Section: .. / 0306-exploits /

Page 1 of 2
<< 1 2 >> Files 1 - 25 of 42

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	0306-exploits.tgz
Description:	Packet Storm new exploits for June, 2003.
File Size:	103237
Last Modified:	Aug 28 03:54:22 2003
MD5 Checksum:	ac9f4f68ae6eef059db7338a6c6fcb34

/// File Name:	bazarr-unsencored-episode-3.c
Description:	Local exploit for E-term that escalates privileges to gid utmp via insufficient bounds checking performed on an environment variable that is copied into an internal memory buffer.
Author:	bazarr
Homepage:	http://geocities.com/rrazab
File Size:	30577
Last Modified:	Jun 13 04:54:29 2003
MD5 Checksum:	5dc7dad0fe0bd40dc28da3450025370c

/// File Name:	THCsql.zip
Description:	THCsql exploits the vulnerability in MSSQL OpenDataSource function found by David Litchfield in June of 2002. Tested on Windows 2000 Server SP2 with SQLservers SP0 and SP2.
Author:	Johnny Cyberpunk
Homepage:	http://www.thc.org
File Size:	15013
Last Modified:	Jun 4 04:32:34 2003
MD5 Checksum:	06f81199da422c87a084529cf2127583

/// File Name:	0x82-GNATS_sux.c
Description:	Local root exploit against GNATS v3.113.x that makes use of a heap based environment variable overflow vulnerability.
Author:	Xpl017Elz
Homepage:	http://www.inetcop.org
Related File:	INetCop.GNATS.txt
File Size:	11619
Last Modified:	Jun 22 02:03:13 2003
MD5 Checksum:	c433613d79f8fd6493b48c10d8b30e3f

/// File Name:	atftpdx.c
Description:	Proof of concept remote root exploit for atftpd version 0.6. Makes use of the filename overflow found by Rick Patel. Related post here. Tested against Debian 3.0.
Author:	gunzip
File Size:	10175
Last Modified:	Jun 11 07:11:28 2003
MD5 Checksum:	3b0c2689d61a4f537485d01ed45b9bbb

/// File Name:	linux-wb.c
Description:	The ntdll.dll remote exploit through WebDAV that was originally written by kralor. This version is ported to Linux by Dotcom.
File Size:	9219
Last Modified:	Jun 14 21:28:31 2003
MD5 Checksum:	d2db38f58f501400802f8f52b91a7108

/// File Name:	bazarr-episode-4.c
Description:	Local root exploit for XaoS that makes use of a specially crafted command line -language argument to cause it to execute arbitrary code.
Author:	bazarr
Homepage:	http://geocities.com/rrazab
File Size:	8085
Last Modified:	Jun 13 04:52:23 2003
MD5 Checksum:	3b12f35f26095e564fa823f5f31c5810

/// File Name:	secuniaFTP.txt
Description:	Secunia Security Advisory - The FTPServer/X FTP Server Control and COM Object v1.00.045 and v1.00.046 are vulnerable to buffer overflow that results in a denial of service and potentially can enable a remote attacker to gain access to the machine.
Author:	Carsten H. Eiram
Homepage:	http://www.secunia.com/secunia_security_advisories/
File Size:	6935
Last Modified:	Jun 29 23:42:46 2003
MD5 Checksum:	941f08cf9a416bbeab1599ebbeadaa93

/// File Name:	0x82-GNATS_own.c
Description:	Local root exploit against GNATS v3.2 that makes use of the heap overflow found in the -d switch.
Author:	Xpl017Elz
Homepage:	http://www.inetcop.org
Related File:	INetCop.GNATS.txt
File Size:	6875
Last Modified:	Jun 22 02:00:49 2003
MD5 Checksum:	39b4e56f07ade73a703b6eada24cb533

/// File Name:	mwmxploit.c
Description:	Remote format string exploit for Magic Winmail Server version 2.3. Sending a format string in the USER field during the authentication process, a remote attacker can cause the server to execute arbitrary code.
Author:	ThreaT
File Size:	6764
Last Modified:	Jun 11 08:45:15 2003
MD5 Checksum:	bc4b3a125db454c2cc7c1c8d94b2de65

/// File Name:	5HP0G1FAAC.txt
Description:	The product Mailtraq suffers from multiple vulnerabilities that range from access to files that reside outside the bounding HTML root directory through decryption of locally stored password, to a cross site scripting vulnerability in the web mail interface.
Homepage:	http://www.SecurITeam.com
File Size:	6708
Last Modified:	Jun 17 02:03:22 2003
MD5 Checksum:	9fca066da119abecff422387906ab073

/// File Name:	06.16.03.txt
Description:	iDEFENSE Security Advisory 06.16.03: The pam_wheel module of Linux-PAM uses getlogin() in an insecure manner, thereby allowing attackers to bypass certain restrictions. The pam_wheel module is often used with the su command to allow users belonging to a trusted group to utilize the command without supplying a password. The module utilizes the getlogin() function to determine the name of the currently logged in user. This name is then compared against a list of members of a trusted group as specified in the configuration file. If the trust option is enabled in the pam_wheel configuration file and the use_uid option is disabled, any local user may spoof the username returned by getlogin() and gain access to a super-user account without supplying a password.
Author:	Karol Wiesek
Homepage:	http://www.idefense.com/
File Size:	5415
Last Modified:	Jun 17 02:17:57 2003
MD5 Checksum:	ac13337671c6ada04dcb6c4a7dec904e

