt index 6c03eef17..5366fda52 100755 --- a/platforms/linux/dos/27765.txt +++ b/platforms/linux/dos/27765.txt @@ -4,4 +4,4 @@ Applications using the LibTIFF library are prone to a double-free vulnerability; Attackers may be able to exploit this issue to cause denial-of-service conditions in affected applications using a vulnerable version of the library; arbitrary code execution may also be possible. -http://www.exploit-db.com/sploits/27765.tiff.2 \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27765.tiff.2 \ No newline at end of file diff --git a/platforms/linux/dos/27925.txt b/platforms/linux/dos/27925.txt index da25d6a89..40c4ec3ca 100755 --- a/platforms/linux/dos/27925.txt +++ b/platforms/linux/dos/27925.txt @@ -6,4 +6,4 @@ This vulnerability allows local users to cause a kernel panic, denying further s This issue affects Linux kernel versions 2.6.15 through 2.6.17-rc5 on multiprocessor computers running SMP kernels. Other kernel versions may also be affected. -http://www.exploit-db.com/sploits/27925.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27925.tgz \ No newline at end of file diff --git a/platforms/linux/dos/28348.txt b/platforms/linux/dos/28348.txt index 28161a63f..0d7604f64 100755 --- a/platforms/linux/dos/28348.txt +++ b/platforms/linux/dos/28348.txt @@ -8,4 +8,4 @@ Exploiting this issue could allow attacker-supplied machine code to execute in t ClamAV versions 0.88.2 and 0.88.3 are vulnerable to this issue; prior versions may also be affected. -http://www.exploit-db.com/sploits/28348.exe \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28348.exe \ No newline at end of file diff --git a/platforms/linux/dos/28358.txt b/platforms/linux/dos/28358.txt index a2324890c..292329ae0 100755 --- a/platforms/linux/dos/28358.txt +++ b/platforms/linux/dos/28358.txt @@ -6,4 +6,4 @@ Remote attackers may trigger this issue by sending crafted UDP datagrams to affe Linux kernel versions 2.6.14.4, 2.6.17.6, and 2.6.17.7 are vulnerable to this issue; other versions in the 2.6 series are also likely affected. -http://www.exploit-db.com/sploits/28358.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28358.tar.gz \ No newline at end of file diff --git a/platforms/linux/dos/28367.txt b/platforms/linux/dos/28367.txt index da1da0a26..354252ede 100755 --- a/platforms/linux/dos/28367.txt +++ b/platforms/linux/dos/28367.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to execute arbitrary code within the contex AlsaPlayer 0.99.76, the CVS version as of 9 Aug 2006, and prior versions are vulnerable to this issue; other versions may also be affected. -http://www.exploit-db.com/sploits/28367.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28367.zip \ No newline at end of file diff --git a/platforms/linux/dos/28380.txt b/platforms/linux/dos/28380.txt index ff57343a9..28c5e1d18 100755 --- a/platforms/linux/dos/28380.txt +++ b/platforms/linux/dos/28380.txt @@ -6,4 +6,4 @@ Attackers may likely exploit this issue to execute arbitrary machine code in the Mozilla Firefox is vulnerable to this issue. Due to code reuse, other Mozilla products are also likely affected. -http://www.exploit-db.com/sploits/28380.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28380.zip \ No newline at end of file diff --git a/platforms/linux/dos/28383.txt b/platforms/linux/dos/28383.txt index 39fbe4201..897b4cf69 100755 --- a/platforms/linux/dos/28383.txt +++ b/platforms/linux/dos/28383.txt @@ -6,4 +6,4 @@ This issue allows attackers to execute arbitrary machine code in the context of ImageMagick versions in the 6.x series, up to version 6.2.8, are vulnerable to this issue. -http://www.exploit-db.com/sploits/28383.sgi \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28383.sgi \ No newline at end of file diff --git a/platforms/linux/dos/28384.txt b/platforms/linux/dos/28384.txt index 4e39de9ed..ce3d36c24 100755 --- a/platforms/linux/dos/28384.txt +++ b/platforms/linux/dos/28384.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to execute arbitrary code within the contex Versions 2.1.2, SVN 8406, and prior are vulnerable to this issue; other versions may also be affected. -http://www.exploit-db.com/sploits/28384.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28384.zip \ No newline at end of file diff --git a/platforms/linux/dos/28895.txt b/platforms/linux/dos/28895.txt index 28690a5d1..1b96d7da3 100755 --- a/platforms/linux/dos/28895.txt +++ b/platforms/linux/dos/28895.txt @@ -4,4 +4,4 @@ The Linux kernel is prone to a local denial-of-service vulnerability. An attacker can exploit this issue to crash the affected computer, denying service to legitimate users. -http://www.exploit-db.com/sploits/28895.img.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28895.img.gz \ No newline at end of file diff --git a/platforms/linux/dos/28912.txt b/platforms/linux/dos/28912.txt index 5d69d0049..bae98db34 100755 --- a/platforms/linux/dos/28912.txt +++ b/platforms/linux/dos/28912.txt @@ -4,4 +4,4 @@ The Linux kernel is prone to a local denial-of-service vulnerability. This issue An attacker can exploit this issue to crash the affected computer, denying service to legitimate users. -http://www.exploit-db.com/sploits/28912.iso.bz2 \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28912.iso.bz2 \ No newline at end of file diff --git a/platforms/linux/dos/29399.txt b/platforms/linux/dos/29399.txt index ebb9a4df0..b9258a71e 100755 --- a/platforms/linux/dos/29399.txt +++ b/platforms/linux/dos/29399.txt @@ -4,4 +4,4 @@ Multiple PDF readers are prone to multiple remote buffer-overflow vulnerabilitie An attacker may be able exploit this issue to execute arbitrary code within the context of the affected application. In some circumstances, the vulnerability can be exploited only to cause a denial of service. -http://www.exploit-db.com/sploits/29399.pdf \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29399.pdf \ No newline at end of file diff --git a/platforms/linux/dos/29520.txt b/platforms/linux/dos/29520.txt index 01d12ee18..af3a378cf 100755 --- a/platforms/linux/dos/29520.txt +++ b/platforms/linux/dos/29520.txt @@ -4,4 +4,4 @@ Applications using the gtk2 library may be prone to a denial-of-service vulnerab An attacker can exploit this issue to crash applications on a victim's computer. -http://www.exploit-db.com/sploits/29520.mbox \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29520.mbox \ No newline at end of file diff --git a/platforms/linux/dos/29723.txt b/platforms/linux/dos/29723.txt index af2955c4d..85a5fd698 100755 --- a/platforms/linux/dos/29723.txt +++ b/platforms/linux/dos/29723.txt @@ -10,4 +10,4 @@ Firefox 2.0.0.2 is prone to this issue; other versions may also be affected. GIMP version 2.2.12 is also reported vulnerable; a segmentation fault occurs when the application processes a malicious GIF image. -http://www.exploit-db.com/sploits/29723.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29723.zip \ No newline at end of file diff --git a/platforms/linux/dos/29809.txt b/platforms/linux/dos/29809.txt index cce0df683..613290c7c 100755 --- a/platforms/linux/dos/29809.txt +++ b/platforms/linux/dos/29809.txt @@ -6,4 +6,4 @@ Exploiting this issue allows remote attackers to consume excessive system resour PulseAudio 0.9.5 is vulnerable to this issue. -http://www.exploit-db.com/sploits/29809.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29809.zip \ No newline at end of file diff --git a/platforms/linux/dos/30024.txt b/platforms/linux/dos/30024.txt index 7b371967a..46e1ea219 100755 --- a/platforms/linux/dos/30024.txt +++ b/platforms/linux/dos/30024.txt @@ -6,4 +6,4 @@ Successful exploits of this vulnerability allow remote attackers to execute arbi Versions of libexif prior to 0.6.14 are vulnerable to this issue. -http://www.exploit-db.com/sploits/30024.jpg \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30024.jpg \ No newline at end of file diff --git a/platforms/linux/dos/30648.txt b/platforms/linux/dos/30648.txt index e802305e0..b37471034 100755 --- a/platforms/linux/dos/30648.txt +++ b/platforms/linux/dos/30648.txt @@ -6,4 +6,4 @@ Exploiting this issue allows attackers to execute arbitrary machine code in the This issue affects versions prior to AlsaPlayer 0.99.80-rc3. -http://www.exploit-db.com/sploits/30648.ogg \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30648.ogg \ No newline at end of file diff --git a/platforms/linux/dos/30776.txt b/platforms/linux/dos/30776.txt index e27a0c9d6..598a07ea4 100755 --- a/platforms/linux/dos/30776.txt +++ b/platforms/linux/dos/30776.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to crash the application, resulting in denial-o LIVE555 Media Server 2007.11.01 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/30776.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30776.zip \ No newline at end of file diff --git a/platforms/linux/dos/30837.txt b/platforms/linux/dos/30837.txt index 72f8dcdb2..36d2ac050 100755 --- a/platforms/linux/dos/30837.txt +++ b/platforms/linux/dos/30837.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to cause denial-of-service conditions. Given th QEMU 0.9.0 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/30837.rar \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30837.rar \ No newline at end of file diff --git a/platforms/linux/dos/30894.txt b/platforms/linux/dos/30894.txt index 30c22da8f..be34d537e 100755 --- a/platforms/linux/dos/30894.txt +++ b/platforms/linux/dos/30894.txt @@ -6,4 +6,4 @@ Successfully exploiting these issues will allow an attacker to execute arbitrary These issues affect PeerCast 0.12.17, SVN 334 and prior versions. -http://www.exploit-db.com/sploits/30894.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30894.zip \ No newline at end of file diff --git a/platforms/linux/dos/31018.txt b/platforms/linux/dos/31018.txt index 32a57c67c..986a28ef6 100755 --- a/platforms/linux/dos/31018.txt +++ b/platforms/linux/dos/31018.txt @@ -6,7 +6,7 @@ Successfully exploiting this issue allows remote attackers to deny service to le These issues affect GStreamer 0.10.15; other versions may also be vulnerable. -http://www.exploit-db.com/sploits/31018-1.mpg -http://www.exploit-db.com/sploits/31018-2.mpg -http://www.exploit-db.com/sploits/31018-3.m2v -http://www.exploit-db.com/sploits/31018-4.m2v \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31018-1.mpg +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31018-2.mpg +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31018-3.m2v +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31018-4.m2v \ No newline at end of file diff --git a/platforms/linux/dos/31054.txt b/platforms/linux/dos/31054.txt index 2b4005c62..e83b3396b 100755 --- a/platforms/linux/dos/31054.txt +++ b/platforms/linux/dos/31054.txt @@ -6,4 +6,4 @@ Attackers can leverage this issue to execute arbitrary code in the context of an Versions prior to SDL_image 1.2.7 are vulnerable. -http://www.exploit-db.com/sploits/31054.gif \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31054.gif \ No newline at end of file diff --git a/platforms/linux/dos/31218.txt b/platforms/linux/dos/31218.txt index 2d8bdeed3..b64ff120e 100755 --- a/platforms/linux/dos/31218.txt +++ b/platforms/linux/dos/31218.txt @@ -6,4 +6,4 @@ Successfully exploiting this issue allows remote attackers to crash the affected This issue affects freeSSHd 1.2.0 and prior versions. -http://www.exploit-db.com/sploits/31218.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31218.zip \ No newline at end of file diff --git a/platforms/linux/dos/31552.txt b/platforms/linux/dos/31552.txt index 7aebc038d..6f2846a07 100755 --- a/platforms/linux/dos/31552.txt +++ b/platforms/linux/dos/31552.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow attackers to cause crashes and deny service to These issues affect Wireshark 0.99.2 up to and including 0.99.8. -http://www.exploit-db.com/sploits/31552.pcap \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31552.pcap \ No newline at end of file diff --git a/platforms/linux/dos/31553.txt b/platforms/linux/dos/31553.txt index d3b283932..6d664c474 100755 --- a/platforms/linux/dos/31553.txt +++ b/platforms/linux/dos/31553.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow attackers to cause crashes and deny service to These issues affect Wireshark 0.99.2 up to and including 0.99.8. -http://www.exploit-db.com/sploits/31553.pcap \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31553.pcap \ No newline at end of file diff --git a/platforms/linux/dos/31554.txt b/platforms/linux/dos/31554.txt index ad0201d8d..f207eb458 100755 --- a/platforms/linux/dos/31554.txt +++ b/platforms/linux/dos/31554.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow attackers to cause crashes and deny service to These issues affect Wireshark 0.99.2 up to and including 0.99.8. -http://www.exploit-db.com/sploits/31554.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31554.gz \ No newline at end of file diff --git a/platforms/linux/dos/31984.txt b/platforms/linux/dos/31984.txt index 88d3cf057..c6e8f75bc 100755 --- a/platforms/linux/dos/31984.txt +++ b/platforms/linux/dos/31984.txt @@ -6,4 +6,4 @@ Successful exploits can allow attackers to crash the affected browser, resulting This issue affects Firefox 3 running on Ubuntu Linux 8.04; other versions running on different platforms may also be affected. -http://www.exploit-db.com/sploits/31984.jpg \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31984.jpg \ No newline at end of file diff --git a/platforms/linux/dos/32018.txt b/platforms/linux/dos/32018.txt index ced385630..febf239a3 100755 --- a/platforms/linux/dos/32018.txt +++ b/platforms/linux/dos/32018.txt @@ -6,4 +6,4 @@ This issue arises when the software handles maliciously crafted SVG images. According to reports, the latest versions of Firefox, Evince, EoG, and GIMP are vulnerable. -http://www.exploit-db.com/sploits/32018.svg \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32018.svg \ No newline at end of file diff --git a/platforms/linux/dos/32019.txt b/platforms/linux/dos/32019.txt index 835687528..f5354ac98 100755 --- a/platforms/linux/dos/32019.txt +++ b/platforms/linux/dos/32019.txt @@ -6,4 +6,4 @@ Remote attackers can exploit this issue by enticing victims into opening malicio Successful exploits may allow attackers to execute arbitrary code within the context of an affected application. Failed exploit attempts will likely result in a denial of service. -http://www.exploit-db.com/sploits/32019.iki \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32019.iki \ No newline at end of file diff --git a/platforms/linux/dos/32452.txt b/platforms/linux/dos/32452.txt index e07128c78..40f2a7111 100755 --- a/platforms/linux/dos/32452.txt +++ b/platforms/linux/dos/32452.txt @@ -17,4 +17,4 @@ UPDATE (September 4, 2009): Mac OS X 10.6 reportedly ships with Flash Player 10. UPDATE (June 10, 2010): Flash Player 10.1.53.64 and 9.0.227.0 are available. -http://www.exploit-db.com/sploits/32452.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32452.zip \ No newline at end of file diff --git a/platforms/linux/dos/32740.txt b/platforms/linux/dos/32740.txt index a26188ad1..c96270f84 100755 --- a/platforms/linux/dos/32740.txt +++ b/platforms/linux/dos/32740.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to cause a kernel panic, denying service to leg QNX RTOS 6.4.0 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/32740.bin \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32740.bin \ No newline at end of file diff --git a/platforms/linux/dos/32775.txt b/platforms/linux/dos/32775.txt index e06a4e240..436954397 100755 --- a/platforms/linux/dos/32775.txt +++ b/platforms/linux/dos/32775.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to cause the kernel to crash, denying service t This issue affects versions prior to Linux kernel 2.6.27.14. -http://www.exploit-db.com/sploits/32775.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32775.gz \ No newline at end of file diff --git a/platforms/linux/dos/32800.txt b/platforms/linux/dos/32800.txt index 0d113811e..a54700538 100755 --- a/platforms/linux/dos/32800.txt +++ b/platforms/linux/dos/32800.txt @@ -6,4 +6,4 @@ Successfully exploiting this issue allows remote attackers to crash applications These issues affect versions prior to Poppler 0.10.4. -http://www.exploit-db.com/sploits/32800.pdf \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32800.pdf \ No newline at end of file diff --git a/platforms/linux/dos/32856.txt b/platforms/linux/dos/32856.txt index 7d88d8f17..5d0a359f2 100755 --- a/platforms/linux/dos/32856.txt +++ b/platforms/linux/dos/32856.txt @@ -4,4 +4,4 @@ MPlayer is prone to multiple denial-of-service vulnerabilities when handling mal Successfully exploiting this issue allows remote attackers to deny service to legitimate users. -http://www.exploit-db.com/sploits/32856.aac \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32856.aac \ No newline at end of file diff --git a/platforms/linux/dos/32857.txt b/platforms/linux/dos/32857.txt index d886def3e..2b764d00c 100755 --- a/platforms/linux/dos/32857.txt +++ b/platforms/linux/dos/32857.txt @@ -4,4 +4,4 @@ MPlayer is prone to multiple denial-of-service vulnerabilities when handling mal Successfully exploiting this issue allows remote attackers to deny service to legitimate users. -http://www.exploit-db.com/sploits/32857.ogm \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32857.ogm \ No newline at end of file diff --git a/platforms/linux/dos/33017.txt b/platforms/linux/dos/33017.txt index c4eb23627..e16d8919e 100755 --- a/platforms/linux/dos/33017.txt +++ b/platforms/linux/dos/33017.txt @@ -8,4 +8,4 @@ Acrobat 9.1.1 is vulnerable; other versions may also be affected. NOTE: This BID was previously classified as a buffer-overflow issue, but further analysis reveals that it is a stack-exhaustion issue. Code execution is unlikely. -http://www.exploit-db.com/sploits/33017.pdf \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33017.pdf \ No newline at end of file diff --git a/platforms/linux/dos/33049.txt b/platforms/linux/dos/33049.txt index 4dde95875..f596de399 100755 --- a/platforms/linux/dos/33049.txt +++ b/platforms/linux/dos/33049.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary malicious code in the co LibTIFF 3.8.2 is vulnerable; other versions may be affected as well. -http://www.exploit-db.com/sploits/33049.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33049.zip \ No newline at end of file diff --git a/platforms/linux/dos/33088.txt b/platforms/linux/dos/33088.txt index 6457555b3..cde5e34a3 100755 --- a/platforms/linux/dos/33088.txt +++ b/platforms/linux/dos/33088.txt @@ -6,5 +6,5 @@ A local attacker can exploit this issue to execute arbitrary code with superuser This issue was introduced in Linux kernel 2.6.30. -http://www.exploit-db.com/sploits/33088-1.tgz -http://www.exploit-db.com/sploits/33088-2.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33088-1.tgz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33088-2.tgz \ No newline at end of file diff --git a/platforms/linux/dos/33101.txt b/platforms/linux/dos/33101.txt index 7c9ae857c..6b89b1407 100755 --- a/platforms/linux/dos/33101.txt +++ b/platforms/linux/dos/33101.txt @@ -6,4 +6,4 @@ The vulnerability is fixed in Firefox 3.0.12 and 3.5. Note that Thunderbird is a This vulnerability was previously covered in BID 35758 (Mozilla Firefox MFSA 2009-34, -35, -36, -37, -39, -40 Multiple Vulnerabilities) but has been assigned its own record to better document the issue. -http://www.exploit-db.com/sploits/33101.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33101.zip \ No newline at end of file diff --git a/platforms/linux/dos/33134.txt b/platforms/linux/dos/33134.txt index 1ad8dc458..ae4fdd876 100755 --- a/platforms/linux/dos/33134.txt +++ b/platforms/linux/dos/33134.txt @@ -13,4 +13,4 @@ This issue affects versions *prior to* the following: Flash Player 10.0.32.18 AIR 1.5.2 -http://www.exploit-db.com/sploits/33134.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33134.zip \ No newline at end of file diff --git a/platforms/linux/dos/33222.txt b/platforms/linux/dos/33222.txt index 617a30838..d797a720b 100755 --- a/platforms/linux/dos/33222.txt +++ b/platforms/linux/dos/33222.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow attackers to crash the application and deny se These issues affect Wireshark 0.99.6 through 1.2.1. -http://www.exploit-db.com/sploits/33222.pcap \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33222.pcap \ No newline at end of file diff --git a/platforms/linux/dos/33223.txt b/platforms/linux/dos/33223.txt index d0eb1fecc..859c5f871 100755 --- a/platforms/linux/dos/33223.txt +++ b/platforms/linux/dos/33223.