.:[packet storm]:. ArchivesForums
 

 
 
about | forums | assessment | defense | papers | magazines | miscellaneous | links


To change sort order, click on the category. Sorted By: File Size.
.: 0203-exploits
File Name File Size Last Modified MD5 Checksum
0203-exploits.tgz1840053Apr 2 00:05:51 200207b176a4f3caa5aeb0e71dc7d048509d
Packet Storm new exploits for March, 2002.
sp_quickill.zip431940Mar 24 21:09:41 2002df1ed07f57c90114475fb5b2cedabf67
Sp_Quickkill scans internal networks for unpatched windows machines, IIS and SQL.  Homepage: http://www.sensepost.com. By Roelof Temmingh
realown.tar.gz340890Mar 5 22:41:35 200236989e96eebc153db49cfe7e9be93297
Cygwin port of the unix port of the real own realserver exploit. Ported by Luigi Grandini
vwxploit.tar.gz340795Mar 5 22:42:55 2002b19a0556613b5a2bd2a5bb32ab7c84e0
Cygwin Windows port of the Interscan VirusWall 3.23/3.3 exploit. Ported by Luigi Grandini
apache_php.tar.gz339383Mar 5 22:39:29 2002bdf92baef409ba2576ddfb67c6972625
Cygwin Windows port of the Apache 1.3.x + php 4.0.6 proof of concept exploit for the multipart/form-data POST requests bug. This exploit crashes the daemon. Ported by Luigi Grandini
agate.tar.gz339340Mar 5 22:38:00 2002b0e6e1f796741cc0afbcb3fd7b954d46
Avirt Gateway 4.2 remote exploit ported to Windows with Cygwin. By Luigi Grandini
osshchan.tgz20241Mar 29 09:28:53 2002ae4a56b17dda15f0c2b2ef133479a4e9
OpenSSH 2.9p* channel_lookup() off by one exploit. Tested against SuSE Linux 7.2 and FreeBSD 4.5-STABLE with OpenSSH 2.9p1 and p2. Based on OpenSSH-2.9p2 source. By Morgan
phpxpl.c12998Mar 6 22:14:46 20020f3502ccdfd5f2739f73f8841d4708ba
PHP 3.0.16/4.0.2 remote root format string overflow exploit for Linux/x86. Included shellcode adds a root shell on tcp port 1524 to inetd.conf. By Count August Anton Wilhelm Neithardt von Gneisenau
ucd-snmp.c12316Mar 13 23:09:39 2002b6e6a827e6265c29937e7052e444d49c
UCD-snmp v4.2.1 and below remote root exploit for the long community string overflow on Linux/x86. Tested against Slackware 8.0, includes instructions for finding more offsets. Binds a shell to tcp port 10000. By Jove
Colbalt-RAQ-v4.txt5236Mar 4 08:56:42 2002a4e649e09cdd871f9843ce8582d573d5
Cobalt's RAQ 4 server has three remote vulnerabilities. The service.cgi script has a cross site scripting vulnerability because it incorrectly parses the incoming searches and includes HTML tags and Javascript in the result. A directory traversal vulnerability allows attackers to read restricted files or passwords and profiles the users. In addition, a very long URL string will crash the service. Exploits included. By Alex Hernandez
Xerver-2.10.txt4162Mar 7 21:59:40 2002f5c20e4013a63f1117a415ea47a3fc93
The Xerver Free Web Server v2.10 contains file disclosure and denial of service vulnerabilities. Platforms affected include Windows, Linux, BSD, Solaris, and Mac. Exploits included. By Alex Hernandez
apache_php.c3660Mar 4 00:26:43 20025126bbf8e63b2126ebdd8a9450b62ff8
Apache 1.3.x + php 4.0.6 proof of concept exploit for the multipart/form-data POST requests bug. This exploit crashes the daemon.  Homepage: http://qb0x.net. By Gabriel A. Maggiotti
ptrace-dark.c3411Mar 12 20:24:28 2002400dd79a65c806ae4fe25bee6f1573e4
Ptrace2.4 is a local root exploit for linux kernels prior to v2.4.9 and 2.2.20. By Darknessx
Apache.Win32.txt3016Mar 22 07:57:41 200204bda8f5bf73eb6fe91b03b836198c35
A vulnerability in the way the Windows versions of Apache parses batch files with cmd.exe allows remote users to execute commands on versions of Apache prior to 1.3.24 and 2.0.29-BETA. Exploit URL's included. By Ory Segal
DLA-18-03-2002.txt2741Mar 20 09:47:50 200293581200755ee08576317b5c3179619b
Microsoft posted a security bulletin on this (ms99-040) way back in September 28, 1999; it is still exploitable if the html file is run from the users local disk and not from a webserver or file-share. By Gollum
hhp-qtip.c1350Mar 12 19:44:26 2002b1f1e53e81b7b495f4faeb362d585475
Hhp-qtip.c is a local root exploit for /usr/bin/tip on BSDI 4.2. Requires access to tip, usually gid(dialer).  Homepage: http://www.hhp-programming.net. By Cody Tubbs
php-nuke.5.5.css.txt1106Mar 12 19:47:46 2002392663e5198a29c4a1c3c2daf1b7e121
PHP Nuke v5.5 has a cross site scripting vulnerability. Exploit information included.  Homepage: http://hackergurus.tk. By Ravish
phpnukeEKO.txt970Mar 13 21:15:24 20022546c50f77cdccffa18d54d48870f2d9
PHP Nuke 5.X path disclosure vulnerability through modules.php.  Homepage: http://nyshock.hypermart.net. By Patryk K.

 
 
Privacy Statement