.:[packet storm]:. ArchivesForums
 

 
 
about | forums | assessment | defense | papers | magazines | miscellaneous | links


To change sort order, click on the category. Sorted By: File Size.
.: 0205-exploits
File Name File Size Last Modified MD5 Checksum
0205-exploits.tgz735801Jun 2 21:02:36 2002ecbc62a22118d344f7108dd053dac280
Packet Storm new exploits for May, 2002.
UO-SphereServer_Expl..>553509Sep 21 01:37:27 2002b5628022c968fa70d68b167605003484
Windows exploit for the SphereServer Ultima Online Roleplay Server v0.5x for Linux, FreeBSD, and Win32 which runs on tcp port 2593 and contains a denial of service vulnerability. By Tolueno
iis-asp-overflow.tar..>356776May 28 23:21:26 200239f8b5fbccb0aa6f4d417bbb98827c9f
IIS 5.0 .asp buffer overrun remote exploit which runs cmd.exe. The .asp overflow is documented in ms02-018. By Hsj, ported to Cygwin by Luigi Grandini
msh.tar.gz355032May 28 23:25:24 2002e65fd71eb92068a7397b56ae8855aa34
3CDaemon FTP Server v2.0 buffer overflow dos exploit. By Skyrim, ported to Cygwin by Luigi Grandini
7350wurm.c44499Jul 17 23:02:34 2002e004a15cec5f254723de055a9c1ae8b9
7350wurm is a linux/x86 wu_ftpd remote root exploit for the double free() bug affecting v2.4.2 to 2.6.1.  Homepage: https://www.team-teso.net. By Lorian. This code was abandoned in a honey pot and is published under Fair Use Law 17 U.S.C.A 107
7350squish.c25000Jul 17 23:02:10 2002dce9bab965424a0e8530f96a1894753b
7350squish is a Linux / x86 Squid remote exploit. Tested against Debian Squid_2.3.4-2, squid_2.4.1-1, and squid_2.4.2.  Homepage: https://www.team-teso.net. By Lorian and Scut. This code was abandoned in a honey pot and is published under Fair Use Law 17 U.S.C.A 107
7350963.c13972Jul 17 23:01:47 2002be208b9e1dd0a6fba505c92d0945e63d
Solaris /bin/login remote root exploit for SPARC and x86.  Homepage: https://www.team-teso.net. By Scut. This code was abandoned in a honey pot and is published under Fair Use Law 17 U.S.C.A 107
uw-imap.c8004May 28 23:07:06 20029e109c1318dce5900a74e98a0079f70a
Imap4 prior to v2001a remote exploit for Linux. Requires user account, includes offsets for Slackware 7.1 and Redhat 7.2. By Christophe "korty" Bailleux, Kostya Kortchinsky
w00w00-AIM-2.txt7382May 7 17:35:45 200207123bd01c6abc79b2eef9d8b71c4a4e
AOL Instant Messenger (AIM) contains a buffer overflow in the code that is responsible for parsing requests to run external applications. The overflow can be used to remotely penetrate a system and it is not possible to block these requests in the AIM client. No client side fix is currently available.  Homepage: http://www.w00w00.org.  By Matt Conover, John Hennessy
iis-asp-overflow.c7306May 6 22:55:38 200222d1af31c0c413e763b4bfabde7430e0
IIS 5.0 .asp buffer overrun remote exploit which runs cmd.exe. The .asp overflow is documented in ms02-018. By Hsj.
injoin.txt7295May 14 21:42:54 2002c23bd9955e8f621398dc807e1743baa4
NMRC Advisory #21 - The inJoin Directory Server v4.0 for Solaris 2.8 has a vulnerability in the iCon admin interface listening on tcp port 1500 which allows an attacker with the correct username and password to read any file accessible to the ids user. Exploit URLs included. Fix available here.  Homepage: http://www.nmrc.org. By Cyberiad
ie.css.txt5114May 19 22:09:44 20020b3468fe4df00c7606a7d7ecba08faf7
IE 6sp1 for Windows 2000 and 98 has bugs in the showModalDialog and showModelessDialog methods of displaying dialog boxes which can be used to execute arbitrary commands. Most unpatched IE and Outook installations are vulnerable. Online demonstration exploit here. Partly patched by MS02-023, but IE 5.5 and 5.0 are still vulnerable.  Homepage: http://jscript.dk/unpatched. By Thor Larholm
wolfmail.cgi.txt4658May 12 18:47:00 20024dc284e013f1ea74e1cf545eaf08b528
WolfMail.cgi, a script that works similarly to formmail.cgi, allows users to send mail via a web interface. The configuration for WolfMail.cgi is not internally hardcoded but is passed via parameters in html input statements allowing any user to send fake mail.  Homepage: http://www.advknowledge.net. By Dead Beat
fd_openbsd.c3291May 9 23:11:12 200271e8d4f9d9897554f0d7ad1d4e8f096f
Local root exploit for OpenBSD up to 3.1 which takes advantage of the fd race and skeyaudit binary.  Homepage: http://www.dmpfrance.com. By Fozzy
servletexec-4.1.txt2764May 23 22:13:05 2002f082e55bfd5b5972b2fd9e2bf27cbdfc
NewAtlanta ServletExec ISAPI v4.1 contains three vulnerabilities. Remote users can read any file in the webroot, crash the server, and display the physical path of the web root. Patch available here.  Homepage: http://www.westpoint.ltd.uk. By Matt Moore
cURL-remote-LNX.pl2745May 10 00:20:52 20026f87b51db3d1aed1909d7807b92ba901
Remote linux cURL exploit for versions 6.1 - 7.3. More info available here.  Homepage: http://www.safemode.org.  By zillion
cURL-remote-FBSD.pl2572May 10 00:21:48 20024049de1a59e4a9420e508eaab09daeb4
Remote FreeBSD cURL exploit for versions 6.1 - 7.3. More info available here.  Homepage: http://www.safemode.org.  By zillion
war-ftpd-bof.pl2473May 28 22:49:56 20022f1e9c047c0f8fbc01c0fa7aaf0705c7
WarFTPd v1.65 for Win2k remote buffer overflow exploit in win32 perl. Included shellcode pops up a message box. By Kago
sendmail-flock-sploi..>1983May 25 10:59:23 20027cee23161ef73a980d225d0f55c73258
Local exploit for the Sendmail 8.12.3 and below flock denial of service vulnerability.  Homepage: http://www.safemode.org.  By Zillion

 
 
Privacy Statement