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow attackers to crash the application and deny se These issues affect Wireshark 0.99.6 through 1.2.1. -http://www.exploit-db.com/sploits/33223.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33223.zip \ No newline at end of file diff --git a/platforms/linux/dos/33224.txt b/platforms/linux/dos/33224.txt index 4f6702b16..07dbe41ae 100755 --- a/platforms/linux/dos/33224.txt +++ b/platforms/linux/dos/33224.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow attackers to crash the application and deny se These issues affect Wireshark 0.99.6 through 1.2.1. -http://www.exploit-db.com/sploits/33224.pcap \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33224.pcap \ No newline at end of file diff --git a/platforms/linux/dos/33233.txt b/platforms/linux/dos/33233.txt index 17965be9d..63c2bef08 100755 --- a/platforms/linux/dos/33233.txt +++ b/platforms/linux/dos/33233.txt @@ -6,5 +6,5 @@ Attackers may leverage these issues to execute arbitrary code in the context of FFmpeg 0.5 is affected; other versions may also be vulnerable. -http://www.exploit-db.com/sploits/33233-1.zip -http://www.exploit-db.com/sploits/33233-2.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33233-1.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33233-2.zip \ No newline at end of file diff --git a/platforms/linux/dos/33283.txt b/platforms/linux/dos/33283.txt index e89e95d98..913edb9ea 100755 --- a/platforms/linux/dos/33283.txt +++ b/platforms/linux/dos/33283.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue by supplying a malicious PDF file or webpage. This issue was previously covered in BID 36638 (Adobe Reader and Acrobat October 2009 Multiple Remote Vulnerabilities), but has been given its own record to better document it. -http://www.exploit-db.com/sploits/33283.tar \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33283.tar \ No newline at end of file diff --git a/platforms/linux/dos/33524.txt b/platforms/linux/dos/33524.txt index 39dd7b95f..7608a7779 100755 --- a/platforms/linux/dos/33524.txt +++ b/platforms/linux/dos/33524.txt @@ -9,4 +9,4 @@ Successful exploits will cause the application to crash, denying service to legi OpenOffice 3.1.0 and 3.1.1 on Microsoft Windows are affected. -http://www.exploit-db.com/sploits/33524.rar \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33524.rar \ No newline at end of file diff --git a/platforms/linux/dos/33549.txt b/platforms/linux/dos/33549.txt index 0711ffe82..ba49d5016 100755 --- a/platforms/linux/dos/33549.txt +++ b/platforms/linux/dos/33549.txt @@ -8,4 +8,4 @@ Successful exploits will cause the application to crash, denying service to legi OpenOffice 3.1.0 and 3.1.1 are vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/33549.slk \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33549.slk \ No newline at end of file diff --git a/platforms/linux/dos/33585.txt b/platforms/linux/dos/33585.txt index 9b5da25e8..dec0f4c6e 100755 --- a/platforms/linux/dos/33585.txt +++ b/platforms/linux/dos/33585.txt @@ -8,4 +8,4 @@ Versions prior to Linux kernel 2.6.33-rc6 are vulnerable. NOTE: This issue can be exploited only on 64-bit architectures. Core dumps must be enabled. -http://www.exploit-db.com/sploits/ \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/ \ No newline at end of file diff --git a/platforms/linux/dos/34228.txt b/platforms/linux/dos/34228.txt index 343b4a772..5bdee5084 100755 --- a/platforms/linux/dos/34228.txt +++ b/platforms/linux/dos/34228.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to crash the affected application, denying serv Mumble versions 1.2.2 and prior are vulnerable. -http://www.exploit-db.com/sploits/34228.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34228.zip \ No newline at end of file diff --git a/platforms/linux/dos/34249.txt b/platforms/linux/dos/34249.txt index 2e2e784e0..4d5c6b052 100755 --- a/platforms/linux/dos/34249.txt +++ b/platforms/linux/dos/34249.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to cause the applications to become unrespo Freeciv 2.2.1 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/34249.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34249.zip \ No newline at end of file diff --git a/platforms/linux/dos/34278.txt b/platforms/linux/dos/34278.txt index 48e14e77c..a2fe61585 100755 --- a/platforms/linux/dos/34278.txt +++ b/platforms/linux/dos/34278.txt @@ -4,4 +4,4 @@ LibTIFF is prone to a denial-of-service vulnerability because it fails to proper An attacker can exploit this issue to crash an application that uses the vulnerable library, denying service to legitimate users. -http://www.exploit-db.com/sploits/34278.tif \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34278.tif \ No newline at end of file diff --git a/platforms/linux/dos/34279.txt b/platforms/linux/dos/34279.txt index 315c9a36c..e0ac4df8b 100755 --- a/platforms/linux/dos/34279.txt +++ b/platforms/linux/dos/34279.txt @@ -4,4 +4,4 @@ LibTIFF is prone to a denial-of-service vulnerability because it fails to proper An attacker can exploit this issue to crash an application that uses the vulnerable library, denying service to legitimate users. -http://www.exploit-db.com/sploits/34279.tif \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34279.tif \ No newline at end of file diff --git a/platforms/linux/dos/34427.txt b/platforms/linux/dos/34427.txt index ef9a31494..ca62f7dde 100755 --- a/platforms/linux/dos/34427.txt +++ b/platforms/linux/dos/34427.txt @@ -6,4 +6,4 @@ Successfully exploiting this issue may allow an attacker to execute arbitrary co The issue affects OpenSSL 1.0.0a; other versions may also be affected. -http://www.exploit-db.com/sploits/34427.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34427.zip \ No newline at end of file diff --git a/platforms/linux/dos/35081.txt b/platforms/linux/dos/35081.txt index b8b415433..c499daf04 100755 --- a/platforms/linux/dos/35081.txt +++ b/platforms/linux/dos/35081.txt @@ -23,7 +23,7 @@ out-of-bounds crashes due to very limited range checking. In binutils $ wget http://lcamtuf.coredump.cx/strings-bfd-badptr2 -EDB Mirror: http://www.exploit-db.com/sploits/35081 +EDB Mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/35081 ... $ strings strings-bfd-badptr2 diff --git a/platforms/linux/dos/35173.txt b/platforms/linux/dos/35173.txt index 71764e171..e9c244904 100755 --- a/platforms/linux/dos/35173.txt +++ b/platforms/linux/dos/35173.txt @@ -7,7 +7,7 @@ Attached three PoCs (malformed ELFs) and a screenshot of the panic. -http://www.exploit-db.com/sploits/35173.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/35173.zip ---- diff --git a/platforms/linux/local/1596.txt b/platforms/linux/local/1596.txt index 6f8200572..3db23b543 100755 --- a/platforms/linux/local/1596.txt +++ b/platforms/linux/local/1596.txt @@ -24,6 +24,6 @@ X Protocol Version 11, Revision 0, Release 7.0 r00t # id uid=0(root) gid=100(users) groups=10(wheel),18(audio)... -# backup: http://www.exploit-db.com/sploits/xmodulepath.tgz +# backup: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/xmodulepath.tgz # milw0rm.com [2006-03-20] diff --git a/platforms/linux/local/1831.txt b/platforms/linux/local/1831.txt index 108ec4d6b..b7b527798 100755 --- a/platforms/linux/local/1831.txt +++ b/platforms/linux/local/1831.txt @@ -9,7 +9,7 @@ that data is overwritten again correctly by a program' function). .bss section is in higher addresses than .dtors section, so, we can't hijack .dtors to.... -PoC: http://www.exploit-db.com/sploits/05262006-tiffspl33t.tar.gz +PoC: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/05262006-tiffspl33t.tar.gz nitr0us diff --git a/platforms/linux/local/19803.txt b/platforms/linux/local/19803.txt index 5a18b3928..3da8a1456 100755 --- a/platforms/linux/local/19803.txt +++ b/platforms/linux/local/19803.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1047/info wmcdplay is cdplayer generally used with the WindowMaker X11 window-manager on unix systems. While wmcdplay is rarely installed at all by default, when it is installed it is typically set setuid root. wmcdplay is vulnerable to a buffer overflow attack due to lack of bounds checking on an argument it is passed. As a result, a local user can elevate their priviliges to root through overruning the stack and executing arbitrary code with the effective user-id of the process (root). -http://www.exploit-db.com/sploits/19803.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19803.tar.gz \ No newline at end of file diff --git a/platforms/linux/local/19813.txt b/platforms/linux/local/19813.txt index c8b8b3a14..2916d80fc 100755 --- a/platforms/linux/local/19813.txt +++ b/platforms/linux/local/19813.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1061/info A vulnerability exists in the kreatecd program for Linux. This program is a graphical front end to the cdrecord program, and is installed setuid root. This program will blindly trust the configuration of the path to cdrecord, as specified by the user. This means that arbitrary programs can be executed as root by an attacker using kreatecd. It appears that graphical interaction is required to exploit this program. -http://www.exploit-db.com/sploits/19813.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19813.tar.gz \ No newline at end of file diff --git a/platforms/linux/local/19915.txt b/platforms/linux/local/19915.txt index 0afa9f99e..aa7da354b 100755 --- a/platforms/linux/local/19915.txt +++ b/platforms/linux/local/19915.txt @@ -4,4 +4,4 @@ Some linux distributions (S.u.S.E. 6.4 reported) ship with kscd (a CD player for Red Hat, Linux Mandrake, and Turbo Linux do not currently ship with kscd setgid 'disk'. -http://www.exploit-db.com/sploits/19915.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19915.tgz \ No newline at end of file diff --git a/platforms/linux/local/20843.txt b/platforms/linux/local/20843.txt index ecb7da859..cf911f3be 100755 --- a/platforms/linux/local/20843.txt +++ b/platforms/linux/local/20843.txt @@ -4,4 +4,4 @@ A heap overflow vulnerability exists in the 'man' system manual pager program. The vulnerability exists due to a length check error when the -S option is given. As a result, it may be possible for a local user to execute arbitrary code with group 'man' privileges. -http://www.exploit-db.com/sploits/20843.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20843.tar.gz \ No newline at end of file diff --git a/platforms/linux/local/20926.txt b/platforms/linux/local/20926.txt index e158f8807..f157eac25 100755 --- a/platforms/linux/local/20926.txt +++ b/platforms/linux/local/20926.txt @@ -6,4 +6,4 @@ The vulnerability exists due to the way the program handles manual page files be As a result, it may be possible for local users to execute arbitrary code with group 'man' privileges. -http://www.exploit-db.com/sploits/20926.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20926.tar.gz \ No newline at end of file diff --git a/platforms/linux/local/21062.txt b/platforms/linux/local/21062.txt index fa710f749..65e2997c7 100755 --- a/platforms/linux/local/21062.txt +++ b/platforms/linux/local/21062.txt @@ -6,4 +6,4 @@ The problem is the result of the use of signed integers in the program's tTflag( Because the '-d' command-line switch is processed before the program drops its elevated privileges, this could lead to a full system compromise. This vulnerability has been successfully exploited in a laboratory environment. -http://www.exploit-db.com/sploits/21062.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21062.tar.gz \ No newline at end of file diff --git a/platforms/linux/local/21063.txt b/platforms/linux/local/21063.txt index 41e6ebf6a..8c467283e 100755 --- a/platforms/linux/local/21063.txt +++ b/platforms/linux/local/21063.txt @@ -6,4 +6,4 @@ The problem is the result of the use of signed integers in the program's tTflag( Because the '-d' command-line switch is processed before the program drops its elevated privileges, this could lead to a full system compromise. This vulnerability has been successfully exploited in a laboratory environment. -http://www.exploit-db.com/sploits/21063.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21063.tar.gz \ No newline at end of file diff --git a/platforms/linux/local/21124.txt b/platforms/linux/local/21124.txt index 5853550ae..2bb21860a 100755 --- a/platforms/linux/local/21124.txt +++ b/platforms/linux/local/21124.txt @@ -6,4 +6,4 @@ Attackers can exploit this to elevate privileges. Note: There are currently conflicting reports about the exploitability of this vulnerability. -http://www.exploit-db.com/sploits/21124.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21124.tgz \ No newline at end of file diff --git a/platforms/linux/local/21229.txt b/platforms/linux/local/21229.txt index c67302b38..e12b1d281 100755 --- a/platforms/linux/local/21229.txt +++ b/platforms/linux/local/21229.txt @@ -4,4 +4,4 @@ at is a freely available, open source scheduler package. It is included with var Under some circumstances, at does not correctly handle time input. A local user attempting to schedule a task via commandline execution and using a maliciously crafted time format can cause heap corruption in at. As the at program is installed setuid root in most implementations, this could result in the execution of arbitrary code with administrative privileges. -http://www.exploit-db.com/sploits/21229.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21229.tar.gz \ No newline at end of file diff --git a/platforms/linux/local/21248.txt b/platforms/linux/local/21248.txt index 6e8d673d8..19cda9238 100755 --- a/platforms/linux/local/21248.txt +++ b/platforms/linux/local/21248.txt @@ -6,4 +6,4 @@ UML does not correctly protect kernel address space from user programs within th This is a known problem with the current UML implementation. Memory protection may be partially implemented at this time. -http://www.exploit-db.com/sploits/21248.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21248.tgz \ No newline at end of file diff --git a/platforms/linux/local/21375.txt b/platforms/linux/local/21375.txt index af2d3cd28..a9f6b9f5c 100755 --- a/platforms/linux/local/21375.txt +++ b/platforms/linux/local/21375.txt @@ -4,4 +4,4 @@ The Internet Software Consortium (ISC) Internet News (INN) project is a powerful Multiple vulnerabilities have been reported in two components of INN, inews and rnews. Reportedly, both are vulnerable to locally exploitable format string problems. Under some systems these binaries may be installed suid root or sgid news, allowing a local attacker to gain elevated privileges. -http://www.exploit-db.com/sploits/21375.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21375.tar.gz \ No newline at end of file diff --git a/platforms/linux/local/21458.txt b/platforms/linux/local/21458.txt index 661f852d7..d0c8142a3 100755 --- a/platforms/linux/local/21458.txt +++ b/platforms/linux/local/21458.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/4762/info An attacker with root access may be able to write to kernel memory in spite of the security patch provided by grsecurity. The patch operates by redirecting the write() system call, when it is being used to write to a memory device. Unfortunately, there are other methods that can be used to write to kernel memory (such as mapping the device to memory using mmap()). -http://www.exploit-db.com/sploits/21458.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21458.tgz \ No newline at end of file diff --git a/platforms/linux/local/21763.txt b/platforms/linux/local/21763.txt index 35b47cdac..3072db3c1 100755 --- a/platforms/linux/local/21763.txt +++ b/platforms/linux/local/21763.txt @@ -4,4 +4,4 @@ Linuxconf is a Linux configuration utility from Solucorp. It is typically instal A buffer overflow vulnerability has been reported for Linuxconf. The vulnerability is due to insufficent bounds checking of the LINUXCONF_LANG environment variable. An attacker who sets the LINUXCONF_LANG environment variable with an overly large string will be able to cause the buffer overflow condition. -http://www.exploit-db.com/sploits/21763.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21763.tar.gz \ No newline at end of file diff --git a/platforms/linux/local/22189.txt b/platforms/linux/local/22189.txt index a24c7289c..48ccb1982 100755 --- a/platforms/linux/local/22189.txt +++ b/platforms/linux/local/22189.txt @@ -4,4 +4,4 @@ mtink is prone to a locally exploitable buffer overflow condition. This is due t mtink is reportedly installed setgid 'sys' on Mandrake Linux, so it is possible that this issue may be exploited to execute arbitrary code with elevated privileges. Other distributions may also be affected if mtink is installed or runs with elevated privileges. -http://www.exploit-db.com/sploits/22189.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/22189.tar.gz \ No newline at end of file diff --git a/platforms/linux/local/22190.txt b/platforms/linux/local/22190.txt index d5c29e9ab..41ec38e45 100755 --- a/platforms/linux/local/22190.txt +++ b/platforms/linux/local/22190.txt @@ -4,4 +4,4 @@ It has been reported that a buffer overflow in escputil exists. When supplied wi escputil is reportedly installed setgid 'sys' on Mandrake Linux, so it is possible that this issue may be exploited to execute arbitrary code with elevated privileges. Other distributions may also be affected if the utility is installed or runs with elevated privileges. -http://www.exploit-db.com/sploits/22190.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/22190.tar.gz \ No newline at end of file diff --git a/platforms/linux/local/25707.txt b/platforms/linux/local/25707.txt index 43055d0cc..4b0731a1f 100755 --- a/platforms/linux/local/25707.txt +++ b/platforms/linux/local/25707.txt @@ -4,4 +4,4 @@ Both cryptoloop and dm-crypt are reported prone to an information disclosure vul It should be noted that a successful attack would reveal the presence of a watermarked file but not the file contents. -http://www.exploit-db.com/sploits/25707.tar.bz2 \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25707.tar.bz2 \ No newline at end of file diff --git a/platforms/linux/local/29714.txt b/platforms/linux/local/29714.txt index fa55e32e4..9127c0242 100755 --- a/platforms/linux/local/29714.txt +++ b/platforms/linux/local/29714.txt @@ -4,4 +4,4 @@ The Linux kernel is prone to a local privilege-escalation vulnerability. Exploiting this issue allows local attackers to gain superuser privileges, facilitating the complete compromise of affected computers. -http://www.exploit-db.com/sploits/29714.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29714.tgz \ No newline at end of file diff --git a/platforms/linux/local/31911.txt b/platforms/linux/local/31911.txt index f37ad802b..7a97cbe13 100755 --- a/platforms/linux/local/31911.txt +++ b/platforms/linux/local/31911.txt @@ -6,6 +6,6 @@ Successfully exploiting these issues can allow an attacker to execute arbitrary Vim 7.1.298 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/31911-1.zip -http://www.exploit-db.com/sploits/31911-2.zip -http://www.exploit-db.com/sploits/31911-3.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31911-1.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31911-2.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31911-3.zip diff --git a/platforms/linux/local/33228.txt b/platforms/linux/local/33228.txt index 65aed6505..f881721ec 100755 --- a/platforms/linux/local/33228.txt +++ b/platforms/linux/local/33228.txt @@ -6,4 +6,4 @@ Local attackers may be able to exploit this issue to run arbitrary code with ele The Linux Kernel 2.6.31-rc1 through 2.6.31 are vulnerable. -http://www.exploit-db.com/sploits/33228.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33228.tgz \ No newline at end of file diff --git a/platforms/linux/local/33395.txt b/platforms/linux/local/33395.txt index c28b7cc92..8743517b4 100755 --- a/platforms/linux/local/33395.txt +++ b/platforms/linux/local/33395.txt @@ -6,4 +6,4 @@ Exploits may allow attackers to execute arbitrary code with kernel-level privile Successful exploits will result in the complete compromise of affected computers. -http://www.exploit-db.com/sploits/33395.