File Name |
File Size |
Last Modified |
MD5 Checksum |
0105-exploits.tgz | 44771 | Jun 4 2001 16:26:27 | c5aff02f19eb6b0d6609b6f1a24ed2fb |
Packet Storm new exploits for May, 2001. |
gnupig.tar.gz | 9174 | May 31 2001 16:23:05 | 4ae22f44dab20051a933aea3d72d5f12 |
Gnupig is an advisory and exploit for the Gnupg v1.0.5 format string vulnerability which creates an encrypted file which executes code when it is decrypted. Homepage: http://gibson.analog.org. By Fish Stiqz |
requiem.c | 1426 | May 30 2001 17:28:47 | 8b18048ace7a6f4ea409fa5848415264 |
HP/UX local exploit for /opt/OV/bin/ecsd. Homepage: http://www.idiotbox.co.il. By Sagi |
cool2 | 3115 | May 30 2001 16:07:14 | 964b2c769f3959df27d30da320cb6260 |
Cool2 is a perl script which checks a list of hosts for IIS servers which are vulnerable to the decode bug and the old unicode bug. By Renato Turini |
scx-sa-20.txt | 3223 | May 30 2001 13:29:04 | 3701c3ea0da5d59d6240277e61e3cf52 |
Securax Security Advisory #20 - The 1st Up Mail Server version 4.1.6a and below contains a remote denial of service vulnerability. Fix available here. Homepage: http://securax.org. By Incubus |
omnised.pl | 1190 | May 30 2001 13:18:32 | c7e9d7db73478899dc769bed4cf3135f |
Omnised.pl is an exploit for Omnihttpd v2.08 for Windows 98/me/nt/2000 which lets you dump the source of php perl and other files to a txt file. These files may contain passwords. Homepage: http://www.dutchriot.com. By Speedy |
xchat.c | 6442 | May 25 2001 15:34:19 | 4f9aa0075b3dc87c65ead96a596e4d0f |
X-Chat v1.2.x format string bug exploit. Tested against x-chat v1.2.1 on Slackware 7.1. Homepage: http://www.crosswinds.net/~xorteam. By Sector X |
decodecgi.pl | 960 | May 23 2001 17:01:57 | 2fb4ce29a3e87d13e39e916a92bc2e1c |
This little piece of perl code tries to exploit the double decoding BUG on IIS 4 & 5. By **W** |
LinkMax.txt | 2088 | May 23 2001 16:23:11 | 5e10bd2bcfb053e79270c5e564cf78b9 |
The WebAvail LinkMax2 (ASP) allows website visitors to view the LinkMax2 admin login and password. Fix included. By Vertigo |
dqsexp.c | 3504 | May 21 2001 15:35:02 | 61b0cbcbff2ae657e2cd27c9c7e8b137 |
DQS package v3.2.7 (/usr/bin/dsh) local root exploit. Tested against SuSE 6.3, 6.4, and 7.0. Homepage: http://www.raza-mexicana.org. By Dex |
execiis.c | 2291 | May 17 2001 14:13:12 | fe57bb8fe16ba0322fd1c95a75df5270 |
Execiis.c is a remote exploit for Bugtraq ID 2708 - Microsoft IIS CGI filename decode error. Homepage: http://vorlon.hexyn.be. By Filip Maertens |
sensedecode.tgz | 2140 | May 17 2001 14:09:12 | 86d5e3c61e31daab59964869741639e5 |
Sensedecode.tgz includes 2 perl scripts which exploit the IIS url decoding bug. Decodecheck.pl checks for hosts that have the "decode" problem, and decodexecute executes code using the decoding problem, with redirection. Homepage: http://www.sensepost.com. By Roelof W Temmingh |
sa2001_02.txt | 4809 | May 17 2001 13:39:45 | 2a33a193bcb02b7e958beb9a0beca3d2 |
NSFOCUS Security Advisory SA2001-02 - The nsfocus team has found a vulnerability in filename processing of CGI program in MS IIS4.0/5.0, as discussed in ms01-026. CGI filename is decoded twice by error. Exploitation of this vulnerability leads to intruders being able to run arbitrary system commands with IUSER_machinename account privilege. Exploit URL's included. Homepage: http://www.nsfocus.com. |
webcgi98.txt | 1263 | May 17 2001 12:56:41 | 3d0b31a89bc866be6e1cdac15eb759db |
Acadsoft's webcgi98.exe displays the full path to the binary in an error message. By Xbud |
sol8_mailx.c | 2899 | May 8 2001 15:49:26 | 520e42332e0f23e523bc15a68ef0be5b |
/usr/bin/mailx local buffer overflow exploit. Gives gid=mail shell. Tested against Solaris 8. By Nemes||y |
rdC-cfingerd.c | 13001 | May 8 2001 15:24:25 | 2c8c5b4b13dedbf6ebdf17665491a0a0 |
Cfingerd prior to v1.4.3 remote root exploit for linux/x86. Exploits a format string vulnerability in the syslog() call. Homepage: http://www.rdcrew.com.ar. By Venomous |
jill.c | 7743 | May 7 2001 16:40:17 | 93cdeb0e038d60f38995346576863811 |
Jill.c (fixed version) is a remote exploit for the IIS 5.0 / Windows 2000 remote .printer overflow. Spawns a reverse cmd shell. By Dark Spyrit |
fingex.pl | 7561 | May 3 2001 14:47:07 | 24019c08c3dedc1545ebecd7ef99cf5b |
Cfingerd prior to v1.4.2 remote root exploit - Takes advantage of the syslog format string bug. Tested on Debian 2.1 and 2.2. By Lez |
ronin.c | 1802 | May 3 2001 14:43:38 | d9fb736181b3c5e40177affa5cbef7d8 |
Ronin.c is a FreeBSD-4.2 remote root exploit. Requires user access and a writable home directory without chroot. By Styx |
g6-dos.txt | 371 | May 3 2001 14:26:22 | d75e83b84d93a14de68bc4d6112b2c82 |
The G6 FTP server v2.00 freezes if told to create a directory "COM1", "COM2", "COM3" or "COM4". By G_Kos |
iishack2000.c | 8145 | May 2 2001 19:18:50 | f0bd495ec1eb2791ff66258da26512d1 |
Windows 2000 / IIS 5.0 sp0 + sp1 remote exploit. Overflows the Host: header of the isapi .printer extension. The included shellcode creates a file in the root drive of c:\ which contains instructions on how to patch your vulnerable server. Compiles on Windows, linux, and *bsd. Homepage: http://www.eeye.com. By Ryan Permeh |
webexplt.pl | 1544 | May 2 2001 18:48:01 | d6ddc1ed29d70f3955e46b0fa7785df1 |
Windows 2000 / IIS 5.0 + SP1 Internet Printing Protocol vulnerability test. Causes a memory leak and reports whether or not the remote site is vulnerable, but does not contain shellcode. By Wanderley |