.:[packet storm]:. ArchivesForums
 

 
 
about | forums | assessment | defense | papers | magazines | miscellaneous | links


To change sort order, click on the category. Sorted By: File Size.
.: 0204-exploits
File Name File Size Last Modified MD5 Checksum
0204-exploits.tgz777405May 6 22:56:05 2002da76776c09caeb80dc346c3147fe4567
Packet Storm new exploits for April, 2002.
tgt_v1_x86Lnx.tar.gz473805May 1 12:55:37 200298f1f82d423d16819bc96da528d31ca8
Exploit for the local root bug in Kerberos IV TGT and AFS Token implementation of the OpenSSH server (sshd) version 2.2.0 - 3.1.0.  Homepage: http://mantra.freeweb.hu/.  By Marcell Fodor
x2.tgz221543Jul 17 23:05:13 20025ad26f20c8eeae79c09718165e21621d
X2 exploits the SSH CRC-32 attack detection code buffer overflow vulnerability that exists in SSH1 implementations. The exploit is distributed in binary form and has been encrypted. Includes 45 target types. This code was abandoned in a honey pot and is published under Fair Use Law 17 U.S.C.A 107
7350fun49723Jul 17 23:01:07 200255dd71bbb7d23d1220f8bb33a4b20edd
7350fun is a remote exploit for mod_php v4.0.2rc1-v4.0.5 and v4.0.6-v4.0.7RC2. This exploit appears to be a revised version of the 73501867 exploit, which was written by the same author, contained less functionality and was not encrypted. Note: this exploit also causes PHP 4.1.2 versions to segfault.  By Lorian. This code was abandoned in a honey pot and is published under Fair Use Law 17 U.S.C.A 107
icx.c13494Apr 2 09:23:07 200230658aa7461384b8a294cfc3db8fab5a
Icecast v1.3.11 and below remote root exploit for linux/x86. Binds a shell to port 30464. Tested against SuSE 7.2, Debian 2.2r2, and Slackware 8.0. By Diz
guninski-53.txt10258Apr 2 00:05:00 20022fbb5a730b6516363c61c5ba49238bcb
Georgi Guninski security advisory #53, 2002 - Two serious security vulnerabilities have been found in Microsoft Office XP. It is possible to embed active content (object + script) in HTML mail which is triggered if the user replies to or forwards mail. In addition, a bug in the Host() function of the spreadsheet allows creating files with arbitrary names and their content may be specified to some extent at which is sufficient to place an executable file (.hta) in user's startup directory which may lead to taking full control over user's computer.  Homepage: http://www.guninski.com. By Georgi Guninski
xtelld261.c9193Apr 3 01:47:15 20021cafde97c61ae5070ffa7332f1bba3ea
Xtell from the Debian Linux distribution is a network messaging client for sending messages to users on different computers. Xtell 2.6.1 with at least 3 remote buffer overflows, symlink bug, ".." directory traversal, file race condition, and more. Exploit spawns a shell on port 12321. Tested against Red Hat 7.2, 7.1; Debian Potato. By Spybreak
iis.asp.overflow.txt5740Apr 11 04:41:33 20024cdf305e59b0d7ba7de3156cc1e0c3c2
A vulnerability in the ASP (Active Server Pages) ISAPI filter, loaded by default on all NT4 and Windows 2000 server systems (running IIS), can be exploited to remotely execute code of an attackers choice. Example which causes an application error included. Microsoft advisory on this vulnerability here.  Homepage: http://www.eEye.com. By Marc Maiffret
msh3comdos.c4351May 1 09:32:39 20022bf501dc4f6312377a58c1130e5beb44
3CDaemon FTP Server v2.0 buffer overflow dos exploit. By Skyrim