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33395.tgz \ No newline at end of file diff --git a/platforms/linux/local/34421.c b/platforms/linux/local/34421.c index de759cbca..90585e435 100755 --- a/platforms/linux/local/34421.c +++ b/platforms/linux/local/34421.c @@ -1,5 +1,5 @@ // -// Full Exploit: http://www.exploit-db.com/sploits/CVE-2014-5119.tar.gz +// Full Exploit: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/CVE-2014-5119.tar.gz // // // --------------------------------------------------- diff --git a/platforms/linux/local/34537.txt b/platforms/linux/local/34537.txt index fc96cb579..f3503cbe2 100755 --- a/platforms/linux/local/34537.txt +++ b/platforms/linux/local/34537.txt @@ -6,4 +6,4 @@ Three flaws have been identified that contribute to a weakening of the protectio Attackers may leverage these weaknesses to attack encrypted files through watermarking or other techniques. Successful attacks may disclose sensitive information. -http://www.exploit-db.com/sploits/34537.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34537.tar.gz \ No newline at end of file diff --git a/platforms/linux/local/34953.txt b/platforms/linux/local/34953.txt index acc2fe7d1..5a3907732 100755 --- a/platforms/linux/local/34953.txt +++ b/platforms/linux/local/34953.txt @@ -4,4 +4,4 @@ FUSE fusermount tool is prone to a race-condition vulnerability. A local attacker can exploit this issue to cause a denial of service by unmounting any filesystem of the system. -http://www.exploit-db.com/sploits/34953.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34953.zip \ No newline at end of file diff --git a/platforms/linux/local/35749.txt b/platforms/linux/local/35749.txt index 406cc75d0..3fe079390 100755 --- a/platforms/linux/local/35749.txt +++ b/platforms/linux/local/35749.txt @@ -10,7 +10,7 @@ but disabling it is a matter of running setenforce 0 as root. Download: https://mega.co.nz/#!jgBT0RxZ!LQDEBBrbGxE6fag4d_A2C2cWj2PSNR_ZvnSW_UjRD5E -Mirror: http://www.exploit-db.com/sploits/redstarroot.rpm +Mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/redstarroot.rpm ## Source: http://richardg867.wordpress.com/2015/01/01/notes-on-red-star-os-3-0/ & http://www.openwall.com/lists/oss-security/2015/01/09/1 diff --git a/platforms/linux/local/3730.txt b/platforms/linux/local/3730.txt index 59d5d749c..92decafd2 100755 --- a/platforms/linux/local/3730.txt +++ b/platforms/linux/local/3730.txt @@ -1,5 +1,5 @@ ProFTPD 1.3.0/1.3.0a (mod_ctrls) Local Overflow Exploit (exec-shield) -http://www.exploit-db.com/sploits/04132007-pr0ftpd_modctrls.tgz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/04132007-pr0ftpd_modctrls.tgz # milw0rm.com [2007-04-13] diff --git a/platforms/linux/local/7855.txt b/platforms/linux/local/7855.txt index 6758ecf89..7ae3b24de 100755 --- a/platforms/linux/local/7855.txt +++ b/platforms/linux/local/7855.txt @@ -3,6 +3,6 @@ PostgreSQL UDF for command execution [1] http://bernardodamele.blogspot.com/2009/01/command-execution-with-postgresql-udf.html [2] https://svn.sqlmap.org/sqlmap/trunk/sqlmap/extra/postgresqludfsys/lib_postgresqludf_sys_0.0.1.tar.gz -mirror: http://exploit-db.com/sploits/2009-lib_postgresqludf_sys_0.0.1.tar.gz +mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-lib_postgresqludf_sys_0.0.1.tar.gz # milw0rm.com [2009-01-25] diff --git a/platforms/linux/local/7856.txt b/platforms/linux/local/7856.txt index 03afc071e..d4386b4c9 100755 --- a/platforms/linux/local/7856.txt +++ b/platforms/linux/local/7856.txt @@ -3,6 +3,6 @@ MySQL UDF for command execution [1] http://bernardodamele.blogspot.com/2009/01/command-execution-with-mysql-udf.html [2] https://svn.sqlmap.org/sqlmap/trunk/sqlmap/extra/mysqludfsys/lib_mysqludf_sys_0.0.3.tar.gz -mirror: http://exploit-db.com/sploits/2009-lib_mysqludf_sys_0.0.3.tar.gz +mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-lib_mysqludf_sys_0.0.3.tar.gz # milw0rm.com [2009-01-25] diff --git a/platforms/linux/local/9191.txt b/platforms/linux/local/9191.txt index 7e87cce05..2cd837399 100755 --- a/platforms/linux/local/9191.txt +++ b/platforms/linux/local/9191.txt @@ -301,6 +301,6 @@ http://grsecurity.net/~spender/cheddar_bay.tgz -backup: http://exploit-db.com/sploits/2009-cheddar_bay.tgz +backup: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-cheddar_bay.tgz # milw0rm.com [2009-07-17] diff --git a/platforms/linux/local/9208.txt b/platforms/linux/local/9208.txt index 6c77347b8..116c758ea 100755 --- a/platforms/linux/local/9208.txt +++ b/platforms/linux/local/9208.txt @@ -50,6 +50,6 @@ i686 Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz GenuineIntel GNU/Linux ------------------------------------ -download: http://exploit-db.com/sploits/2009-pulseaudio-exp.tar.gz +download: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-pulseaudio-exp.tar.gz # milw0rm.com [2009-07-20] diff --git a/platforms/linux/local/9435.txt b/platforms/linux/local/9435.txt index f899074da..a761a11c1 100755 --- a/platforms/linux/local/9435.txt +++ b/platforms/linux/local/9435.txt @@ -30,6 +30,6 @@ http://www.youtube.com/watch?v=arAfIp7YzZ4 */ http://www.grsecurity.net/~spender/wunderbar_emporium.tgz -back: http://www.exploit-db.com/sploits/2009-wunderbar_emporium.tgz +back: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-wunderbar_emporium.tgz # milw0rm.com [2009-08-14] diff --git a/platforms/linux/local/9436.txt b/platforms/linux/local/9436.txt index 6764d4746..7c4b9481b 100755 --- a/platforms/linux/local/9436.txt +++ b/platforms/linux/local/9436.txt @@ -4,6 +4,6 @@ Quick and dirty exploit for this one: http://www.frasunek.com/proto_ops.tgz -back: http://www.exploit-db.com/sploits/2009-proto_ops.tgz +back: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-proto_ops.tgz # milw0rm.com [2009-08-14] diff --git a/platforms/linux/local/9574.txt b/platforms/linux/local/9574.txt index 8247d46b3..fdeca704a 100755 --- a/platforms/linux/local/9574.txt +++ b/platforms/linux/local/9574.txt @@ -16,6 +16,6 @@ */ main: http://grsecurity.net/~spender/therebel.tgz -back: http://exploit-db.com/sploits/2009-therebel.tgz +back: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-therebel.tgz # milw0rm.com [2009-09-02] diff --git a/platforms/linux/local/9598.txt b/platforms/linux/local/9598.txt index ee6b4377c..2d07df1d7 100755 --- a/platforms/linux/local/9598.txt +++ b/platforms/linux/local/9598.txt @@ -5,6 +5,6 @@ systems, it automatically searches in the SELinux policy rules for types with mmap_zero permission it can transition, and tries to exploit the system with that types. -http://www.exploit-db.com/sploits/2009-linux-sendpage2.tar.gz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-linux-sendpage2.tar.gz # milw0rm.com [2009-09-09] diff --git a/platforms/linux/local/9627.txt b/platforms/linux/local/9627.txt index 67b1ea96d..461732494 100755 --- a/platforms/linux/local/9627.txt +++ b/platforms/linux/local/9627.txt @@ -37,6 +37,6 @@ */ http://www.grsecurity.net/~spender/enlightenment.tgz -back: http://exploit-db.com/sploits/2009-enlightenment.tgz +back: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-enlightenment.tgz # milw0rm.com [2009-09-10] diff --git a/platforms/linux/local/9641.txt b/platforms/linux/local/9641.txt index 51f9f8fbd..e7831f908 100755 --- a/platforms/linux/local/9641.txt +++ b/platforms/linux/local/9641.txt @@ -4,6 +4,6 @@ pointer workaround for data items addressing on ppc64 (i.e. functions on exploit code and libc can be referenced); Improved search and transition to SELinux types with mmap_zero permission. -http://exploit-db.com/sploits/2009-linux-sendpage3.tar.gz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-linux-sendpage3.tar.gz # milw0rm.com [2009-09-11] diff --git a/platforms/linux/remote/19522.txt b/platforms/linux/remote/19522.txt index 76278da0a..fac911f3a 100755 --- a/platforms/linux/remote/19522.txt +++ b/platforms/linux/remote/19522.txt @@ -4,4 +4,4 @@ A vulnerability in the Linux kernel allows remote users to guess the initial seq The function 'secure_tcp_sequence_number' in the file 'drivers/char/random.c' at line 1684 is used to generate the initial sequence number. It used the MD4 hash with a set of inputs to generate the new ISN. -http://www.exploit-db.com/sploits/19522.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19522.tar.gz \ No newline at end of file diff --git a/platforms/linux/remote/19892.txt b/platforms/linux/remote/19892.txt index 48e772672..91e69194c 100755 --- a/platforms/linux/remote/19892.txt +++ b/platforms/linux/remote/19892.txt @@ -4,4 +4,4 @@ A vulnerability exists in the DNS decode capabilities provided as part of the tc When tcpdump is logging to a file, it is not affected by this vulnerability. Upon reading from a file which contains recorded packets, it will enter an infinite loop when it encounters packets of this type. -http://www.exploit-db.com/sploits/19892.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19892.tar.gz \ No newline at end of file diff --git a/platforms/linux/remote/20924.txt b/platforms/linux/remote/20924.txt index 758b1656f..3e56c67d6 100755 --- a/platforms/linux/remote/20924.txt +++ b/platforms/linux/remote/20924.txt @@ -4,4 +4,4 @@ MDBMS is a free relational database management system. A buffer overflow condition exists in MDBMS. By issuing the '\s' command to display the query buffer when it contains a large amount of data, it may be possible for a remote user to trigger this condition and execute arbitrary code. -http://www.exploit-db.com/sploits/20924.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20924.tar.gz \ No newline at end of file diff --git a/platforms/linux/remote/21210.txt b/platforms/linux/remote/21210.txt index af231f8af..46191089c 100755 --- a/platforms/linux/remote/21210.txt +++ b/platforms/linux/remote/21210.txt @@ -8,4 +8,4 @@ Although this vulnerability exists in recent versions of X-Chat, the option to e cat 21210.exploit - | netcat server 6667 -http://www.exploit-db.com/sploits/21210.exploit \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21210.exploit \ No newline at end of file diff --git a/platforms/linux/remote/21402.txt b/platforms/linux/remote/21402.txt index 2cd6dd42c..502a89fe5 100755 --- a/platforms/linux/remote/21402.txt +++ b/platforms/linux/remote/21402.txt @@ -4,4 +4,4 @@ A buffer overflow condition exists in the OpenSSH server. The condition is explo The vulnerability is related to the handling of Kerberos 4 TGT/AFS tokens passed by the client. An unbounded string copy operation may result in a stack overflow if the TGT/token data is malformed. -http://www.exploit-db.com/sploits/21402.tar \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21402.tar \ No newline at end of file diff --git a/platforms/linux/remote/22187.txt b/platforms/linux/remote/22187.txt index b8ee051d5..781754c4b 100755 --- a/platforms/linux/remote/22187.txt +++ b/platforms/linux/remote/22187.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/6650/info CVS is prone to a double free vulnerability in the Directory requests. An attacker may potentially take advantage of this issue to cause heap memory to be corrupted with attacker-supplied values, which may result in execution of arbitrary code. -http://www.exploit-db.com/sploits/22187.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/22187.tar.gz \ No newline at end of file diff --git a/platforms/linux/remote/22264.txt b/platforms/linux/remote/22264.txt index 5d559acd8..85508c86e 100755 --- a/platforms/linux/remote/22264.txt +++ b/platforms/linux/remote/22264.txt @@ -6,4 +6,4 @@ The information loss was reduced in OpenSSL versions 0.9.6i and 0.9.7a. It is no *It should be noted that this attack is reportedly difficult to exploit and requires that the adversary be a man-in-the-middle. -http://www.exploit-db.com/sploits/22264.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/22264.tar.gz \ No newline at end of file diff --git a/platforms/linux/remote/22584.txt b/platforms/linux/remote/22584.txt index 75823ab55..17b0a359e 100755 --- a/platforms/linux/remote/22584.txt +++ b/platforms/linux/remote/22584.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7550/info Info-ZIP UnZip contains a vulnerability during the handling of pathnames for archived files. Specifically, when certain encoded characters are inserted into '../' directory traversal sequences, the creator of the archive can cause the file to be extracted to arbitrary locations on the filesystem - including paths containing system binaries and other sensitive or confidential information. -http://www.exploit-db.com/sploits/22584.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/22584.zip \ No newline at end of file diff --git a/platforms/linux/remote/23082.txt b/platforms/linux/remote/23082.txt index 623107ffb..25484a1ff 100755 --- a/platforms/linux/remote/23082.txt +++ b/platforms/linux/remote/23082.txt @@ -1,4 +1,4 @@ -http://www.exploit-db.com/sploits/23082.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23082.zip SSH Tectia Remote Authentication Bypass Tectia is the commercial OpenSSH solution. The product can be found at: diff --git a/platforms/linux/remote/23728.txt b/platforms/linux/remote/23728.txt index c8ff407f5..595613e29 100755 --- a/platforms/linux/remote/23728.txt +++ b/platforms/linux/remote/23728.txt @@ -2,12 +2,12 @@ source: http://www.securityfocus.com/bid/9692/info Metamail has been reported prone to multiple vulnerabilities that may provide for arbitrary code execution. Two buffer overflow vulnerabilities have been reported to affect Metamail. Additionally, two format string-handling vulnerabilities have been reported. These issues may also be exploited by a remote attacker to execute arbitrary code. -http://www.exploit-db.com/sploits/23728-1.splitmail +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23728-1.splitmail -http://www.exploit-db.com/sploits/23728-2.tgz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23728-2.tgz -http://www.exploit-db.com/sploits/23728-3 +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23728-3 -http://www.exploit-db.com/sploits/23728-4 +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23728-4 -http://www.exploit-db.com/sploits/23728-5 \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23728-5 \ No newline at end of file diff --git a/platforms/linux/remote/23881.txt b/platforms/linux/remote/23881.txt index c51ace0df..cc9cbf1b4 100755 --- a/platforms/linux/remote/23881.txt +++ b/platforms/linux/remote/23881.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9974/info Multiple locally and remotely exploitable buffer overrun and format strings were reported in emil. This could permit execution of arbitrary code in the context of the software. -http://www.exploit-db.com/sploits/23881.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23881.tar.gz \ No newline at end of file diff --git a/platforms/linux/remote/24784.txt b/platforms/linux/remote/24784.txt index f908a9ff2..9c9e96cd3 100755 --- a/platforms/linux/remote/24784.txt +++ b/platforms/linux/remote/24784.txt @@ -4,4 +4,4 @@ The file command is affected by a buffer overflow vulnerability. This issue is d An attacker may leverage this issue to execute arbitrary code with the privileges of a user that processes the malicious file with the affected utility. This may be leveraged to escalate privileges or to gain unauthorized access. -http://www.exploit-db.com/sploits/24784.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24784.zip \ No newline at end of file diff --git a/platforms/linux/remote/24848.txt b/platforms/linux/remote/24848.txt index b629f90e2..a01f6c808 100755 --- a/platforms/linux/remote/24848.txt +++ b/platforms/linux/remote/24848.txt @@ -8,4 +8,4 @@ If a user obtains this file and processes it through ChBg, the attacker-supplied ChBg 1.5 is reported prone to this vulnerability. It is likely that other versions are affected as well. -http://www.exploit-db.com/sploits/24848.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24848.zip \ No newline at end of file diff --git a/platforms/linux/remote/24852.txt b/platforms/linux/remote/24852.txt index a0c64f405..f2ce7a250 100755 --- a/platforms/linux/remote/24852.txt +++ b/platforms/linux/remote/24852.txt @@ -4,4 +4,4 @@ A remote client-side buffer overflow vulnerability affects mpg123. This issue is An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation. -http://www.exploit-db.com/sploits/24852.list \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24852.list \ No newline at end of file diff --git a/platforms/linux/remote/24977.txt b/platforms/linux/remote/24977.txt index bbdff6dc1..efa79edc4 100755 --- a/platforms/linux/remote/24977.txt +++ b/platforms/linux/remote/24977.txt @@ -4,4 +4,4 @@ CUPS is reported prone to a remote buffer overflow vulnerability. The issue is r A remote attacker may exploit this condition to execute arbitrary code in the context of the vulnerable CUPS daemon. -http://www.exploit-db.com/sploits/24977.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24977.gz \ No newline at end of file diff --git a/platforms/linux/remote/24978.txt b/platforms/linux/remote/24978.txt index 3e7805f2f..f99b8d4e5 100755 --- a/platforms/linux/remote/24978.txt +++ b/platforms/linux/remote/24978.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/11969/info It is reported that the xine media library is affected by a remote buffer overflow vulnerability. This issue can allow a remote attacker to gain unauthorized access to a vulnerable computer. The overflow condition presents itself in the 'demux_aiff.c' file. -http://www.exploit-db.com/sploits/24978.avi \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24978.avi \ No newline at end of file diff --git a/platforms/linux/remote/25005.txt b/platforms/linux/remote/25005.txt index 0c04c4ad7..4e7ab156d 100755 --- a/platforms/linux/remote/25005.txt +++ b/platforms/linux/remote/25005.txt @@ -4,4 +4,4 @@ NASM is prone to a buffer overflow. This condition is exposed when the applicati Successful exploitation will permit arbitrary code execution with the privileges of the user running the application. -http://www.exploit-db.com/sploits/25005.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25005.zip \ No newline at end of file diff --git a/platforms/linux/remote/25006.txt b/platforms/linux/remote/25006.txt index 1e7ef76af..e59f6cd64 100755 --- a/platforms/linux/remote/25006.txt +++ b/platforms/linux/remote/25006.txt @@ -4,4 +4,4 @@ It is reported that rtf2latex2e is susceptible to a stack buffer overflow vulner This vulnerability allows remote attackers to alter the proper flow of execution of the application, potentially resulting in the execution of attacker-supplied machine code in the context of the application attempting to read the malicious RTF file. -http://www.exploit-db.com/sploits/25006.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25006.zip \ No newline at end of file diff --git a/platforms/linux/remote/25008.txt b/platforms/linux/remote/25008.txt index ed7b349cd..9a4cb5dc0 100755 --- a/platforms/linux/remote/25008.txt +++ b/platforms/linux/remote/25008.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue by crafting a malicious message that contains LinPopUp version 1.2.0 is reported prone to this vulnerability. It is likely that other versions are affected as well. -http://www.exploit-db.com/sploits/25008.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25008.zip \ No newline at end of file diff --git a/platforms/linux/remote/25010.txt b/platforms/linux/remote/25010.txt index f248c69d9..c55648dca 100755 --- a/platforms/linux/remote/25010.txt +++ b/platforms/linux/remote/25010.txt @@ -4,4 +4,4 @@ o3read is prone to a buffer overflow vulnerability. This issue is exposed when t Successful exploitation will result in code execution with the privileges of the user running the application. -http://www.exploit-db.com/sploits/25010.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25010.zip \ No newline at end of file diff --git a/platforms/linux/remote/25015.txt b/platforms/linux/remote/25015.txt index 7512ade69..e02976b64 100755 --- a/platforms/linux/remote/25015.txt +++ b/platforms/linux/remote/25015.txt @@ -8,4 +8,4 @@ If a user obtains this file and processes it through the application, the attack Ringtone Tools version 2.22 is reported prone to this vulnerability. It is likely that other versions are affected as well. -http://www.exploit-db.com/sploits/25015.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25015.zip \ No newline at end of file diff --git a/platforms/linux/remote/25030.txt b/platforms/linux/remote/25030.txt index 28bde95e9..49562dc77 100755 --- a/platforms/linux/remote/25030.txt +++ b/platforms/linux/remote/25030.txt @@ -4,4 +4,4 @@ GNU UnRTF is prone to a buffer overflow vulnerability. This issue is exposed whe Successful exploitation will result in execution of arbitrary code. -http://www.exploit-db.com/sploits/25030.