Section:  .. / 0309-exploits  /

Page 1 of 2
<< 1 2 >> Files 1 - 25 of 47
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: 0309-exploits.tgz
Description:
Packet Storm new exploits for September, 2003.
File Size:289863
Last Modified:Oct 1 18:30:31 2003
MD5 Checksum:59467f6e73e9c68cdd7add8c6a4a0c31

 ///  File Name: Mirc-USERHOST-Poc.zip
Description:
Remote MIRC proof of concept exploit that makes use of an overflow in the USERHOST reply to the mirc-client.
Author:Sylvain Descoteaux
File Size:165320
Last Modified:Sep 25 05:28:19 2003
MD5 Checksum:0c6308f424c2487217ea6a89f381c512

 ///  File Name: sorpine.c
Description:
Remote Pine exploit for versions 4.56 and below. Makes use of a vulnerability discussed here.Binds a shell to port 6682. Written for Slackware 8.0, 8.1, and 9.0 and works for RedHat as well.
Author:sorbo
Homepage:http://www.darkircop.org
File Size:20847
Last Modified:Sep 16 21:37:14 2003
MD5 Checksum:f9e9118421a2a9d7c0f6da00eb98f949

 ///  File Name: rpcHeap.txt
Description:
A detailed analysis and exploitation of the RPC Long Filename heap overflow found in the CoGetInstanceFromFile API that was originally discovered by NSFOCUS.
Author:Flashsky
Homepage:http://www.xfocus.net
Related File:sa2003-06.txt
File Size:20562
Related CVE(s):CAN-2003-0528
Last Modified:Sep 21 21:22:06 2003
MD5 Checksum:0c78799bf2460199a346ad31c4598e7d

 ///  File Name: xmpg123.c
Description:
mpg123 v0.59r and 0.59s remote client-side heap corruption exploit that makes use of the overflow found in the readstring() function of httpget.c which does not limit the amount of data written to a buffer.
Author:vade79
File Size:20282
Last Modified:Sep 23 17:54:22 2003
MD5 Checksum:578765a85ce61b5cbc41aa2541e2d7dc

 ///  File Name: word.zip
Description:
Exploit that makes use of the Microsoft Word WordPerfect document converter which has been found vulnerable to a buffer overflow when a malicious .doc file is opened.
Author:valgasu
Homepage:http://valgasu.rstack.org/
Related File:mswordcon.txt
File Size:19944
Last Modified:Sep 6 03:32:20 2003
MD5 Checksum:19134e503acc53ad924e617d58add3f7

 ///  File Name: MS03-039-linux.c
Description:
Remote Windows exploit for the RPC DCOM long filename heap overflow discovered by NSFOCUS.
Author:ey4s. This version was ported to Linux by nulluid.
Related File:sa2003-06.txt
File Size:13641
Last Modified:Sep 18 20:31:36 2003
MD5 Checksum:bc05567626bebd91b9ea3c9844b4a56a

 ///  File Name: 09.16.MS03-039-exp.c
Description:
Remote Windows exploit for the RPC DCOM long filename heap overflow discovered by NSFOCUS.
Author:ey4s
Related File:sa2003-06.txt
File Size:13143
Last Modified:Sep 16 23:53:46 2003
MD5 Checksum:914d1c99e072cfb536a6d00fd8a75d8a

 ///  File Name: rootdown.pl
Description:
Remote exploit for Solaris that only requires a single UDP packet to the sadmind service to execute commands.
Author:H D Moore
Homepage:http://www.metasploit.com/
Related File:09.16.03.txt
File Size:12406
Last Modified:Sep 19 00:51:29 2003
MD5 Checksum:866bc503fccd155f0a660998fd1ee863

 ///  File Name: atphttp0x06.c
Description:
Remote exploit for atphttpd version 0.4b and below on Linux x86 that binds a shell to port 65535. Tested against Debian 3.0 and RedHat 8.0.
Author:r-code
File Size:9954
Last Modified:Sep 25 23:58:20 2003
MD5 Checksum:12201535f967d9970d38c353615b22a4

 ///  File Name: mounty.c
Description:
Remote root exploit for rpc.mountd that makes use of the xlog off-by-one vulnerability discussed here.
Author:newroot
Homepage:http://www.newroot.de
File Size:9448
Last Modified:Sep 17 18:30:54 2003
MD5 Checksum:eb911a8a195173435b059a49e159a2a7

 ///  File Name: geeklog2.txt
Description:
Geeklog versions 2.x and below are susceptible to cross site scripting vulnerabilities and various SQL injection attacks.
Author:Lorenzo Hernandez Garcia-Hierro
Homepage:http://security.novappc.com
File Size:9088
Last Modified:Sep 29 20:18:03 2003
MD5 Checksum:5e292ac0ff2be42ecabd916e479a3305

 ///  File Name: 09.14.mysql.c
Description:
Remote exploit for Mysql 3.x versions 3.23.56 and Mysql 4.x versions below 4.0.15. More information available here.
Author:Bkbll
File Size:8867
Related CVE(s):CAN-2003-0780
Last Modified:Sep 16 22:04:40 2003
MD5 Checksum:6db4d9e49e4882f5622fd5b59932596c