/// File Name:	mencari_sebuah_nama.pl
Description:	Proof of concept exploit for mnoGoSearch 3.1.20 that performs remote command execution as the webserver user id.
Author:	pokleyzz
Homepage:	http://www.scan-associates.net
Related File:	mnogosearch.txt
File Size:	4882
Last Modified:	Jun 11 06:50:01 2003
MD5 Checksum:	3ea57b0506231feae8a55fbfd3b65820

/// File Name:	gm014-ie.txt
Description:	Microsoft Internet Explorer 5.01, 5.5 and 6.0 has a parsing procedure with a flaw in it that may cause arbitrary script commands to be executed in the Local Zone. This can lead to potential arbitrary command execution, local file reading and other severe consequences.
Author:	GreyMagic Software
Homepage:	http://www.greymagic.com
File Size:	4773
Last Modified:	Jun 22 00:14:56 2003
MD5 Checksum:	94c172dcec3f389d6d6c31e555a923cd

/// File Name:	kereval.tutos.txt
Description:	Kereval Security Advisory KSA-001 - Cross Site Scripting vulnerabilities exist in Tutos 1.1 allow for hostile code execution.
Author:	Fran�ois SORIN
Homepage:	http://www.kereval.com
File Size:	4147
Last Modified:	Jun 24 07:54:45 2003
MD5 Checksum:	dfed6e294cfba88c4ce010d032e6dcdf

/// File Name:	mencari_asal_usul.pl
Description:	Proof of concept exploit for mnoGoSearch 3.2.10 that spawns a shell as the webserver user id by overflowing the tmplt variable.
Author:	pokleyzz, s0cket370
Homepage:	http://www.scan-associates.net
Related File:	mnogosearch.txt
File Size:	4000
Last Modified:	Jun 11 06:54:20 2003
MD5 Checksum:	ff1626622aef6a8e88152d7dc2cd1db5

/// File Name:	phpbb_sql.pl
Description:	Remote exploit that makes use of a SQL injection vulnerability that exists in the /viewtopic.php file in phpBB.
Author:	Rick Patel
File Size:	3941
Last Modified:	Jun 22 01:18:11 2003
MD5 Checksum:	c235a27445cb8f4acf96b74bf8858576

/// File Name:	consroot.exp
Description:	This script is used to automate escalation of normal user privileges to root making use of FORTH hacking on Sparc hardware.
Author:	Michael H.G. Schmidt
File Size:	3651
Last Modified:	Jun 22 00:08:57 2003
MD5 Checksum:	984f4ec5229ee63a42019081e311d2dd

/// File Name:	dlinkDoS.txt
Description:	D-Link routers with a firmware of 2.70 and below are vulnerable to a denial of service vulnerability providing the attacker has the ability to see the internal interface on the router. Sending a malformed URL to the syslog script will caused a DNS query. Multitudes of this query can result in a DoS and other odd forms of behavior.
Author:	chris
Homepage:	http://www.securityindex.net/
File Size:	3534
Last Modified:	Jun 3 10:14:52 2003
MD5 Checksum:	f153d7a119c458d70ebcf9389d2ae195

/// File Name:	SRT2003-06-13-1009.txt
Description:	Secure Network Operations, Inc. Advisory SRT2003-06-13-1009: Progress Database dbagent make the use of several helper .dll and .so binaries. When looking for shared object files _dbagent looks at the argument passed to the command line option "-installdir". No verification is performed upon the object that is located thus local non super users can make themselves root.
Author:	Strategic Reconnaissance Team
Homepage:	http://www.secnetops.com
File Size:	3041
Last Modified:	Jun 14 20:35:03 2003
MD5 Checksum:	75ffd907a4b009b8fbeca23d568ea778

/// File Name:	blackicepro.txt
Description:	It is possible to evade the BlackICE PC Protection IDS logging of cross site scripting attempts due to a lack of it checking HEAD, PUT, DELETE, and TRACE requests for the <script> pattern.
Author:	Marc Ruef
Homepage:	http://www.computec.ch/
File Size:	2978
Last Modified:	Jun 14 21:20:43 2003
MD5 Checksum:	506b6b9aa1ee94ea6ecdba88149c1b4b

/// File Name:	pMachine.txt
Description:	Pmachine version 2.2.1 has a fault Include() routine that allows a remote attacker to supply a malicious URL that in turn can be a script that the webserver will then execute.
Author:	Frog Man
Homepage:	http://www.frog-man.org/tutos/pMachineFree2.2.1.txt
File Size:	2956
Last Modified:	Jun 17 06:00:56 2003
MD5 Checksum:	2bb7d7139009e054217b2ecd4df0a457

/// File Name:	myserver-0.4.1.txt
Description:	MyServer 0.4.1 is vulnerable to a denial of service when a GET request with 20 forward slashes gets sent to the server.
Author:	deadbeat
File Size:	2936
Last Modified:	Jun 24 07:03:53 2003
MD5 Checksum:	f3ff412cbcda773136f7d61cd680630d

/// File Name:	p_kon.c
Description:	Local root exploit for kon version 0.3.9b-16 that makes use of a buffer overflow discovered in the -Coding switch.
Author:	pi3
Homepage:	http://www.pi3.int.pl
File Size:	2885
Last Modified:	Aug 11 18:38:59 2003
MD5 Checksum:	29737b73e64d572edabe7d3929c0b632

/// File Name:	suiddmp.c
Description:	Local root exploit that makes use of a race condition vulnerability found in the Linux execve() system call that affects the 2.4 kernel tree.
Author:	IhaQueR
File Size:	2707
Last Modified:	Jun 28 21:12:28 2003
MD5 Checksum:	4f95beb18386eb443765c00154f4bc3f