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25030.zip \ No newline at end of file diff --git a/platforms/linux/remote/25035.txt b/platforms/linux/remote/25035.txt index e732d07f2..cf16d9e9a 100755 --- a/platforms/linux/remote/25035.txt +++ b/platforms/linux/remote/25035.txt @@ -4,4 +4,4 @@ PCAL is prone to a buffer overflow vulnerability. This issue is exposed when the Successful exploitation of this issue will result in execution of arbitrary code as the user of the application. -http://www.exploit-db.com/sploits/25035.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25035.zip \ No newline at end of file diff --git a/platforms/linux/remote/25036.txt b/platforms/linux/remote/25036.txt index 712acbddc..7b1afed02 100755 --- a/platforms/linux/remote/25036.txt +++ b/platforms/linux/remote/25036.txt @@ -4,4 +4,4 @@ PCAL is prone to a buffer overflow vulnerability. This issue is exposed when the Successful exploitation of this issue will result in execution of arbitrary code as the user of the application. -http://www.exploit-db.com/sploits/25036.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25036.zip \ No newline at end of file diff --git a/platforms/linux/remote/25150.txt b/platforms/linux/remote/25150.txt index a93dcff6e..f9be56eb8 100755 --- a/platforms/linux/remote/25150.txt +++ b/platforms/linux/remote/25150.txt @@ -4,4 +4,4 @@ A remotely exploitable client-side directory-traversal vulnerability affects Win An attacker may leverage this issue by distributing malicious ACE archives to unsuspecting users. This issue will allow an attacker to write files to arbitrary locations on the filesystem with the privileges of an unsuspecting user that extracts the malicious ACE archive. -http://www.exploit-db.com/sploits/25150.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25150.zip \ No newline at end of file diff --git a/platforms/linux/remote/26540.txt b/platforms/linux/remote/26540.txt index 0596c1683..7a6f3c30a 100755 --- a/platforms/linux/remote/26540.txt +++ b/platforms/linux/remote/26540.txt @@ -4,4 +4,4 @@ Inkscape is prone to a buffer overflow vulnerability. This issue is due to a fai When the application processes a malformed SVG image file, it results in a buffer overflow. An attacker can exploit this vulnerability to execute arbitrary code in the context of the victim user. -http://www.exploit-db.com/sploits/26540.svg \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/26540.svg \ No newline at end of file diff --git a/platforms/linux/remote/29471.txt b/platforms/linux/remote/29471.txt index da38a7c75..059a58a26 100755 --- a/platforms/linux/remote/29471.txt +++ b/platforms/linux/remote/29471.txt @@ -6,4 +6,4 @@ A remote attacker can exploit this issue to gain control of mouse and keyboard H Versions prior to 2.25 are vulnerable. -http://www.exploit-db.com/sploits/29471.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29471.tar.gz \ No newline at end of file diff --git a/platforms/linux/remote/29768.txt b/platforms/linux/remote/29768.txt index a0390def0..e12a56cf7 100755 --- a/platforms/linux/remote/29768.txt +++ b/platforms/linux/remote/29768.txt @@ -4,4 +4,4 @@ Mozilla Firefox is prone to vulnerability that may allow attackers to obtain pot A successful exploit of this issue would cause the affected application to connect to arbitrary TCP ports and potentially reveal sensitive information about services that are running on the affected computer. Information obtained may aid attackers in further attacks. -http://www.exploit-db.com/sploits/29768.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29768.zip \ No newline at end of file diff --git a/platforms/linux/remote/29769.txt b/platforms/linux/remote/29769.txt index a0f9879d1..90a92f838 100755 --- a/platforms/linux/remote/29769.txt +++ b/platforms/linux/remote/29769.txt @@ -4,4 +4,4 @@ Opera is prone to vulnerability that may allow attackers to obtain potentially s A successful exploit of this issue would cause the affected application to connect to arbitrary TCP ports and potentially reveal sensitive information about services that are running on the affected computer. Information obtained may aid attackers in further attacks. -http://www.exploit-db.com/sploits/29769.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29769.zip \ No newline at end of file diff --git a/platforms/linux/remote/29770.txt b/platforms/linux/remote/29770.txt index 84912e495..25a832875 100755 --- a/platforms/linux/remote/29770.txt +++ b/platforms/linux/remote/29770.txt @@ -4,4 +4,4 @@ KDE Konqueror is prone to a vulnerability that may allow attackers to obtain pot A successful exploit of this issue would cause the affected application to connect to arbitrary TCP ports and potentially reveal sensitive information about services that are running on the affected computer. Information obtained may aid attackers in further attacks. -http://www.exploit-db.com/sploits/29770.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29770.zip \ No newline at end of file diff --git a/platforms/linux/remote/30043.txt b/platforms/linux/remote/30043.txt index 968f8da98..7f884b516 100755 --- a/platforms/linux/remote/30043.txt +++ b/platforms/linux/remote/30043.txt @@ -6,7 +6,7 @@ An attacker can exploit these issues to crash the affected application, effectiv Sun JDK 1.5.0_07-b03 is vulnerable to these issues; other versions may also be affected. -http://www.exploit-db.com/sploits/30043.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30043.zip CVE: 2007-2788 & 2007-2789 OSVDB-ID: 36199 & 36200 \ No newline at end of file diff --git a/platforms/linux/remote/30089.txt b/platforms/linux/remote/30089.txt index bca8a30df..cb54c4194 100755 --- a/platforms/linux/remote/30089.txt +++ b/platforms/linux/remote/30089.txt @@ -6,4 +6,4 @@ Attacker-supplied script code would run in the context of the affected site, pot This issue affects Ruby on Rails 1.2.3; other versions may also be affected. -http://www.exploit-db.com/sploits/30089.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30089.tgz \ No newline at end of file diff --git a/platforms/linux/remote/30142.txt b/platforms/linux/remote/30142.txt index c17875167..339f2575e 100755 --- a/platforms/linux/remote/30142.txt +++ b/platforms/linux/remote/30142.txt @@ -4,4 +4,4 @@ GDB is prone to a buffer-overflow vulnerability because it fails to properly che Attackers could leverage this issue to run arbitrary code outside of a restricted environment, which may lead to privilege escalation. Symantec has not confirmed code execution. -http://www.exploit-db.com/sploits/30142.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30142.zip \ No newline at end of file diff --git a/platforms/linux/remote/3021.txt b/platforms/linux/remote/3021.txt index 8d6d46cce..a3171f4f5 100755 --- a/platforms/linux/remote/3021.txt +++ b/platforms/linux/remote/3021.txt @@ -2,6 +2,6 @@ # solareclipse at phreedom dot org # GPG key ID: E36B11B7 -http://www.exploit-db.com/sploits/12262006-proftpd-not-pro-enough.tar.gz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/12262006-proftpd-not-pro-enough.tar.gz # milw0rm.com [2003-10-15] diff --git a/platforms/linux/remote/30291.txt b/platforms/linux/remote/30291.txt index 5563706d1..55b9e08ad 100755 --- a/platforms/linux/remote/30291.txt +++ b/platforms/linux/remote/30291.txt @@ -11,4 +11,4 @@ ClamAV prior to 0.91 Other applications using the vulnerabile 'UnRAR' utility are affected by this issue. We will update this BID as more information emerges. -http://www.exploit-db.com/sploits/30291.rar \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30291.rar \ No newline at end of file diff --git a/platforms/linux/remote/30543.txt b/platforms/linux/remote/30543.txt index 7bd8eae92..f59617626 100755 --- a/platforms/linux/remote/30543.txt +++ b/platforms/linux/remote/30543.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to execute arbitrary code within the contex Doomsday Engine 1.90-beta5.1 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/30543.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30543.zip \ No newline at end of file diff --git a/platforms/linux/remote/30728.txt b/platforms/linux/remote/30728.txt index dcfe14327..ec7f75bbe 100755 --- a/platforms/linux/remote/30728.txt +++ b/platforms/linux/remote/30728.txt @@ -6,5 +6,5 @@ An attacker can exploit this issue to inject and execute arbitrary malicious Per Yarssr 0.2.2 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/30728.rss +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30728.rss diff --git a/platforms/linux/remote/30907.txt b/platforms/linux/remote/30907.txt index 47395886c..2ce711c47 100755 --- a/platforms/linux/remote/30907.txt +++ b/platforms/linux/remote/30907.txt @@ -8,4 +8,4 @@ This issue affects Adobe Flash Player 9.0.48.0, 8.0.35.0, and prior versions. NOTE: This issue was previously disclosed in BID 26929 (Adobe Flash Player Multiple Security Vulnerabilities) but has been assigned its own BID because new technical details are available. -http://www.exploit-db.com/sploits/30907.as \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30907.as \ No newline at end of file diff --git a/platforms/linux/remote/30971.txt b/platforms/linux/remote/30971.txt index c7c3fe26a..bf54cc38e 100755 --- a/platforms/linux/remote/30971.txt +++ b/platforms/linux/remote/30971.txt @@ -9,4 +9,4 @@ Successfully exploiting these issues allows remote attackers to execute arbitrar Georgia SoftWorks Secure Shell Server 7.01.0003 is vulnerable to these issues; other versions may also be affected. -http://www.exploit-db.com/sploits/30971.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30971.zip \ No newline at end of file diff --git a/platforms/linux/remote/31591.txt b/platforms/linux/remote/31591.txt index 6d56a6569..c27196b66 100755 --- a/platforms/linux/remote/31591.txt +++ b/platforms/linux/remote/31591.txt @@ -6,4 +6,4 @@ Exploiting this issue allows an attacker to access arbitrary files outside of th LANDesk Management Suite 8.80.1.1 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/31591.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31591.zip \ No newline at end of file diff --git a/platforms/linux/remote/31630.txt b/platforms/linux/remote/31630.txt index c53a281d8..4973b1b79 100755 --- a/platforms/linux/remote/31630.txt +++ b/platforms/linux/remote/31630.txt @@ -6,4 +6,4 @@ An attacker may exploit this issue to execute arbitrary code in the context of t Adobe Flash Player 9.0.115.0 and earlier versions are affected. -http://www.exploit-db.com/sploits/31630.rar \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31630.rar \ No newline at end of file diff --git a/platforms/linux/remote/32012.txt b/platforms/linux/remote/32012.txt index 0d8d4a0ba..adce8ce63 100755 --- a/platforms/linux/remote/32012.txt +++ b/platforms/linux/remote/32012.txt @@ -6,4 +6,4 @@ Successfully exploiting these issues can allow an attacker to execute arbitrary Netrw 125 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/32012.tar.bz2 \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32012.tar.bz2 \ No newline at end of file diff --git a/platforms/linux/remote/32133.txt b/platforms/linux/remote/32133.txt index b7d533cb6..d1760ee2f 100755 --- a/platforms/linux/remote/32133.txt +++ b/platforms/linux/remote/32133.txt @@ -6,4 +6,4 @@ An attacker may exploit this issue to execute arbitrary code with the privileges This issue affects libxslt 1.1.8 to 1.1.24. -http://www.exploit-db.com/sploits/32133.xsl \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32133.xsl \ No newline at end of file diff --git a/platforms/linux/remote/32225.txt b/platforms/linux/remote/32225.txt index 0502015ea..25d2ced5d 100755 --- a/platforms/linux/remote/32225.txt +++ b/platforms/linux/remote/32225.txt @@ -6,4 +6,4 @@ An attacker may exploit this issue to execute arbitrary code with the privileges This issue affects Vim 6.2.429 through 6.3.058. -http://www.exploit-db.com/sploits/32225.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32225.zip \ No newline at end of file diff --git a/platforms/linux/remote/32277.txt b/platforms/linux/remote/32277.txt index 4233f39aa..3cd81654c 100755 --- a/platforms/linux/remote/32277.txt +++ b/platforms/linux/remote/32277.txt @@ -18,4 +18,4 @@ This is a generic exploit for 64-bit nginx which uses a new attack technique (BR -Exploit-DB mirror: http://www.exploit-db.com/sploits/32277.tgz \ No newline at end of file +Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32277.tgz \ No newline at end of file diff --git a/platforms/linux/remote/32691.txt b/platforms/linux/remote/32691.txt index ea1608bc0..c4dd41d8e 100755 --- a/platforms/linux/remote/32691.txt +++ b/platforms/linux/remote/32691.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary machine code in the cont This issue affects libaudiofile 0.2.6; other versions may also be vulnerable. -http://www.exploit-db.com/sploits/32691.wav \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32691.wav \ No newline at end of file diff --git a/platforms/linux/remote/33032.txt b/platforms/linux/remote/33032.txt index d81c22d10..fe28efd16 100755 --- a/platforms/linux/remote/33032.txt +++ b/platforms/linux/remote/33032.txt @@ -7,4 +7,4 @@ Successful exploits may allow remote attackers to execute arbitrary code or caus Versions prior to 'Compress::Raw::Zlib' 2.017 are affected. -http://www.exploit-db.com/sploits/33032.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33032.tar.gz \ No newline at end of file diff --git a/platforms/linux/remote/33313.txt b/platforms/linux/remote/33313.txt index 56a2b4550..e4c5af5dd 100755 --- a/platforms/linux/remote/33313.txt +++ b/platforms/linux/remote/33313.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary code and to cause denial NOTE: This issue was previously covered in BID 36843 (Mozilla Firefox and SeaMonkey MFSA 2009-52 through -64 Multiple Vulnerabilities), but has been assigned its own record to better document it. -http://www.exploit-db.com/sploits/33313.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33313.tgz \ No newline at end of file diff --git a/platforms/linux/remote/34192.txt b/platforms/linux/remote/34192.txt index d85c1e0ee..5519e236a 100755 --- a/platforms/linux/remote/34192.txt +++ b/platforms/linux/remote/34192.txt @@ -13,4 +13,4 @@ SeaMonkey 2.0.5 NOTE: This issue was previously covered in BID 41050 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2010-26/27/28/29/30/32 Remote Vulnerabilities) but has been given its own record to better document it. -http://www.exploit-db.com/sploits/34192.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34192.zip \ No newline at end of file diff --git a/platforms/linux/remote/34358.txt b/platforms/linux/remote/34358.txt index 91dbe1980..9f58d89b4 100755 --- a/platforms/linux/remote/34358.txt +++ b/platforms/linux/remote/34358.txt @@ -12,4 +12,4 @@ SeaMonkey 2.0.6 NOTE: This issue was previously covered in BID 41824 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2010-34 Through -47 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it. -http://www.exploit-db.com/sploits/34358.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34358.zip \ No newline at end of file diff --git a/platforms/linux/remote/35232.txt b/platforms/linux/remote/35232.txt index 8879595ec..bbd8eb80f 100755 --- a/platforms/linux/remote/35232.txt +++ b/platforms/linux/remote/35232.txt @@ -4,4 +4,4 @@ Pango is prone to a remote heap-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. -http://www.exploit-db.com/sploits/35232.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/35232.zip diff --git a/platforms/linux/remote/35314.txt b/platforms/linux/remote/35314.txt index f8e823624..393f63364 100755 --- a/platforms/linux/remote/35314.txt +++ b/platforms/linux/remote/35314.txt @@ -4,4 +4,4 @@ Wireshark is prone to a memory-corruption vulnerability because it fails to prop Successful exploits may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely crash the application. -http://www.exploit-db.com/sploits/35314.pcap \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/35314.pcap \ No newline at end of file diff --git a/platforms/linux/remote/35432.txt b/platforms/linux/remote/35432.txt index c1d266e7d..86586d961 100755 --- a/platforms/linux/remote/35432.txt +++ b/platforms/linux/remote/35432.txt @@ -4,4 +4,4 @@ Wireshark is prone to a remote denial-of-service vulnerability caused by a NULL- An attacker can exploit this issue to crash the application, resulting in a denial-of-service condition. -http://www.exploit-db.com/sploits/35432.pcap \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/35432.pcap \ No newline at end of file diff --git a/platforms/linux/remote/5386.txt b/platforms/linux/remote/5386.txt index 995823c42..a6fd0b194 100755 --- a/platforms/linux/remote/5386.txt +++ b/platforms/linux/remote/5386.txt @@ -52,6 +52,6 @@ ** */ -http://exploit-db.com/sploits/2008-x2_fc6f7f8.tar.gz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2008-x2_fc6f7f8.tar.gz # milw0rm.com [2008-04-06] diff --git a/platforms/linux/remote/5720.py b/platforms/linux/remote/5720.py index 47d3567cb..373982f7f 100755 --- a/platforms/linux/remote/5720.py +++ b/platforms/linux/remote/5720.py @@ -17,7 +17,7 @@ # Autor: hitz - WarCat team (warcat.no-ip.org) # Collaborator: pretoriano # -# 1. Download http://www.exploit-db.com/sploits/debian_ssh_rsa_2048_x86.tar.bz2 +# 1. Download https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/debian_ssh_rsa_2048_x86.tar.bz2 # # 2. Extract it to a directory # diff --git a/platforms/linux/remote/609.txt b/platforms/linux/remote/609.txt index 07a1b3a0e..b4c96c234 100755 --- a/platforms/linux/remote/609.txt +++ b/platforms/linux/remote/609.txt @@ -1,4 +1,4 @@ Download: -http://www.exploit-db.com/sploits/ximage_zgv.tar.gz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/ximage_zgv.tar.gz # milw0rm.com [2004-10-28] diff --git a/platforms/linux/remote/7701.txt b/platforms/linux/remote/7701.txt index 43e971723..b77d3abb0 100755 --- a/platforms/linux/remote/7701.txt +++ b/platforms/linux/remote/7701.txt @@ -36,6 +36,6 @@ struct versions vers[VERSN] = {"Samba 3.0.x DEBUG",0x80380000,0x8045b000,30*1024} }; -http://exploit-db.com/sploits/2009-lsa.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-lsa.zip # milw0rm.com [2009-01-08] diff --git a/platforms/linux/webapps/30085.txt b/platforms/linux/webapps/30085.txt index 8d68656af..c4eb3eaa0 100755 --- a/platforms/linux/webapps/30085.txt +++ b/platforms/linux/webapps/30085.txt @@ -8,7 +8,7 @@ # CVE : No CVE, no patch just 0Day # State : Critical -# Exploit-DB mirror: http://www.exploit-db.com/sploits/zimbraexploit_rubina119.zip +# Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/zimbraexploit_rubina119.zip ---------------Description----------------- diff --git a/platforms/multiple/dos/10205.txt b/platforms/multiple/dos/10205.txt index 66e8e0ee4..a3c28b5d9 100755 --- a/platforms/multiple/dos/10205.txt +++ b/platforms/multiple/dos/10205.txt @@ -168,4 +168,4 @@ An attacker can exploit this issue to execute arbitrary malicious code in the co LibTIFF 3.8.2 is vulnerable; other versions may be affected as well. -http://www.exploit-db.com/sploits/2009-11-22-35451.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-11-22-35451.zip \ No newline at end of file diff --git a/platforms/multiple/dos/11142.txt b/platforms/multiple/dos/11142.txt index 6465731f3..7a9793174 100755 --- a/platforms/multiple/dos/11142.txt +++ b/platforms/multiple/dos/11142.txt @@ -45,4 +45,4 @@ Not Vulnerable: Firefox 3.5.3 on Windows crashed once but not reliably. PoC Packagetx: -http://www.exploit-db.com/sploits/Dr_IDE_ScaryMovie_Study.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/Dr_IDE_ScaryMovie_Study.zip diff --git a/platforms/multiple/dos/14268.txt b/platforms/multiple/dos/14268.txt index e8164e3c2..6bd951309 100755 --- a/platforms/multiple/dos/14268.txt +++ b/platforms/multiple/dos/14268.txt @@ -69,7 +69,7 @@ Multi-Computer Virtual Whiteboard and so on. http://aluigi.org/poc/qtsslame.zip or -http://www.exploit-db.com/sploits/qtsslame.