 ///  File Name: sp-myserver.c
Description:
Remote denial of service exploit for MyServer 0.4.3.
Author:badpack3t
Homepage:http://www.security-protocols.com
Related File:myserver.txt
File Size:8268
Last Modified:Sep 10 02:21:13 2003
MD5 Checksum:26fe6f995a2b40b213a0a7f660d0d2b5

 ///  File Name: lsh_exploit.c
Description:
Remote exploit for lsh 1.4.x that makes use of a boundary error in read_line.c when checking for errors. Spawns a bindshell on port 45295.
Author:Haggis aka Carl Livitt.
File Size:8179
Last Modified:Sep 23 17:22:37 2003
MD5 Checksum:60a9d09b21839048217308ccd3cf3dd4

 ///  File Name: 4DWS_ftp.c
Description:
4D WebSTAR FTP server suite version 5.3.1 remote exploit that binds a shell to port 6969 as the uid running the server. This exploit makes use of the pre-authentication buffer overflow that exists in the login mechanism of the WebSTAR FTP service.
Author:B-r00t
Homepage:http://doris.scriptkiddie.net
File Size:8046
Last Modified:Sep 13 09:02:47 2003
MD5 Checksum:7456e23cbadbcbea96645ab9eee368c0

 ///  File Name: cfengine.c
Description:
Remote exploit for Cfengine versions 2.-2.0.3 that makes use of a stack overflow discussed here. Binds a shell to port 26112. Tested against RedHat.
Author:jsk
File Size:8044
Last Modified:Sep 29 20:14:22 2003
MD5 Checksum:cc32ba54fe67a178fcd9b423342f3643

 ///  File Name: rp9-priv-esc.c
Description:
RealOne Player 9 exploit for Unix/Linux that escalates privileges to the person using the utility by taking advantage of group write permissions on user configuration files.
Author:Jon Hart
File Size:6183
Last Modified:Sep 11 08:14:45 2003
MD5 Checksum:4445831b67a74340eaffa17ee24060b4

 ///  File Name: augustiner.c
Description:
Denial of service exploit for Microsoft Windows 98 that floods UDP traffic to random destination ports causing the system to lock up.
Author:Warlord
Homepage:http://www.nologin.org
File Size:6171
Last Modified:Sep 9 05:19:52 2003
MD5 Checksum:e282c1433fab2315b14f50153e017834

 ///  File Name: shatterSEH3.txt
Description:
Version three of this paper discussing more shatter attacks that are possible using progress bars. Related information available here.
Author:Brett Moore
Homepage:http://www.security-assessment.com
File Size:5578
Last Modified:Sep 29 20:31:32 2003
MD5 Checksum:1135794bd92aa08169c33e449387a87c

 ///  File Name: dbabble.txt
Description:
DBabble 2.5i suffers from cross site scripting issues that can lead to cookie hijacking.
Author:dr_insane
Homepage:http://members.lycos.co.uk/r34ct/
File Size:5399
Last Modified:Sep 18 20:54:25 2003
MD5 Checksum:d7bd98900757ac09369e6a2ae7509dfe

 ///  File Name: netris-shash.c
Description:
Remote exploit for netris version 0.5 on RedHat 8.0 that makes use of a buffer overflow vulnerability where a client connecting to an untrusted netris server could be sent an unusually long data packet, which would be copied into a fixed-length buffer without bounds checking.
Author:Shashank Pandey
File Size:5241
Last Modified:Sep 21 21:06:28 2003
MD5 Checksum:b41e303ebc81036b1621bb7f2266048b

 ///  File Name: bazooka_penaka.pl
Description:
Proof of concept remote exploit for Foxweb 2.5 on Microsoft Windows that achieves access of the web server user id and makes use of a buffer overflow found in the PATH_INFO variable in foxweb.dll.
Author:pokleyzz
Homepage:http://www.scan-associates.net
File Size:4771
Last Modified:Sep 6 02:46:22 2003
MD5 Checksum:c3599adf8b5c36ef30b4eb85ff7a6773

 ///  File Name: pandpdos.txt
Description:
The Plug and Play Web Server version 1.0002c is susceptible to multiple buffer overflow attacks that cause the server to crash.
Author:Bahaa Naamneh
Homepage:http://www.bsecurity.tk
File Size:4014
Last Modified:Sep 18 23:20:56 2003
MD5 Checksum:3ad96e586456835afc357813677d3683

 ///  File Name: TEXONET-20030902.txt
Description:
Texonet Security Advisory 20030902 - SCO OpenServer / Internet Manager (mana) versions 5.0.5 to 5.0.7 are susceptible to escalating a local attacker's privileges due to being tricked into executing the environment variable REMOTE_ADDR when it is set.
Homepage:http://www.texonet.com/
File Size:3991
Last Modified:Sep 16 23:45:03 2003
MD5 Checksum:e110cec39a0883d80e796ab5fd06d804