screen-stuff.tgz4176Apr 24 19:39:06 2002bf834c1357f2a2f6814bd7bf51ecea1d
Screen v3.9.11 local root linux/x86 exploit for braille module bug. By Gobbles Security
tshttpd.pl2983May 4 22:24:59 2002cb8368a36e1c06aa0f994e1dce369789
AnalogX SimpleServer:WWW HTTP Server v1.1 denial of service buffer overflow exploit. By TrippinSmurfs
iischeck.pl2891Apr 24 21:40:00 20022b2edd24b76ee0b58d5186d14b8d3923
Microsoft IIS .HTR heap overflow checker. Determines remotely if patch MS02-018 has been applied. Homepage: http://filip.compsec.be. By Filip Maertens
food_for_the_poor.c2829May 1 12:53:32 200202f164a7343a06b6563818a43d6d7357
Food_for_the_poor is a linux exploit for a heap overflow in the Kerberos 4 ftp client which creates a suid shell in /tmp.  Homepage: http://mantra.freeweb.hu/.  By Marcell Fodor
pos_expl.c2286Apr 22 22:42:02 2002aba3e4e67681520ccc17f4d5f548bbc0
Posadis m5pre1 local buffer overflow exploit.  Homepage: http://www.netric.org. By eSDee
cisco677.pl2143May 4 22:32:17 200271acdbfebdc481e031687d06bbb810e7
Cisco 677/678 Telnet Overflow denial of service perl exploit.  Homepage: http://mail.dhbit.ca. By DNV
iisfux0r.txt2047Apr 22 22:28:30 2002187ee85dc854e518c0b386d561dd3a33
Microsoft IIS W3SVC Denial of Service - Brings down the inetinfo.exe process, crashing IIS.  Homepage: http://filip.compsec.be. By Filip Maertens
logwatch211.sh1655Apr 3 01:08:56 200226509d094a11d67a23e651d2e6fd95a6
LogWatch 2.1.1 is a part of the Red Hat Linux 7.2 distribution, enabled by default and daily run by the cron daemon. On a system running LogWatch, a local user is able to gain unauthorized root access, due to a race condition during the temporary directory creation.  Homepage: http://www.kaybee.org/~kirk/html/linux.html. By Spybreak
psydos.txt1223Apr 24 22:03:45 200272882c16409c851c3e19cdd8edf515a6
PsyBNC v2.3 has a problem dealing with oversized passwords, making it possible to tie up all the connection slots and consume a lot of CPU on the server. By Nawok
pos_expl2.c1184Apr 22 22:40:44 20027475676aaa562e43d95925828590fb52
Posadis m5pre2 local format string exploit.  Homepage: http://www.netric.org. By eSDee
evelyne.sh1043Apr 24 18:36:31 20026e686fc543c6ddbad436bfb0f81fd5be
Local root exploit for the "Suid application execution bug" (< FreeBSD 4.5-STABLE) that was discovered by Joost Pol from Pine.  Homepage: http://www.netric.org. By Atje
iosmash.c853Apr 24 18:24:03 20025a17bababe3ea7ff5e73ed68e8bf079d
Iosmash.c is an exploit for the stdio kernel bug that resides in all releases of FreeBSD up to and including 4.5-RELEASE. The exploit uses keyinit, which is part of the S/key package, to create 5 valid root passwords that give instant root access trough S/key. By Phased
pUll.pl845Jul 8 00:17:49 2002ddc9cde518d7a4282d6cb3248b448e48
Slrnpull '-d' buffer overflow exploit. Executes shellcode with group 'news' privileges. Tested to work on an Intel Red Hat 6.2 installation .  Homepage: http://www.safemode.org.  By zillion and Alex Hernandez
epop.c821Apr 24 23:22:30 2002d53cc8ba199088d13beffe904c1f9450
This exploit hangs WiredRed e/pop v2.0.3, probably works on all 2.x versions. By Cult
obsd-cron.c570Apr 15 00:41:12 200272d35ea6ab315d9c96c3184343dee252
OpenBSD 3.0 cron / mail local root exploit. Creates a suid shell after /etc/daily runs. By Przemysaw Frasunek

 
 
Privacy Statement