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/qtsslame.zip ####################################################################### diff --git a/platforms/multiple/dos/14761.txt b/platforms/multiple/dos/14761.txt index dc199b22c..e13f30920 100755 --- a/platforms/multiple/dos/14761.txt +++ b/platforms/multiple/dos/14761.txt @@ -9,7 +9,7 @@ Website : http://www.itsecteam.com Forum : http://forum.ITSecTeam.com --------------------------------------------------------------------------- Advisory URL: http://itsecteam.com/en/papers/paper11.htm -POC: http://www.exploit-db.com/sploits/adb_poc.zip +POC: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/adb_poc.zip --------------------------------------------------------------------------- System Affected: Adobe Acrobat reader 7.x diff --git a/platforms/multiple/dos/15215.txt b/platforms/multiple/dos/15215.txt index d774466e6..6cf08a5cb 100755 --- a/platforms/multiple/dos/15215.txt +++ b/platforms/multiple/dos/15215.txt @@ -284,7 +284,7 @@ With similar PoC we can try attack ftp.adobe.com, ftp.openbsd.org etc. 0day remote ftpd Denial-of-Service: http://cxib.net/stuff/glob-0day.c -http://www.exploit-db.com/sploits/glob-0day.c +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/glob-0day.c - --- 3. Fix --- Oracle 25.09.2010 CET: Being fixed in main codeline diff --git a/platforms/multiple/dos/15261.txt b/platforms/multiple/dos/15261.txt index 282d20aca..84d5a3ce1 100755 --- a/platforms/multiple/dos/15261.txt +++ b/platforms/multiple/dos/15261.txt @@ -64,7 +64,7 @@ The effects of the problem can be: http://aluigi.org/poc/soliddb_1.zip -http://www.exploit-db.com/sploits/soliddb_1.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/soliddb_1.zip ####################################################################### diff --git a/platforms/multiple/dos/15676.txt b/platforms/multiple/dos/15676.txt index 2e266907a..12f90d6f6 100755 --- a/platforms/multiple/dos/15676.txt +++ b/platforms/multiple/dos/15676.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow attackers to crash the application and deny serv This issue affects Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1. -PoC: https://www.exploit-db.com/sploits/15676_pcap.zip \ No newline at end of file +PoC: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/15676_pcap.zip \ No newline at end of file diff --git a/platforms/multiple/dos/15707.txt b/platforms/multiple/dos/15707.txt index 99131994d..b814f7905 100755 --- a/platforms/multiple/dos/15707.txt +++ b/platforms/multiple/dos/15707.txt @@ -93,7 +93,7 @@ memory location: http://aluigi.org/testz/udpsz.zip -https://www.exploit-db.com/sploits/udpsz.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/udpsz.zip udpsz -C "00004b14 00000000 00000001 00000000 0001 0000" -b 0x61 -T SERVER 9001 0x4b18 diff --git a/platforms/multiple/dos/15973.txt b/platforms/multiple/dos/15973.txt index 0d1444043..985267bbe 100755 --- a/platforms/multiple/dos/15973.txt +++ b/platforms/multiple/dos/15973.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to cause the application to enter an infinite l Wireshark 1.4.0 to 1.4.1 are vulnerable. -http://www.exploit-db.com/sploits/44986.pcap \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/44986.pcap \ No newline at end of file diff --git a/platforms/multiple/dos/16261.txt b/platforms/multiple/dos/16261.txt index 305a49f29..9d7d70bb7 100755 --- a/platforms/multiple/dos/16261.txt +++ b/platforms/multiple/dos/16261.txt @@ -147,4 +147,4 @@ n/a -- Luca Carettoni -PoC: http://www.exploit-db.com/sploits/16261.zip \ No newline at end of file +PoC: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/16261.zip \ No newline at end of file diff --git a/platforms/multiple/dos/1709.txt b/platforms/multiple/dos/1709.txt index 2de2fa6a9..e9f849b6e 100755 --- a/platforms/multiple/dos/1709.txt +++ b/platforms/multiple/dos/1709.txt @@ -18,5 +18,5 @@ Author: Luigi Auriemma ####################################################################### -Backup: http://www.exploit-db.com/sploits/04232006-openttdx.zip +Backup: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/04232006-openttdx.zip diff --git a/platforms/multiple/dos/17201.php b/platforms/multiple/dos/17201.php index 0fc4105ef..c1086c4b1 100755 --- a/platforms/multiple/dos/17201.php +++ b/platforms/multiple/dos/17201.php @@ -46,4 +46,4 @@ $phar = new Phar(dirname(__FILE__) . '/poc.phar.tar'); ?> -http://www.exploit-db.com/sploits/poc.phar.tar \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/poc.phar.tar \ No newline at end of file diff --git a/platforms/multiple/dos/1801.txt b/platforms/multiple/dos/1801.txt index a3ce93e3d..2ffec9394 100755 --- a/platforms/multiple/dos/1801.txt +++ b/platforms/multiple/dos/1801.txt @@ -1,5 +1,5 @@ # libextractor <= 0.5.13 Multiple Heap Overflow PoC Exploits -http://www.exploit-db.com/sploits/05172006-libextho.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/05172006-libextho.zip # milw0rm.com [2006-05-17] diff --git a/platforms/multiple/dos/1820.txt b/platforms/multiple/dos/1820.txt index 5df502723..93820547e 100755 --- a/platforms/multiple/dos/1820.txt +++ b/platforms/multiple/dos/1820.txt @@ -1,5 +1,5 @@ # netPanzer 0.8 rev 952 (frameNum) Server Terminiation Exploit -http://www.exploit-db.com/sploits/05232006-panza.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/05232006-panza.zip # milw0rm.com [2006-05-23] diff --git a/platforms/multiple/dos/18600.txt b/platforms/multiple/dos/18600.txt index 578a51a51..4977f5cd5 100755 --- a/platforms/multiple/dos/18600.txt +++ b/platforms/multiple/dos/18600.txt @@ -104,7 +104,7 @@ bytes. http://aluigi.org/testz/udpsz.zip -http://www.exploit-db.com/sploits/18600.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18600.zip A] udpsz -T -C "00000100 ffff0200" 0 -b a -C "00 00 1000000000000000 00" -1 SERVER 2502 8+0x02ffff diff --git a/platforms/multiple/dos/18601.txt b/platforms/multiple/dos/18601.txt index a225f2166..c048a278e 100755 --- a/platforms/multiple/dos/18601.txt +++ b/platforms/multiple/dos/18601.txt @@ -101,7 +101,7 @@ again. http://aluigi.org/poc/nsrexecd_1.dat -http://www.exploit-db.com/sploits/18601.dat +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18601.dat nc SERVER PORT < nsrexecd_1.dat diff --git a/platforms/multiple/dos/18758.txt b/platforms/multiple/dos/18758.txt index c11dd3853..c89e17a1e 100755 --- a/platforms/multiple/dos/18758.txt +++ b/platforms/multiple/dos/18758.txt @@ -9,4 +9,4 @@ The following Wireshark versions are vulnerable: 1.4.0 through 1.4.11 1.6.0 through 1.6.5 -PoC: http://www.exploit-db.com/sploits/18758.pcap +PoC: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18758.pcap diff --git a/platforms/multiple/dos/18877.txt b/platforms/multiple/dos/18877.txt index c79b21ed0..d9279d51a 100755 --- a/platforms/multiple/dos/18877.txt +++ b/platforms/multiple/dos/18877.txt @@ -94,7 +94,7 @@ INCREMENT SYSAM_LICENSE_SERVER SYBASE 2.0 permanent 1 ISSUER="Sybase, \ http://aluigi.org/testz/udpsz.zip -http://www.exploit-db.com/sploits/18877.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18877.zip udpsz -D -T -C "2f 24 189d 4000 0000 0000 00000000 00000000 0000" -b 0x61 SERVER 27000 0x4000 diff --git a/platforms/multiple/dos/18890.txt b/platforms/multiple/dos/18890.txt index 09812d13d..3dd742cc1 100755 --- a/platforms/multiple/dos/18890.txt +++ b/platforms/multiple/dos/18890.txt @@ -8,8 +8,8 @@ some PoC codes which are now available online: http://www.agarri.fr/docs/batik-evil.svg http://www.agarri.fr/docs/batik-evil.jar -http://www.exploit-db.com/sploits/18890.svg -http://www.exploit-db.com/sploits/18890.jar +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18890.svg +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18890.jar I published a more detailed article on my blog: http://www.agarri.fr/blog/ diff --git a/platforms/multiple/dos/18918.txt b/platforms/multiple/dos/18918.txt index 810f33e07..4268a2dc7 100755 --- a/platforms/multiple/dos/18918.txt +++ b/platforms/multiple/dos/18918.txt @@ -7,4 +7,4 @@ Successful exploits may allow attacker to crash the affected application, denyin Wireshark 1.4.0 to 1.4.12 and 1.6.0 to 1.6.7 are vulnerable. PoC: -http://www.exploit-db.com/sploits/18918.pcap \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18918.pcap \ No newline at end of file diff --git a/platforms/multiple/dos/18919.txt b/platforms/multiple/dos/18919.txt index 8d5daf331..7691828db 100755 --- a/platforms/multiple/dos/18919.txt +++ b/platforms/multiple/dos/18919.txt @@ -7,11 +7,11 @@ An attacker can exploit these issues to crash the affected application, denying Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 are vulnerable. PoC: -http://www.exploit-db.com/sploits/18919-1.pcap -http://www.exploit-db.com/sploits/18919-2.pcap -http://www.exploit-db.com/sploits/18919-3.pcap -http://www.exploit-db.com/sploits/18919-4.pcap -http://www.exploit-db.com/sploits/18919-5.pcap -http://www.exploit-db.com/sploits/18919-6.pcap -http://www.exploit-db.com/sploits/18919-7.pcap -http://www.exploit-db.com/sploits/18919-8.pcap +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18919-1.pcap +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18919-2.pcap +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18919-3.pcap +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18919-4.pcap +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18919-5.pcap +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18919-6.pcap +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18919-7.pcap +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18919-8.pcap diff --git a/platforms/multiple/dos/18920.txt b/platforms/multiple/dos/18920.txt index f422d84b4..957ef0597 100755 --- a/platforms/multiple/dos/18920.txt +++ b/platforms/multiple/dos/18920.txt @@ -7,5 +7,5 @@ An attacker can exploit this issue to crash the affected application, denying se Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 are vulnerable. PoC: -http://www.exploit-db.com/sploits/18920.pcap +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18920.pcap diff --git a/platforms/multiple/dos/19380.txt b/platforms/multiple/dos/19380.txt index 3b465fd26..03d45d138 100755 --- a/platforms/multiple/dos/19380.txt +++ b/platforms/multiple/dos/19380.txt @@ -9,4 +9,4 @@ Where glob1 is 3000 characters. Marc Maiffret has released the following exploit: -http://www.exploit-db.com/sploits/19380.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19380.zip \ No newline at end of file diff --git a/platforms/multiple/dos/19482.txt b/platforms/multiple/dos/19482.txt index de220d713..077c4f2ec 100755 --- a/platforms/multiple/dos/19482.txt +++ b/platforms/multiple/dos/19482.txt @@ -17,7 +17,7 @@ http://www.reactionpenetrationtesting.co.uk/FIT-file-handling-DoS.html PoC file is available here: http://www.reactionpenetrationtesting.co.uk/vuln.fit -http://www.exploit-db.com/sploits/19482.fit +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19482.fit Affected Products diff --git a/platforms/multiple/dos/20052.txt b/platforms/multiple/dos/20052.txt index 83749242b..44940eaa5 100755 --- a/platforms/multiple/dos/20052.txt +++ b/platforms/multiple/dos/20052.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1421/info If an E-mail containing an excessively long To: field in the header (~1.5 MB) is processed by First Class Intranet Services (FCIS), a Denial of Service can occur. -http://www.exploit-db.com/sploits/20052.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20052.tar.gz \ No newline at end of file diff --git a/platforms/multiple/dos/20098.txt b/platforms/multiple/dos/20098.txt index ade65473a..4fa4954c5 100755 --- a/platforms/multiple/dos/20098.txt +++ b/platforms/multiple/dos/20098.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1503/info Netscape Browsers use the Independent JPEG Group's decoder library to process JPEG encoded images. The library functions skip JPEG comments; however, the browser uses a custom function to process these comments and store them in memory. The comment includes a 2-byte "length" field which indicates how long the comment is - this value includes the 2-bytes of the "length" field. To determine the length of the comment string alone (for memory allocation), the function reads the value in the "length" field and subtracts two. The function then allocates the length of the comment + one byte for NULL termination. There is no error checking to ensure the "length" value is valid. This makes it possible to cause an overflow by creating an image with a comment "length" field containing the value 1. The memory allocation call of 0 bytes (1 minus 2 (length field) + 1 (null termination)) will succeed. The calculated comment size variable is declared unsigned, resulting in a large positive value (from 1 minus 2). The comment handling function goes into a loop to read the comment into memory, but since the calculated comment size is enormous this causes the function to read the entire JPEG stream, overwriting the heap. It is theoretically possible to exploit this to execute arbitrary code. The browser, mail and news readers are all vulnerable to this. -http://www.exploit-db.com/sploits/20098.jpg \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20098.jpg \ No newline at end of file diff --git a/platforms/multiple/dos/20558.txt b/platforms/multiple/dos/20558.txt index 10fa3b50d..9638c65ff 100755 --- a/platforms/multiple/dos/20558.txt +++ b/platforms/multiple/dos/20558.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2216/info Apache Web Server 1.2 and previous versions are subject to a denial of service. By requesting a malformed GET request composed of an unusually large number of '/' characters, an attacker can cause CPU usage to spike. A restart of the service is required to gain normal functionality. -http://www.exploit-db.com/sploits/20558.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20558.zip \ No newline at end of file diff --git a/platforms/multiple/dos/21572.txt b/platforms/multiple/dos/21572.txt index c7ace5907..37e26bd12 100755 --- a/platforms/multiple/dos/21572.txt +++ b/platforms/multiple/dos/21572.txt @@ -4,4 +4,4 @@ Half-Life is a popular game distributed and maintained by Valve Software. It inc A denial of service vulnerability has been reported in some versions of the Half-Life server. A remote party may create a large number of new users on a specific server through spoofing the connection conversation. As servers contain a set limit on the maximum number of players, server resources will be exhausted, and legitimate players will not be allowed to join the game. -http://www.exploit-db.com/sploits/21572.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21572.zip \ No newline at end of file diff --git a/platforms/multiple/dos/21593.txt b/platforms/multiple/dos/21593.txt index 0714a09d6..5d63639d6 100755 --- a/platforms/multiple/dos/21593.txt +++ b/platforms/multiple/dos/21593.txt @@ -4,4 +4,4 @@ Unreal Tournament is a game produced by Epic Games, available for Microsoft Wind It is possible to use an Unreal Tournament server as an amplifyer in a flooding attack, by transmiting multiple UDP packets with a spoofed victim IP address. The server will make repeated attempts to initiate a connection with the specified address, consuming network resources. -http://www.exploit-db.com/sploits/21593.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21593.tgz \ No newline at end of file diff --git a/platforms/multiple/dos/23556.txt b/platforms/multiple/dos/23556.txt index cd0318f65..a72b5085c 100755 --- a/platforms/multiple/dos/23556.txt +++ b/platforms/multiple/dos/23556.txt @@ -4,4 +4,4 @@ The GetWare Web Server component has been reported prone to a remote denial of s A remote attacker may exploit this issue to deny service to the GetWare Web Server. -http://www.exploit-db.com/sploits/23556.rar \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23556.rar \ No newline at end of file diff --git a/platforms/multiple/dos/23641.txt b/platforms/multiple/dos/23641.txt index 53dea076c..b9c282f15 100755 --- a/platforms/multiple/dos/23641.txt +++ b/platforms/multiple/dos/23641.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9567/info Chaser has been reported to be prone to a denial of service vulnerability. This issue is caused by a lack of input validation of a size parameter specified in UDP network communication packets. The process will attempt to read the amount of data specified by the packet, without regard to the amount of memory allocated. This will cause an attempt by the application to dereference unallocated memory, producing an exception and causing the process to crash. -http://www.exploit-db.com/sploits/23641.rar \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23641.rar \ No newline at end of file diff --git a/platforms/multiple/dos/23642.txt b/platforms/multiple/dos/23642.txt index 77fa8abcf..33710d091 100755 --- a/platforms/multiple/dos/23642.txt +++ b/platforms/multiple/dos/23642.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9567/info Chaser has been reported to be prone to a denial of service vulnerability. This issue is caused by a lack of input validation of a size parameter specified in UDP network communication packets. The process will attempt to read the amount of data specified by the packet, without regard to the amount of memory allocated. This will cause an attempt by the application to dereference unallocated memory, producing an exception and causing the process to crash. -http://www.exploit-db.com/sploits/23642.rar \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23642.rar \ No newline at end of file diff --git a/platforms/multiple/dos/23755.txt b/platforms/multiple/dos/23755.txt index f824da8de..7344ad96f 100755 --- a/platforms/multiple/dos/23755.txt +++ b/platforms/multiple/dos/23755.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9738/info The Ghost Recon Game Engine has been reported prone to a denial of service vulnerability. When handling text strings, the Ghost Recon Game Engine employs a 32-bit integer string size prefix in order to monitor the size of the string. It has been reported that when an invalid size value is supplied an exception will be triggered causing a system wide denial of service. -http://www.exploit-db.com/sploits/23755.rar \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23755.rar \ No newline at end of file diff --git a/platforms/multiple/dos/23805.txt b/platforms/multiple/dos/23805.txt index 0ef1253f4..02d0c3811 100755 --- a/platforms/multiple/dos/23805.txt +++ b/platforms/multiple/dos/23805.txt @@ -2,6 +2,6 @@ source: http://www.securityfocus.com/bid/9849/info The Battle Mages game server has been reported to be prone to a remote denial of service vulnerability. The issue is reported to present itself when the server receives incomplete client data. Specifically the affected server will attempt to read the expected data size infinitely until it is received, this may allow a remote attacker to tie up server resources and effectively deny service to legitimate users. -http://www.exploit-db.com/sploits/23805-1.rar +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23805-1.rar -http://www.exploit-db.com/sploits/23805-2.rar \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23805-2.rar \ No newline at end of file diff --git a/platforms/multiple/dos/23902.txt b/platforms/multiple/dos/23902.txt index cf739aa9f..3ca00b7a1 100755 --- a/platforms/multiple/dos/23902.txt +++ b/platforms/multiple/dos/23902.txt @@ -4,4 +4,4 @@ Roger Wilco Server has been reported prone to a remote denial of service vulnera A remote attacker may exploit this condition to deny service to legitimate users. -http://www.exploit-db.com/sploits/23902.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23902.zip \ No newline at end of file diff --git a/platforms/multiple/dos/23904.txt b/platforms/multiple/dos/23904.txt index 0da67795a..7131f84a0 100755 --- a/platforms/multiple/dos/23904.txt +++ b/platforms/multiple/dos/23904.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/10025/info A vulnerability has been reported in the Roger Wilco Server, it is reported that a user does not need to connect to the server over the TCP port to have UDP based audio streams handled. Rather the attacker will require knowledge of user ID's connected to a target channel. Because the user ID's for a channel exist in a range of 0-127, the attacker may transmit an audio stream to an affected server that will be heard by all connected users, however the server administrator will have no control over disconnecting or muting this audio stream. -http://www.exploit-db.com/sploits/23904.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23904.zip \ No newline at end of file diff --git a/platforms/multiple/dos/24170.txt b/platforms/multiple/dos/24170.txt index 89b3912f9..ebf5e075d 100755 --- a/platforms/multiple/dos/24170.txt +++ b/platforms/multiple/dos/24170.txt @@ -6,4 +6,4 @@ When entering the multiplayer menu, the game client sends a broadcast message re An attacker running a malicious server process could block all multiplayer access in a local network, denying service to all legitimate users. -http://www.exploit-db.com/sploits/24170.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24170.zip \ No newline at end of file diff --git a/platforms/multiple/dos/24486.txt b/platforms/multiple/dos/24486.txt index d89f60bd2..20350ff4b 100755 --- a/platforms/multiple/dos/24486.txt +++ b/platforms/multiple/dos/24486.txt @@ -44,4 +44,4 @@ can be performed on any HTTP Authentication portal. RECOMMENDATIONS Reference how Firefox and Safari handle the attached code. -PoC: http://www.exploit-db.com/sploits/24486.tar.gz +PoC: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24486.tar.gz diff --git a/platforms/multiple/dos/24668.txt b/platforms/multiple/dos/24668.txt index c2700a111..f03d32019 100755 --- a/platforms/multiple/dos/24668.txt +++ b/platforms/multiple/dos/24668.txt @@ -4,4 +4,4 @@ Flash Messaging server is reported prone to a remote denial of service vulnerabi Flash Messaging server 5.2.0g and prior versions are reported prone to this issue. -http://www.exploit-db.com/sploits/24668.tar \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24668.tar \ No newline at end of file diff --git a/platforms/multiple/dos/24691.txt b/platforms/multiple/dos/24691.txt index f5e4cc3e2..84e4d7724 100755 --- a/platforms/multiple/dos/24691.txt +++ b/platforms/multiple/dos/24691.txt @@ -6,4 +6,4 @@ It is reported that, when handled, a sufficiently malformed audio stream will ca An attacker may exploit this condition to deny service to legitimate users. -http://www.exploit-db.com/sploits/24691.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24691.zip \ No newline at end of file diff --git a/platforms/multiple/dos/24761.txt b/platforms/multiple/dos/24761.txt index 6830d6c44..64fb94df9 100755 --- a/platforms/multiple/dos/24761.txt +++ b/platforms/multiple/dos/24761.txt @@ -4,4 +4,4 @@ The Halo game client is reported prone to a remote denial of service vulnerabili A remote attacker may exploit this vulnerability to deny service to legitimate users. -http://www.exploit-db.com/sploits/24761.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24761.zip \ No newline at end of file diff --git a/platforms/multiple/dos/24793.txt b/platforms/multiple/dos/24793.txt index a2599ab3a..ada77f1f5 100755 --- a/platforms/multiple/dos/24793.txt +++ b/platforms/multiple/dos/24793.txt @@ -8,4 +8,4 @@ The first issue presents itself when malformed HTTP requests are made to the aff An attacker may leverage these issues to cause the affected proxy server to hang, effectively denying service to legitimate users. -http://www.exploit-db.com/sploits/24793.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24793.zip \ No newline at end of file diff --git a/platforms/multiple/dos/24807.txt b/platforms/multiple/dos/24807.txt index b15876dc7..7f3397dd5 100755 --- a/platforms/multiple/dos/24807.txt +++ b/platforms/multiple/dos/24807.txt @@ -10,4 +10,4 @@ At this time, preimage attacks are not reportedly possible. It is recommended that cryptosystems that utilize the MD5 algorithm should be reviewed, and the measures should be taken to protect against this weakness. Other hashing algorithms may possibly be utilized in replacement to, or in conjunction with MD5 to decrease the likelihood of a successful attack. -http://www.exploit-db.com/sploits/24807.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24807.tar.gz \ No newline at end of file diff --git a/platforms/multiple/dos/24818.txt b/platforms/multiple/dos/24818.txt index be8c3d5e8..7411c1b5e 100755 --- a/platforms/multiple/dos/24818.txt +++ b/platforms/multiple/dos/24818.txt @@ -4,4 +4,4 @@ A remote denial of service vulnerability reportedly affects Digital Illusions CE An attacker may leverage this issue to cause the affected application to stop responding to network-based messages, effectively denying service to legitimate, remote users. Due to the nature of the network protocol used by the affected application an attacker may spoof their network identity, facilitating anonymous exploitation. -http://www.exploit-db.com/sploits/24818.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24818.zip \ No newline at end of file diff --git a/platforms/multiple/dos/25081.txt b/platforms/multiple/dos/25081.txt index a615b1a16..c76f21359 100755 --- a/platforms/multiple/dos/25081.txt +++ b/platforms/multiple/dos/25081.txt @@ -4,4 +4,4 @@ LANChat Pro Revival is reported prone to a remote denial of service vulnerabilit A remote attacker may exploit this vulnerability to crash the affected application effectively denying service to legitimate users. -http://www.exploit-db.com/sploits/25081.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25081.zip \ No newline at end of file diff --git a/platforms/multiple/dos/25171.txt b/platforms/multiple/dos/25171.txt index 38d1e4975..92b0e0a20 100755 --- a/platforms/multiple/dos/25171.txt +++ b/platforms/multiple/dos/25171.txt @@ -6,4 +6,4 @@ It is reported that the game server crashes when handling various errors. Scrapland 1.0 and prior versions are affected by these issues. -http://www.exploit-db.com/sploits/25171.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25171.zip \ No newline at end of file diff --git a/platforms/multiple/dos/25387.txt b/platforms/multiple/dos/25387.txt index 5dec98a02..2b6888b4e 100755 --- a/platforms/multiple/dos/25387.txt +++ b/platforms/multiple/dos/25387.txt @@ -22,4 +22,4 @@ A remote attacker may exploit this issue to degrade the performance of TCP conne **Update: Microsoft platforms are also reported prone to these issues. -http://www.exploit-db.com/sploits/25387.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25387.tar.gz \ No newline at end of file diff --git a/platforms/multiple/dos/25388.txt b/platforms/multiple/dos/25388.txt index a7221a368..aa614b2c5 100755 --- a/platforms/multiple/dos/25388.txt +++ b/platforms/multiple/dos/25388.txt @@ -22,4 +22,4 @@ A remote attacker may exploit this issue to degrade the performance of TCP conne **Update: Microsoft platforms are also reported prone to these issues. -http://www.exploit-db.com/sploits/25388.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25388.tar.gz \ No newline at end of file diff --git a/platforms/multiple/dos/25389.txt b/platforms/multiple/dos/25389.txt index 52861630c..d349734ff 100755 --- a/platforms/multiple/dos/25389.txt +++ b/platforms/multiple/dos/25389.txt @@ -22,4 +22,4 @@ A remote attacker may exploit this issue to degrade the performance of TCP conne **Update: Microsoft platforms are also reported prone to these issues. -http://www.exploit-db.com/sploits/25389.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25389.tar.gz \ No newline at end of file diff --git a/platforms/multiple/dos/25584.txt b/platforms/multiple/dos/25584.txt index dc2ef9c3d..50947fe92 100755 --- a/platforms/multiple/dos/25584.txt +++ b/platforms/multiple/dos/25584.txt @@ -4,4 +4,4 @@ The Mtp-Target server is prone to a memory corruption vulnerability. The issue e Immediate consequences of exploitation of this vulnerability are a denial of service. -http://www.exploit-db.com/sploits/25584.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25584.zip \ No newline at end of file diff --git a/platforms/multiple/dos/25757.txt b/platforms/multiple/dos/25757.txt index b5daf20b5..013e55bc5 100755 --- a/platforms/multiple/dos/25757.txt +++ b/platforms/multiple/dos/25757.txt @@ -6,4 +6,4 @@ The issue arises when the game server handles a specially crafted packet. Stronghold 2 1.2 and prior versions are affected by this vulnerability. -http://www.exploit-db.com/sploits/25757.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25757.zip \ No newline at end of file diff --git a/platforms/multiple/dos/25791.txt b/platforms/multiple/dos/25791.txt index ffecfd7bc..d0b54f1fc 100755 --- a/platforms/multiple/dos/25791.txt +++ b/platforms/multiple/dos/25791.txt @@ -6,4 +6,4 @@ Reportedly, the vulnerability presents itself when the library handles an empty RakNet 2.33 and prior versions released before May 30, 2005 are affected by this vulnerability. Various games employing the affected library may be vulnerable as well. -http://www.exploit-db.com/sploits/25791.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/25791.zip \ No newline at end of file diff --git a/platforms/multiple/dos/2587.txt b/platforms/multiple/dos/2587.txt index 4b9397804..eede8d41d 100755 --- a/platforms/multiple/dos/2587.txt +++ b/platforms/multiple/dos/2587.txt @@ -3,6 +3,6 @@ Damian Put pucik[at]gazeta.pl pucik[@]overflow.pl http://overflow.pl -http://www.exploit-db.com/sploits/10172006-clam_petite_heap.exe.bz2 +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/10172006-clam_petite_heap.exe.bz2 # milw0rm.com [2006-10-17] diff --git a/platforms/multiple/dos/27108.txt b/platforms/multiple/dos/27108.txt index 49f5f57ed..276ee727c 100755 --- a/platforms/multiple/dos/27108.txt +++ b/platforms/multiple/dos/27108.txt @@ -8,4 +8,4 @@ Successful exploitation can allow attackers to trigger a denial of service condi Dual DHCP DNS Server 1.0 is reported to be affected. -http://www.exploit-db.com/sploits/27108.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27108.zip \ No newline at end of file diff --git a/platforms/multiple/dos/27140.txt b/platforms/multiple/dos/27140.txt index 62a2af5dd..eb3106805 100755 --- a/platforms/multiple/dos/27140.txt +++ b/platforms/multiple/dos/27140.txt @@ -6,4 +6,4 @@ This issue allows attackers to crash applications that use the affected library This issue is present in Exiv2 versions prior to 0.9. -http://www.exploit-db.com/sploits/27140.jpg \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27140.jpg \ No newline at end of file diff --git a/platforms/multiple/dos/27365.txt b/platforms/multiple/dos/27365.txt index 44bf7bdde..df43d715c 100755 --- a/platforms/multiple/dos/27365.txt +++ b/platforms/multiple/dos/27365.txt @@ -4,4 +4,4 @@ The Monopd game server is prone to a remote denial-of-service vulnerability. A remote attacker may exploit this issue to deny service for legitimate users. -http://www.exploit-db.com/sploits/27365.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27365.zip \ No newline at end of file diff --git a/platforms/multiple/dos/27547.txt b/platforms/multiple/dos/27547.txt index c00c9245f..c69d2ead5 100755 --- a/platforms/multiple/dos/27547.txt +++ b/platforms/multiple/dos/27547.txt @@ -9,4 +9,4 @@ A remote denial of service condition also affects the server. ZDaemon 1.08.01 and prior versions are affected. -http://www.exploit-db.com/sploits/27547.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27547.zip \ No newline at end of file diff --git a/platforms/multiple/dos/27993.txt b/platforms/multiple/dos/27993.txt index e233034ad..44639d8de 100755 --- a/platforms/multiple/dos/27993.txt +++ b/platforms/multiple/dos/27993.txt @@ -6,4 +6,4 @@ This issue allows remote attackers to crash applications that use the affected l FreeType versions prior to 2.2.1 are vulnerable to this issue. -http://www.exploit-db.com/sploits/27993.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27993.zip \ No newline at end of file diff --git a/platforms/multiple/dos/28345.txt b/platforms/multiple/dos/28345.txt index e02e67a8a..29f7e264e 100755 --- a/platforms/multiple/dos/28345.txt +++ b/platforms/multiple/dos/28345.txt @@ -8,4 +8,4 @@ An attacker can exploit this issue to crash the server, causing a denial-of-serv Version 0.7.0, CVS July 30th 2006 and prior versions are vulnerable to this issue. -http://www.exploit-db.com/sploits/28345.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28345.zip \ No newline at end of file diff --git a/platforms/multiple/dos/28666.txt b/platforms/multiple/dos/28666.txt index ec1e5d3dd..0d0680497 100755 --- a/platforms/multiple/dos/28666.txt +++ b/platforms/multiple/dos/28666.txt @@ -4,4 +4,4 @@ Call of Duty server is prone to a remote buffer-overflow vulnerability because i Exploiting this issue may allow remote attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions. -http://www.exploit-db.com/sploits/28666.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28666.zip \ No newline at end of file diff --git a/platforms/multiple/dos/2910.txt b/platforms/multiple/dos/2910.txt index 672686249..48fddcd61 100755 --- a/platforms/multiple/dos/2910.txt +++ b/platforms/multiple/dos/2910.txt @@ -1,5 +1,5 @@ Sophos Antivirus CHM File Heap Overflow Vulnerability -http://www.exploit-db.com/sploits/12092006-sophos_chunkheap.chm +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/12092006-sophos_chunkheap.chm # milw0rm.com [2006-12-10] diff --git a/platforms/multiple/dos/2911.txt b/platforms/multiple/dos/2911.txt index 55e83c1e8..7753b231e 100755 --- a/platforms/multiple/dos/2911.txt +++ b/platforms/multiple/dos/2911.txt @@ -1,5 +1,5 @@ Sophos Antivirus CHM Chunk Name Length Memory Corruption Vulnerability -http://www.exploit-db.com/sploits/12092006-sophos_namelen.chm +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/12092006-sophos_namelen.chm # milw0rm.com [2006-12-10] diff --git a/platforms/multiple/dos/2912.txt b/platforms/multiple/dos/2912.txt index 17a7902a5..fc71d8ea1 100755 --- a/platforms/multiple/dos/2912.txt +++ b/platforms/multiple/dos/2912.txt @@ -1,5 +1,5 @@ Multiple Vendor Antivirus RAR File Denial of Service Vulnerability -http://www.exploit-db.com/sploits/12102006-sophos_intifiniti.rar +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/12102006-sophos_intifiniti.rar # milw0rm.com [2006-12-10] diff --git a/platforms/multiple/dos/30498.txt b/platforms/multiple/dos/30498.txt index 264e5caaa..e4d216ce2 100755 --- a/platforms/multiple/dos/30498.txt +++ b/platforms/multiple/dos/30498.txt @@ -4,4 +4,4 @@ Live For Speed is prone to four vulnerabilities, including buffer-overflow and d Successful exploits could allow attackers to execute arbitrary code or to crash game servers. -http://www.exploit-db.com/sploits/30498.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30498.zip \ No newline at end of file diff --git a/platforms/multiple/dos/30513.txt b/platforms/multiple/dos/30513.txt index 44efcc12d..bc2571347 100755 --- a/platforms/multiple/dos/30513.txt +++ b/platforms/multiple/dos/30513.txt @@ -8,5 +8,5 @@ Versions of Unreal Engine that are included in Unreal Tournament 2003 and 2004 a This vulnerability also affects America's Army 2.8.2 when Punkbuster is enabled on the local server; other versions may also be vulnerable. -http://www.exploit-db.com/sploits/30513-1.zip -http://www.exploit-db.com/sploits/30513-2.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30513-1.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30513-2.zip \ No newline at end of file diff --git a/platforms/multiple/dos/30519.txt b/platforms/multiple/dos/30519.txt index a7f229dcc..e1522bc21 100755 --- a/platforms/multiple/dos/30519.txt +++ b/platforms/multiple/dos/30519.txt @@ -4,4 +4,4 @@ Asura Engine is prone to a remote stack-based buffer-overflow vulnerability beca An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. -http://www.exploit-db.com/sploits/30519.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30519.zip \ No newline at end of file diff --git a/platforms/multiple/dos/30524.txt b/platforms/multiple/dos/30524.txt index 6203ce50e..f0dfa4207 100755 --- a/platforms/multiple/dos/30524.txt +++ b/platforms/multiple/dos/30524.txt @@ -6,4 +6,4 @@ Successfully exploiting these issues allows remote attackers to crash game serve Soldat 1.4.2 and Soldat dedicated server 2.6.2 are vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/30524.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30524.zip \ No newline at end of file diff --git a/platforms/multiple/dos/30529.txt b/platforms/multiple/dos/30529.txt index 300900d17..3c9b5b70f 100755 --- a/platforms/multiple/dos/30529.txt +++ b/platforms/multiple/dos/30529.txt @@ -8,4 +8,4 @@ Successfully exploiting this issue allows remote attackers to execute arbitrary Media Player Classic 6.4.9.0 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/30529.fli \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30529.fli \ No newline at end of file diff --git a/platforms/multiple/dos/30540.txt b/platforms/multiple/dos/30540.txt index 378ef60a3..19c8d7905 100755 --- a/platforms/multiple/dos/30540.txt +++ b/platforms/multiple/dos/30540.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to crash the affected application, denying serv This issue affects StarCraft Brood War 1.15.1; prior versions may also be affected. -http://www.exploit-db.com/sploits/30540.scm \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30540.scm \ No newline at end of file diff --git a/platforms/multiple/dos/30566.txt b/platforms/multiple/dos/30566.txt index 93282ce00..7ab4aac32 100755 --- a/platforms/multiple/dos/30566.txt +++ b/platforms/multiple/dos/30566.txt @@ -6,4 +6,4 @@ Successfully exploiting these issues will allow an attacker to execute arbitrary Alien Arena 2007 6.10 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/30566.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30566.zip diff --git a/platforms/multiple/dos/30574.txt b/platforms/multiple/dos/30574.txt index e1810ae89..76152e841 100755 --- a/platforms/multiple/dos/30574.txt +++ b/platforms/multiple/dos/30574.txt @@ -6,4 +6,4 @@ Successfully exploiting these issues will allow an attacker to execute arbitrary CellFactor: Revolution 1.03 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/30574.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30574.zip \ No newline at end of file diff --git a/platforms/multiple/dos/30779.txt b/platforms/multiple/dos/30779.txt index 1d9c22d9e..0933d8a2d 100755 --- a/platforms/multiple/dos/30779.txt +++ b/platforms/multiple/dos/30779.txt @@ -6,4 +6,4 @@ An attacker could exploit this issue to execute arbitrary code within the contex This issue affects Rigs of Rods 0.33d and prior versions. -http://www.exploit-db.com/sploits/30779.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30779.zip \ No newline at end of file diff --git a/platforms/multiple/dos/30791.txt b/platforms/multiple/dos/30791.txt index 9a5fa1bd7..32d3d62a2 100755 --- a/platforms/multiple/dos/30791.txt +++ b/platforms/multiple/dos/30791.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to cause a remote denial-of-service condit These issues affect versions prior to I Hear U 0.5.7. -http://www.exploit-db.com/sploits/30791.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30791.zip \ No newline at end of file diff --git a/platforms/multiple/dos/30856.txt b/platforms/multiple/dos/30856.txt index 7362ce518..483939fb5 100755 --- a/platforms/multiple/dos/30856.txt +++ b/platforms/multiple/dos/30856.txt @@ -6,4 +6,4 @@ Successfully exploiting these issues allows remote attackers to upload files to Easy File Sharing Web Server 4.5 is vulnerable to these issues; other versions may also be affected. -http://www.exploit-db.com/sploits/30856.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30856.zip \ No newline at end of file diff --git a/platforms/multiple/dos/30943.txt b/platforms/multiple/dos/30943.txt index 47f7db193..1e93cde13 100755 --- a/platforms/multiple/dos/30943.txt +++ b/platforms/multiple/dos/30943.txt @@ -6,4 +6,4 @@ Attackers can exploit these issues to execute arbitrary code in the context of a Libnemesi 0.6.4-rc1 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/30943.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30943.zip \ No newline at end of file diff --git a/platforms/multiple/dos/30989.txt b/platforms/multiple/dos/30989.txt index cae760495..0dc66f020 100755 --- a/platforms/multiple/dos/30989.txt +++ b/platforms/multiple/dos/30989.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to exhaust the maximum number of connections al FortressSSH 5.0 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/30989.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30989.zip \ No newline at end of file diff --git a/platforms/multiple/dos/30990.txt b/platforms/multiple/dos/30990.txt index 03ded2c7e..d79a3b3a7 100755 --- a/platforms/multiple/dos/30990.txt +++ b/platforms/multiple/dos/30990.txt @@ -6,5 +6,5 @@ An attacker can exploit this issue to crash the affected application, denying se This issue affects Foxit WAC Server 2.0 Build 3503 and prior versions. -http://www.exploit-db.com/sploits/30990-1.zip -http://www.exploit-db.com/sploits/30990-2.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30990-1.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30990-2.zip \ No newline at end of file diff --git a/platforms/multiple/dos/30991.txt b/platforms/multiple/dos/30991.txt index 0d0c4b776..1dea2023d 100755 --- a/platforms/multiple/dos/30991.txt +++ b/platforms/multiple/dos/30991.txt @@ -6,4 +6,4 @@ Attackers can leverage this issue to terminate the server and cause denial-of-se This issue affects Pragma TelnetServer 7.0 Build 4 Revision 589; other versions may also be vulnerable. -http://www.exploit-db.com/sploits/30991.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30991.zip \ No newline at end of file diff --git a/platforms/multiple/dos/31136.txt b/platforms/multiple/dos/31136.txt index 6ee104c90..2416506e4 100755 --- a/platforms/multiple/dos/31136.txt +++ b/platforms/multiple/dos/31136.txt @@ -15,4 +15,4 @@ cyanPrintIP Workstation 4.10.836 and prior cyanPrintIP Standard 4.10.940 and prior cyanPrintIP Basic 4.10.1030 and prior -http://www.exploit-db.com/sploits/31136.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31136.zip \ No newline at end of file diff --git a/platforms/multiple/dos/31148.txt b/platforms/multiple/dos/31148.txt index cd3bb738e..cc4f460b0 100755 --- a/platforms/multiple/dos/31148.txt +++ b/platforms/multiple/dos/31148.txt @@ -13,4 +13,4 @@ cyanPrintIP Workstation 4.10.936 and prior cyanPrintIP Standard 4.10.940 and prior cyanPrintIP Basic 4.10.1030 and prior -http://www.exploit-db.com/sploits/31148.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31148.zip \ No newline at end of file diff --git a/platforms/multiple/dos/31150.txt b/platforms/multiple/dos/31150.txt index eef36e5f5..804a9e590 100755 --- a/platforms/multiple/dos/31150.txt +++ b/platforms/multiple/dos/31150.txt @@ -6,4 +6,4 @@ An attacker may exploit this issue to execute arbitrary code or cause denial-of- The issue affects RPM Elite and Select 4.5.1.11 and prior versions. -http://www.exploit-db.com/sploits/31150.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31150.zip \ No newline at end of file diff --git a/platforms/multiple/dos/31232.txt b/platforms/multiple/dos/31232.txt index 9e707f55d..8dbc44ded 100755 --- a/platforms/multiple/dos/31232.txt +++ b/platforms/multiple/dos/31232.txt @@ -6,4 +6,4 @@ Successfully exploiting this issue may allow remote attackers to execute arbitra This issue affects WAC Server 2.0 Build 3503 and prior versions. -http://www.exploit-db.com/sploits/31232.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31232.zip \ No newline at end of file diff --git a/platforms/multiple/dos/31271.txt b/platforms/multiple/dos/31271.txt index aad9196ae..2ed189051 100755 --- a/platforms/multiple/dos/31271.txt +++ b/platforms/multiple/dos/31271.txt @@ -6,4 +6,4 @@ A successful exploit will allow remote attackers to execute arbitrary code in th These issues affect MobiLink 10.0.1.3629; prior versions may also be affected. -http://www.exploit-db.com/sploits/31271.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31271.zip \ No newline at end of file diff --git a/platforms/multiple/dos/31285.txt b/platforms/multiple/dos/31285.txt index f849f3982..2c570cf23 100755 --- a/platforms/multiple/dos/31285.txt +++ b/platforms/multiple/dos/31285.txt @@ -6,4 +6,4 @@ A successful exploit may allow remote attackers to execute arbitrary code in the These issues affect ZIM Server 2.0 and 2.1; other versions may also be affected. -http://www.exploit-db.com/sploits/31285.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31285.zip \ No newline at end of file diff --git a/platforms/multiple/dos/31327.txt b/platforms/multiple/dos/31327.txt index e216420b4..bcbca5c2c 100755 --- a/platforms/multiple/dos/31327.txt +++ b/platforms/multiple/dos/31327.txt @@ -8,5 +8,5 @@ NOTE: The StarTeam MPX vulnerabilities may actually be related to a TIBCO SmartS Borland StarTeam Server 2008 and MPX products are vulnerable to these issues; other versions may also be affected. -http://www.exploit-db.com/sploits/31327-1.zip -http://www.exploit-db.com/sploits/31327-2.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31327-1.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31327-2.zip \ No newline at end of file diff --git a/platforms/multiple/dos/31343.txt b/platforms/multiple/dos/31343.txt index 8563cd1df..6f80a27be 100755 --- a/platforms/multiple/dos/31343.txt +++ b/platforms/multiple/dos/31343.txt @@ -13,4 +13,4 @@ SDK and JRE prior to 1.3.1_22 This vulnerability was previously covered in BID 28083 (Sun Java SE Multiple Security Vulnerabilities), but has been given its own record to better document the issue. -http://www.exploit-db.com/sploits/31343.jpg \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31343.jpg \ No newline at end of file diff --git a/platforms/multiple/dos/31542.txt b/platforms/multiple/dos/31542.txt index aa794b2d3..be2e79626 100755 --- a/platforms/multiple/dos/31542.txt +++ b/platforms/multiple/dos/31542.txt @@ -6,4 +6,4 @@ Attackers can exploit these issues to execute arbitrary code or to deny service solidDB 06.00.1018 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/31542.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31542.zip \ No newline at end of file diff --git a/platforms/multiple/dos/31728.txt b/platforms/multiple/dos/31728.txt index 557e53cc4..175cec56a 100755 --- a/platforms/multiple/dos/31728.txt +++ b/platforms/multiple/dos/31728.txt @@ -6,6 +6,6 @@ An attacker can exploit this issue to crash the affected application, denying se Call of Duty 4 1.5 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/31728-1.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31728-1.zip -http://www.exploit-db.com/sploits/31728-2.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31728-2.zip \ No newline at end of file diff --git a/platforms/multiple/dos/31932.txt b/platforms/multiple/dos/31932.txt index d9e7c4eae..0795bc323 100755 --- a/platforms/multiple/dos/31932.txt +++ b/platforms/multiple/dos/31932.txt @@ -6,4 +6,4 @@ A successful attack will deny service to legitimate users. Skulltag 0.97d2-RC3 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/31932.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31932.zip \ No newline at end of file diff --git a/platforms/multiple/dos/31957.txt b/platforms/multiple/dos/31957.txt index fe4703627..ccdab49e2 100755 --- a/platforms/multiple/dos/31957.txt +++ b/platforms/multiple/dos/31957.txt @@ -6,4 +6,4 @@ An attacker could exploit this issue to crash the affected application, denying This issue affects World in Conflict 1.008; other versions may also be affected. -http://www.exploit-db.com/sploits/31957.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31957.zip \ No newline at end of file diff --git a/platforms/multiple/dos/31958.txt b/platforms/multiple/dos/31958.txt index 92ece1c59..7528598c7 100755 --- a/platforms/multiple/dos/31958.txt +++ b/platforms/multiple/dos/31958.txt @@ -6,4 +6,4 @@ Successfully exploiting these issues allows remote attackers to crash affected g SunAge 1.08.1 is vulnerable; previous versions may also be affected. -http://www.exploit-db.com/sploits/31958.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31958.zip \ No newline at end of file diff --git a/platforms/multiple/dos/31998.txt b/platforms/multiple/dos/31998.txt index 3be4b8609..c3caeccbd 100755 --- a/platforms/multiple/dos/31998.txt +++ b/platforms/multiple/dos/31998.txt @@ -10,4 +10,4 @@ An attacker can exploit these issues to execute arbitrary code within the contex S.T.A.L.K.E.R Shadow of Chernobyl 1.0006 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/31998.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31998.zip \ No newline at end of file diff --git a/platforms/multiple/dos/32006.txt b/platforms/multiple/dos/32006.txt index 6a2430e48..7fb527c30 100755 --- a/platforms/multiple/dos/32006.txt +++ b/platforms/multiple/dos/32006.txt @@ -6,6 +6,6 @@ Exploiting these issues may allow attackers to obtain potentially sensitive info These issues affect Wireshark 0.9.5 up to and including 1.0.0. -http://www.exploit-db.com/sploits/32006-1.pcap -http://www.exploit-db.com/sploits/32006-2.pcap -http://www.exploit-db.com/sploits/32006-3.pcap \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32006-1.pcap +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32006-2.pcap +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32006-3.pcap \ No newline at end of file diff --git a/platforms/multiple/dos/32104.txt b/platforms/multiple/dos/32104.txt index 0f10469ce..47c6bd18b 100755 --- a/platforms/multiple/dos/32104.txt +++ b/platforms/multiple/dos/32104.txt @@ -6,4 +6,4 @@ An attacker could exploit this issue to crash the affected application, denying This issue affects ZDaemon 1.08.07 and earlier versions. -http://www.exploit-db.com/sploits/32104.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32104.zip \ No newline at end of file diff --git a/platforms/multiple/dos/32125.txt b/platforms/multiple/dos/32125.txt index 8737f7b2b..f6f6e0170 100755 --- a/platforms/multiple/dos/32125.txt +++ b/platforms/multiple/dos/32125.txt @@ -6,4 +6,4 @@ An attacker could exploit this issue to crash the affected application, denying This issue affects Unreal Tournament 2004 v3369 and prior versions. -http://www.exploit-db.com/sploits/32125.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32125.zip \ No newline at end of file diff --git a/platforms/multiple/dos/32127.txt b/platforms/multiple/dos/32127.txt index c2ac0afaa..6e946ab0f 100755 --- a/platforms/multiple/dos/32127.txt +++ b/platforms/multiple/dos/32127.txt @@ -9,4 +9,4 @@ These issues affect the following versions: Unreal Tournament 3 1.3beta4 Unreal Tournament 3 1.2 and prior -http://www.exploit-db.com/sploits/32127.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32127.zip diff --git a/platforms/multiple/dos/32192.txt b/platforms/multiple/dos/32192.txt index 11fa49691..0f836bc18 100755 --- a/platforms/multiple/dos/32192.txt +++ b/platforms/multiple/dos/32192.txt @@ -6,5 +6,5 @@ An attacker may exploit these issues to crash the affected application, denying Halo: Combat Evolved 1.0.7.0615 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/32192-1.zip -http://www.exploit-db.com/sploits/32192-2.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32192-1.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32192-2.zip \ No newline at end of file diff --git a/platforms/multiple/dos/32386.txt b/platforms/multiple/dos/32386.txt index d00d56270..4dacba133 100755 --- a/platforms/multiple/dos/32386.txt +++ b/platforms/multiple/dos/32386.txt @@ -15,4 +15,4 @@ WarPath Postal 2 Shadow Ops -http://www.exploit-db.com/sploits/32386.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32386.zip diff --git a/platforms/multiple/dos/33080.txt b/platforms/multiple/dos/33080.txt index 142f98113..0d5947391 100755 --- a/platforms/multiple/dos/33080.txt +++ b/platforms/multiple/dos/33080.txt @@ -6,4 +6,4 @@ The vulnerability can be exploited over the 'Oracle Net' protocol. An attacker d Successfully exploiting this issue will allow the attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. -http://www.exploit-db.com/sploits/33080.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33080.zip \ No newline at end of file diff --git a/platforms/multiple/dos/33083.txt b/platforms/multiple/dos/33083.txt index 7286b0d21..183b04045 100755 --- a/platforms/multiple/dos/33083.txt +++ b/platforms/multiple/dos/33083.txt @@ -14,4 +14,4 @@ Oracle11g 11.1.0.7 Other versions may also be affected. -http://www.exploit-db.com/sploits/33083.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33083.zip \ No newline at end of file diff --git a/platforms/multiple/dos/33099.txt b/platforms/multiple/dos/33099.txt index 688202a2c..3e01b2e51 100755 --- a/platforms/multiple/dos/33099.txt +++ b/platforms/multiple/dos/33099.txt @@ -6,4 +6,4 @@ An attacker could exploit this issue to crash the affected application, denying This issue affects World in Conflict 1.0.1.1 and prior versions. -http://www.exploit-db.com/sploits/33099.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33099.zip \ No newline at end of file diff --git a/platforms/multiple/dos/33100.txt b/platforms/multiple/dos/33100.txt index 85b7dcd98..2266923ad 100755 --- a/platforms/multiple/dos/33100.txt +++ b/platforms/multiple/dos/33100.txt @@ -8,4 +8,4 @@ The issue affects S.T.A.L.K.E.R. Clear Sky 1.5.10 (1.0010) and prior versions. NOTE: This issue may be related to the issue described in BID 29723 (S.T.A.L.K.E.R. Remote Denial of Service Vulnerability). We will update this BID if more information emerges. -http://www.exploit-db.com/sploits/33100.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33100.zip \ No newline at end of file diff --git a/platforms/multiple/dos/33104.txt b/platforms/multiple/dos/33104.txt index 29c8b47eb..cc2fbc211 100755 --- a/platforms/multiple/dos/33104.txt +++ b/platforms/multiple/dos/33104.txt @@ -7,4 +7,4 @@ Given the nature of this issue, the attacker may also be able to run arbitrary c This issue affects Star Wars Battlefront II 1.1 and prior versions. -http://www.exploit-db.com/sploits/33104.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33104.zip \ No newline at end of file diff --git a/platforms/multiple/dos/33105.txt b/platforms/multiple/dos/33105.txt index 9b31dc99d..c7011516e 100755 --- a/platforms/multiple/dos/33105.txt +++ b/platforms/multiple/dos/33105.txt @@ -9,4 +9,4 @@ This issue affects the following: TrackMania Nations Forever 2.11.11 TrackMania United Forever 2.11.11 -http://www.exploit-db.com/sploits/33105.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33105.zip \ No newline at end of file diff --git a/platforms/multiple/dos/33182.txt b/platforms/multiple/dos/33182.txt index 1e916e856..0cf5a01de 100755 --- a/platforms/multiple/dos/33182.txt +++ b/platforms/multiple/dos/33182.txt @@ -6,5 +6,5 @@ An attacker could exploit this issue to restart races on vulnerable servers, res Live For Speed S2 Z13 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/33182-1.zip -http://www.exploit-db.com/sploits/33182-2.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33182-1.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33182-2.zip \ No newline at end of file diff --git a/platforms/multiple/dos/33735.txt b/platforms/multiple/dos/33735.txt index 0ccf7207f..489bee524 100755 --- a/platforms/multiple/dos/33735.txt +++ b/platforms/multiple/dos/33735.txt @@ -9,4 +9,4 @@ SUPERAntiSpyware and Super Ad Blocker are prone to multiple local vulnerabilitie An attacker can exploit these issues to gain elevated privileges on the affected computer, crash the affected computer, gain access to sensitive information, or overwrite arbitrary files. Other attacks are also possible. -http://www.exploit-db.com/sploits/33735.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33735.zip \ No newline at end of file diff --git a/platforms/multiple/dos/34270.txt b/platforms/multiple/dos/34270.txt index 06c7bb36e..268666f84 100755 --- a/platforms/multiple/dos/34270.txt +++ b/platforms/multiple/dos/34270.txt @@ -6,4 +6,4 @@ Successful exploits may allow attackers to cause denial-of-service conditions. D GRAW 1.35 and GRAW 2 1.05 are vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/34270.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34270.zip \ No newline at end of file diff --git a/platforms/multiple/dos/34340.txt b/platforms/multiple/dos/34340.txt index 56cf06bec..8982c3684 100755 --- a/platforms/multiple/dos/34340.txt +++ b/platforms/multiple/dos/34340.txt @@ -19,4 +19,4 @@ WarPath XIII Other games may also be affected. -http://www.exploit-db.com/sploits/34340.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34340.zip diff --git a/platforms/multiple/dos/34360.txt b/platforms/multiple/dos/34360.txt index be5dd6ff3..18a239265 100755 --- a/platforms/multiple/dos/34360.txt +++ b/platforms/multiple/dos/34360.txt @@ -4,4 +4,4 @@ Monolith Lithtech Game Engine is prone to a memory-corruption vulnerability. An attacker can exploit this issue to cause a denial-of-service condition, or execute arbitrary code within the context of the affected application. Other attacks may also be possible. -http://www.exploit-db.com/sploits/34360.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34360.zip \ No newline at end of file diff --git a/platforms/multiple/dos/34457.txt b/platforms/multiple/dos/34457.txt index 2cbcdcd02..1cf6c96ff 100755 --- a/platforms/multiple/dos/34457.txt +++ b/platforms/multiple/dos/34457.txt @@ -6,4 +6,4 @@ Successful exploits may allow remote attackers to cause denial-of-service condit Versions prior to Sniper Elite 1.0 are vulnerable. -http://www.exploit-db.com/sploits/34457.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34457.zip \ No newline at end of file diff --git a/platforms/multiple/dos/35369.txt b/platforms/multiple/dos/35369.txt index 79c04e87f..000d9f25f 100755 --- a/platforms/multiple/dos/35369.txt +++ b/platforms/multiple/dos/35369.txt @@ -6,4 +6,4 @@ An attacker may exploit this issue to crash the application, resulting in a deni Battlefield 2 version 1.50 and Battlefield 2142 version 1.51 are vulnerable. Other versions may also be affected. -http://www.exploit-db.com/sploits/35369.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/35369.zip \ No newline at end of file diff --git a/platforms/multiple/dos/4601.txt b/platforms/multiple/dos/4601.txt index 3321415be..887aeb81c 100755 --- a/platforms/multiple/dos/4601.txt +++ b/platforms/multiple/dos/4601.txt @@ -1,6 +1,6 @@ Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit Author: RoMaNSoFt -Exploit-DB mirror: http://www.exploit-db.com/sploits/11022007-DoS-CVE-2007-5365.tgz +Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/11022007-DoS-CVE-2007-5365.tgz # milw0rm.com [2007-11-02] diff --git a/platforms/multiple/dos/5229.txt b/platforms/multiple/dos/5229.txt index 4b330050b..d493ee34e 100755 --- a/platforms/multiple/dos/5229.txt +++ b/platforms/multiple/dos/5229.txt @@ -112,7 +112,7 @@ to write to the log file (max 1023 bytes) in a buffer of only 500. http://aluigi.org/poc/asgulo.zip -http://exploit-db.com/sploits/2008-asgulo.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2008-asgulo.zip A] http://SERVER:6161/snmx-cgi/fcheck.exe?-b+..\../..\boot.ini diff --git a/platforms/multiple/dos/6029.txt b/platforms/multiple/dos/6029.txt index cf589c56b..3efbb1b2b 100755 --- a/platforms/multiple/dos/6029.txt +++ b/platforms/multiple/dos/6029.txt @@ -12,6 +12,6 @@ Microsoft Visio on windows: unaffected It is unknown at this time whether code execution is possible... """ -http://exploit-db.com/sploits/2008-www.NoiseBridge.net.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2008-www.NoiseBridge.net.zip # milw0rm.com [2008-07-08] diff --git a/platforms/multiple/dos/6174.txt b/platforms/multiple/dos/6174.txt index 19b1957d6..5896fb4e2 100755 --- a/platforms/multiple/dos/6174.txt +++ b/platforms/multiple/dos/6174.txt @@ -17,6 +17,6 @@ your scanner hanging, woops. -- kokanin -http://exploit-db.com/sploits/2008-snot.zip.bla +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2008-snot.zip.bla # milw0rm.com [2008-07-31] diff --git a/platforms/multiple/dos/6237.txt b/platforms/multiple/dos/6237.txt index a2b4af7fc..7f9996b07 100755 --- a/platforms/multiple/dos/6237.txt +++ b/platforms/multiple/dos/6237.txt @@ -1,5 +1,5 @@ NULL pointer in Ventrilo 3.0.2 -http://exploit-db.com/sploits/2008-ventrilobotomy.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2008-ventrilobotomy.zip # milw0rm.com [2008-08-13] diff --git a/platforms/multiple/dos/6252.txt b/platforms/multiple/dos/6252.txt index d65e76f4a..c65f4d3b6 100755 --- a/platforms/multiple/dos/6252.txt +++ b/platforms/multiple/dos/6252.txt @@ -56,7 +56,7 @@ Credit : g_ (g_ # orange-bat # com) http://www.orange-bat.com/adv/2008/vlc.dos.tta -backup: http://exploit-db.com/sploits/2008-vlc.dos.tta +backup: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2008-vlc.dos.tta - - PGP - diff --git a/platforms/multiple/dos/6622.txt b/platforms/multiple/dos/6622.txt index 01723e2a0..79cf49d55 100755 --- a/platforms/multiple/dos/6622.txt +++ b/platforms/multiple/dos/6622.txt @@ -8,6 +8,6 @@ with a malformed Tamosoft CommView .ncf packet capture: Err file wtap.c: line 620 (wtap_read): assertion failed: (wth->phdr.pkt_encap != WTAP_ENCAP_PER_PACKET) -http://exploit-db.com/sploits/2008-wireshark.ncf +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2008-wireshark.ncf # milw0rm.com [2008-09-29] diff --git a/platforms/multiple/dos/8285.txt b/platforms/multiple/dos/8285.txt index 34e230022..708ba493a 100755 --- a/platforms/multiple/dos/8285.txt +++ b/platforms/multiple/dos/8285.txt @@ -2,6 +2,6 @@ // k`sOSe - works both in windows and linux -http://exploit-db.com/sploits/2009-ffox-poc.tar.gz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-ffox-poc.tar.gz # milw0rm.com [2009-03-25] diff --git a/platforms/multiple/dos/8826.txt b/platforms/multiple/dos/8826.txt index e1b3668b9..3cc17d662 100755 --- a/platforms/multiple/dos/8826.txt +++ b/platforms/multiple/dos/8826.txt @@ -1,5 +1,5 @@ Acrobat <= 9.1.1 Stack Overflow Crashy PoC -http://www.exploit-db.com/sploits/2009-crashy_the_clown.pdf +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-crashy_the_clown.pdf # milw0rm.com [2009-05-29] diff --git a/platforms/multiple/local/10207.txt b/platforms/multiple/local/10207.txt index 9d2285993..12abbf382 100755 --- a/platforms/multiple/local/10207.txt +++ b/platforms/multiple/local/10207.txt @@ -121,4 +121,4 @@ VMWare ESX Server 4.0 ESX400-200909401 VMWare ESX Server 3.5 ESX350-200910401 VMWare ACE 2.5.3 Build 185404 -Exploit-DB mirror: http://www.exploit-db.com/sploits/2009-11-22-vmware86.tar.gz \ No newline at end of file +Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-11-22-vmware86.tar.gz \ No newline at end of file diff --git a/platforms/multiple/local/10326.txt b/platforms/multiple/local/10326.txt index 02bc6a9bc..ffd946871 100755 --- a/platforms/multiple/local/10326.txt +++ b/platforms/multiple/local/10326.txt @@ -114,4 +114,4 @@ Ghostscript Ghostscript 8.56 Ghostscript Ghostscript 8.54 Ghostscript Ghostscript 8.15 -Exploit-DB mirror: http://www.exploit-db.com/sploits/2009-12-05-34340.ps \ No newline at end of file +Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-12-05-34340.ps \ No newline at end of file diff --git a/platforms/multiple/local/10327.txt b/platforms/multiple/local/10327.txt index 316c3dc5e..c6a62b63b 100755 --- a/platforms/multiple/local/10327.txt +++ b/platforms/multiple/local/10327.txt @@ -146,5 +146,5 @@ Avaya Intuity AUDIX LX 2.0 Avaya Intuity AUDIX LX 1.0 Avaya Intuity AUDIX -Exploit-DB mirror: http://www.exploit-db.com/sploits/2009-12-05-34337.pdf +Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-12-05-34337.pdf diff --git a/platforms/multiple/local/19547.txt b/platforms/multiple/local/19547.txt index f60148100..37e522987 100755 --- a/platforms/multiple/local/19547.txt +++ b/platforms/multiple/local/19547.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/708/info Several buffer overflows were found in the Perl helper application 'suidperl' or 'sperl'. When this program is installed setuid root the overflows may lead to a local root compromise. -http://www.exploit-db.com/sploits/19547.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19547.tgz \ No newline at end of file diff --git a/platforms/multiple/local/21117.txt b/platforms/multiple/local/21117.txt index 13e2f98f1..09c77da19 100755 --- a/platforms/multiple/local/21117.txt +++ b/platforms/multiple/local/21117.txt @@ -8,4 +8,4 @@ These problems could be exploited to allow a local attacker to execute arbitrary This situation could be leveraged by the attacker to gain root privileges on the host. -http://www.exploit-db.com/sploits/21117.tar \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21117.tar \ No newline at end of file diff --git a/platforms/multiple/local/28817.txt b/platforms/multiple/local/28817.txt index 1127c2142..a7706da05 100755 --- a/platforms/multiple/local/28817.txt +++ b/platforms/multiple/local/28817.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to delete arbitrary files within the context Versions 3.6.cpu, 3.6.cpj are vulnerable to this issue; other versions may also be affected. -http://www.exploit-db.com/sploits/28817.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28817.zip \ No newline at end of file diff --git a/platforms/multiple/local/30039.txt b/platforms/multiple/local/30039.txt index 5d918953e..f157dafe6 100755 --- a/platforms/multiple/local/30039.txt +++ b/platforms/multiple/local/30039.txt @@ -11,6 +11,6 @@ The following applications are vulnerable to this issue: Other applications and versions may also be affected. -http://www.exploit-db.com/sploits/30039-1.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30039-1.zip -http://www.exploit-db.com/sploits/30039-2.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30039-2.zip \ No newline at end of file diff --git a/platforms/multiple/local/30970.txt b/platforms/multiple/local/30970.txt index 453d24768..0ada8b43e 100755 --- a/platforms/multiple/local/30970.txt +++ b/platforms/multiple/local/30970.txt @@ -6,4 +6,4 @@ Exploiting these issues can allow local attackers to execute arbitrary code in t Versions prior to White_Dune 0.29beta795 are affected. -http://www.exploit-db.com/sploits/30970.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30970.zip \ No newline at end of file diff --git a/platforms/multiple/local/32055.txt b/platforms/multiple/local/32055.txt index 65b8152a4..0193941a4 100755 --- a/platforms/multiple/local/32055.txt +++ b/platforms/multiple/local/32055.txt @@ -6,4 +6,4 @@ Successfully exploiting this issue can allow an attacker to execute arbitrary co Netrw 127 is vulnerable; other versions may also be affected. -http://www.exploit-db.com/sploits/32055.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32055.zip \ No newline at end of file diff --git a/platforms/multiple/local/32501.txt b/platforms/multiple/local/32501.txt index 7b4cdb98d..b552c7bdc 100755 --- a/platforms/multiple/local/32501.txt +++ b/platforms/multiple/local/32501.txt @@ -12,4 +12,4 @@ MIFARE Classic is prone to multiple security weaknesses: Exploiting these issues in combination may allow attackers to gain access to the smartcard's secret key. Successful exploits will allow attackers with physical access to an RFID reader to bypass certain physical security restrictions. -http://www.exploit-db.com/sploits/32501.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32501.tgz \ No newline at end of file diff --git a/platforms/multiple/remote/13787.txt b/platforms/multiple/remote/13787.txt index bfc41aab4..4d65b6890 100755 --- a/platforms/multiple/remote/13787.txt +++ b/platforms/multiple/remote/13787.txt @@ -9,6 +9,6 @@ NOTE: This was taken out of live malware and was not modified. BEWARE. By visiting the following link, you agree that you are responsible for any damages that occur. -http://www.exploit-db.com/sploits/adobe-0day-2010-1297.tar.enc +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/adobe-0day-2010-1297.tar.enc diff --git a/platforms/multiple/remote/1791.patch b/platforms/multiple/remote/1791.patch index d2d90827b..c7d555aa6 100755 --- a/platforms/multiple/remote/1791.patch +++ b/platforms/multiple/remote/1791.patch @@ -15,6 +15,6 @@ xx vnc-4_1_1-unixsrc.bl4ck/common/rfb/CConnection.cxx os->flush(); vlog.debug("Choosing security type %s(%d)",secTypeName(secType),secType); } -Compiled: http://www.exploit-db.com/sploits/05162006-BL4CK-vncviewer-authbypass.rar +Compiled: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/05162006-BL4CK-vncviewer-authbypass.rar diff --git a/platforms/multiple/remote/1799.txt b/platforms/multiple/remote/1799.txt index a3960d4ed..fd8247ec9 100755 --- a/platforms/multiple/remote/1799.txt +++ b/platforms/multiple/remote/1799.txt @@ -1,8 +1,8 @@ class101 - http://heapoverflow.com RealVNC 4.1.0 - 4.1.1 (VNC Null Authentication) Vulnerability Scanners --------------------------------------------------------------------- -windows: http://www.exploit-db.com/sploits/05172006-VNC_bypauth-win32.rar -linux: http://www.exploit-db.com/sploits/05172006-VNC_bypauth-linux.tar.gz +windows: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/05172006-VNC_bypauth-win32.rar +linux: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/05172006-VNC_bypauth-linux.tar.gz comments: http://heapoverflow.com/viewtopic.php?p=1729 --------------------------------------------------------------------- diff --git a/platforms/multiple/remote/18245.py b/platforms/multiple/remote/18245.py index 753251d2c..4128b50ad 100755 --- a/platforms/multiple/remote/18245.py +++ b/platforms/multiple/remote/18245.py @@ -19,7 +19,7 @@ Author: Gary O'leary-Steele @ Sec-1 Ltd Date: 5th September 2011 Release date: Private -Full Package: http://www.exploit-db.com/sploits/18245.zip +Full Package: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18245.zip C:\git\splunk>python splunk_exploit.py -h Usage: Run splunk_exploit.py -h to see usage options diff --git a/platforms/multiple/remote/18619.txt b/platforms/multiple/remote/18619.txt index 068b6e054..5d926b389 100755 --- a/platforms/multiple/remote/18619.txt +++ b/platforms/multiple/remote/18619.txt @@ -25,4 +25,4 @@ Enjoy :> /Kingcope -http://www.exploit-db.com/sploits/tomcat-remote.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/tomcat-remote.zip \ No newline at end of file diff --git a/platforms/multiple/remote/18763.txt b/platforms/multiple/remote/18763.txt index aecafd01a..98dbecdd8 100755 --- a/platforms/multiple/remote/18763.txt +++ b/platforms/multiple/remote/18763.txt @@ -15,7 +15,7 @@ Proof of concept: Code demonstrating the vulnerability can be found at https://github.com/jelmerk/LPS-24562-proof -http://www.exploit-db.com/sploits/18763.tar.gz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18763.tar.gz Systems affected: diff --git a/platforms/multiple/remote/19093.txt b/platforms/multiple/remote/19093.txt index 6559a8c96..710762f95 100755 --- a/platforms/multiple/remote/19093.txt +++ b/platforms/multiple/remote/19093.txt @@ -10,4 +10,4 @@ http://www.victim.test/cfdocs/expeval/ExprCalc.cfm?RequestTimeout=2000&OpenFileP Now replace the "dummy.txt" string by "ExprCalc.cfm" to delete that file. We can now upload and execute ColdFusion files in the server without them being deleted. -http://www.exploit-db.com/sploits/19093.cfm \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19093.cfm \ No newline at end of file diff --git a/platforms/multiple/remote/19451.txt b/platforms/multiple/remote/19451.txt index 8d137fa76..280c13048 100755 --- a/platforms/multiple/remote/19451.txt +++ b/platforms/multiple/remote/19451.txt @@ -41,4 +41,4 @@ Preference: If the preference is not specified, it will use a default of 1000, w 2nd Router Addr: By using the '-r' flag and specifying a second router address entry, the packet can contain a bogus source address and still be processed for correct gateway entries by the end host. -http://www.exploit-db.com/sploits/19451.tar.gz +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19451.tar.gz diff --git a/platforms/multiple/remote/19459.txt b/platforms/multiple/remote/19459.txt index d6335b80f..4a6289b07 100755 --- a/platforms/multiple/remote/19459.txt +++ b/platforms/multiple/remote/19459.txt @@ -4,4 +4,4 @@ Ircd hybrid-6 (up to beta 58) has a vulnerability which can allow remote access This vulnerability is in the invite handling code (m_invite). In a channel with operators (ops) and modes +pi (paranoid + invite-only), a channel invitation is reported to all other operators. The buffer used to store the invitation notice can be overflown by up to 15 bytes. -http://www.exploit-db.com/sploits/19459.tgz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19459.tgz \ No newline at end of file diff --git a/platforms/multiple/remote/19749.txt b/platforms/multiple/remote/19749.txt index 4ea7f6087..8ecf8248b 100755 --- a/platforms/multiple/remote/19749.txt +++ b/platforms/multiple/remote/19749.txt @@ -6,4 +6,4 @@ A potential denial of service (hence forth referred to as DoS) attack exists in The vulnerability exists in the way name servers will behave in the event that they are unable to receive replies for a domain from a nameserver they consider authoritative. When a nameserver receives a query, it is typically forwarded up a chain of DNS server. If the query cannot be resolved because there is no nameserver listening on the remote host, every forwarding nameserver will attempt to resolve the nameserver themselves. These are typically retried three times, at 0, 12 and 24 seconds. In this case, the traffic is significantly multiplied. By abusing multiple nameservers, it becomes possible to send a large quantity of data to a given network, with packet sizes as large as 500 bytes. -http://www.exploit-db.com/sploits/19749.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19749.tar.gz \ No newline at end of file diff --git a/platforms/multiple/remote/19780.txt b/platforms/multiple/remote/19780.txt index 9fa972455..1d8cfb475 100755 --- a/platforms/multiple/remote/19780.txt +++ b/platforms/multiple/remote/19780.txt @@ -26,9 +26,9 @@ cgiRqCfg.exe provides to the client configuration settings which will disable sc cgiOnStart.exe will need to be put on the attacking webserver as the client expects it. -http://www.exploit-db.com/sploits/19780-1.exe +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19780-1.exe -http://www.exploit-db.com/sploits/19780-2.exe +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19780-2.exe this script will replay the request to the client, and may be launched from any machine. Modify for your installation and desired client response. @@ -46,4 +46,4 @@ sleep 5 Trend Micro Officescan Denial of Service (tmosdos.zip) was contributed by Marc Ruef . This tool is a pre-compiled Windows binary with Visual Basic source. -http://www.exploit-db.com/sploits/19780-3.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19780-3.zip \ No newline at end of file diff --git a/platforms/multiple/remote/20139.txt b/platforms/multiple/remote/20139.txt index ea4444e93..326e3d11e 100755 --- a/platforms/multiple/remote/20139.txt +++ b/platforms/multiple/remote/20139.txt @@ -16,4 +16,4 @@ By combining these two flaws a malicious applet can accept connections from any Both Netscape and Microsoft Java Virtual Machines are affected by this vulnerability, however in Microsoft products the file: URL type will not be effective in reading files, meaning that only web-available documents can be retreived via this method. However, the file: method will verify the existence of a file. It will check to see if the file exists and if it does not, it will return a SecurityException error message. Netscape browsers will pass both web documents and local files to the attacker. -http://www.exploit-db.com/sploits/20139.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20139.tar.gz \ No newline at end of file diff --git a/platforms/multiple/remote/20140.txt b/platforms/multiple/remote/20140.txt index f86f43afd..f28ef24e0 100755 --- a/platforms/multiple/remote/20140.txt +++ b/platforms/multiple/remote/20140.txt @@ -8,4 +8,4 @@ Netscape's netscape.net.URLConnection and netscape.net.URLInputStream classes se If the machine running the malicious applet is behind a firewall it will also be able to download resources that can be accessed via a URL, such as web server ("http://" or "https://) or FTP servers ("ftp://"), that the attacker in control of the machine from which the applet was downloaded could not. In this way a malicious applet could be used to penetrate a firewall. -http://www.exploit-db.com/sploits/20140.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20140.tar.gz \ No newline at end of file diff --git a/platforms/multiple/remote/20181.txt b/platforms/multiple/remote/20181.txt index 7dda64839..60570c8d3 100755 --- a/platforms/multiple/remote/20181.txt +++ b/platforms/multiple/remote/20181.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1616/info Kerberos is a cryptographic authentication protocol that allows users of a network to access services without transmitting cleartext passwords. A common implementation of the protocol includes a login service which is vulnerable to an attack which involves spoofing responses from the Key Distribution Center (KDC). The login service authenticates a user by first requesting a ticket granting ticket (TGT) from the authentication server. If the TGT can be decrypted using the password supplied by the user, the login service attempts to verify the identity of the KDC by making a request with the received TGT for a service ticket for itself. The service ticket returned by the KDC is encrypted with a secret shared between the KDC and the service host. If the service ticket cannot be verified with the service's secret key it is assumed that the KDC is not authentic. If the login service has not been registered as a principal with the KDC or the service's secret key has not been installed on the host the login service will proceed without verification that the TGT was returned by the authentic KDC. In these circumstances it is possible to log into the server illicitly if an attacker can spoof responses from the Key Distribution Center. -http://www.exploit-db.com/sploits/20181.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20181.tar.gz \ No newline at end of file diff --git a/platforms/multiple/remote/20259.txt b/platforms/multiple/remote/20259.txt index e8cca442e..3264180b4 100755 --- a/platforms/multiple/remote/20259.txt +++ b/platforms/multiple/remote/20259.txt @@ -8,4 +8,4 @@ After receiving a request to update the Yello Pages maps, 'ypupdated' executes a This is issue is tracked by Sun BugIDs 1230027 and 1232146. -http://www.exploit-db.com/sploits/20259.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20259.tar.gz \ No newline at end of file diff --git a/platforms/multiple/remote/20685.txt b/platforms/multiple/remote/20685.txt index b918d02a7..cb589369e 100755 --- a/platforms/multiple/remote/20685.txt +++ b/platforms/multiple/remote/20685.txt @@ -8,4 +8,4 @@ Compromise of the user accounts could result in disclosure of sensitive informat Compromise of administrator accounts could result in disclosure of sensitive information, changes to website functionality, and, potentially, could assist in further compromises of security on the affected host. -http://www.exploit-db.com/sploits/20685.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20685.zip diff --git a/platforms/multiple/remote/20738.txt b/platforms/multiple/remote/20738.txt index 4a1d75968..ecbbb650f 100755 --- a/platforms/multiple/remote/20738.txt +++ b/platforms/multiple/remote/20738.txt @@ -6,4 +6,4 @@ When a user opens a document for verification in PGP, its corresponding .sig fil Due to a flaw in the implementation of the decoder, an arbitrary file can be created on a users system. The file created would be of the attackers choice. -http://www.exploit-db.com/sploits/20738.doc.sig \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20738.doc.sig \ No newline at end of file diff --git a/platforms/multiple/remote/20881.txt b/platforms/multiple/remote/20881.txt index 9cff8dbf2..6564a65bd 100755 --- a/platforms/multiple/remote/20881.txt +++ b/platforms/multiple/remote/20881.txt @@ -5,4 +5,4 @@ The IPC@Chip is a single-chip embedded webserver from Beck GmbH. The device's inbuilt telnetd service may allow a remote user to repeatedly attempt to login to a given account, without logging or responding to repeated failed login attempts. This could permit an attacker to brute-force a known account name, potentially leading to a compromise of the device's accounts and/or allowing a compromise of its function. -http://www.exploit-db.com/sploits/20881.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20881.zip \ No newline at end of file diff --git a/platforms/multiple/remote/20889.txt b/platforms/multiple/remote/20889.txt index 59f3fce10..93fba35b1 100755 --- a/platforms/multiple/remote/20889.txt +++ b/platforms/multiple/remote/20889.txt @@ -6,4 +6,4 @@ It is possible for attackers to create an encrypted document that will exploit a This vulnerability may lead to remote attackers gaining access to client hosts. -http://www.exploit-db.com/sploits/20889.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20889.tar.gz \ No newline at end of file diff --git a/platforms/multiple/remote/20891.txt b/platforms/multiple/remote/20891.txt index fb2f2fae0..9d0c20c69 100755 --- a/platforms/multiple/remote/20891.txt +++ b/platforms/multiple/remote/20891.txt @@ -4,4 +4,4 @@ eSafe Gateway is a security utility used for filtering internet content. An html file may be crafted to bypass the script-filtering feature offered by eSafe Gateway. This is done by simply encoding the