.:[packet storm]:.
 

 
 
about | forums | assessment | defense | papers | magazines | miscellaneous | links


To change sort order, click on the category. Sorted By: Last Modified.
.: exploits for may, 2001
File Name File Size Last Modified MD5 Checksum
0105-exploits.tgz44771Jun 4 2001 16:26:27c5aff02f19eb6b0d6609b6f1a24ed2fb
Packet Storm new exploits for May, 2001.
gnupig.tar.gz9174May 31 2001 16:23:054ae22f44dab20051a933aea3d72d5f12
Gnupig is an advisory and exploit for the Gnupg v1.0.5 format string vulnerability which creates an encrypted file which executes code when it is decrypted.  Homepage: http://gibson.analog.org. By Fish Stiqz
requiem.c1426May 30 2001 17:28:478b18048ace7a6f4ea409fa5848415264
HP/UX local exploit for /opt/OV/bin/ecsd.  Homepage: http://www.idiotbox.co.il. By Sagi
cool23115May 30 2001 16:07:14964b2c769f3959df27d30da320cb6260
Cool2 is a perl script which checks a list of hosts for IIS servers which are vulnerable to the decode bug and the old unicode bug. By Renato Turini
scx-sa-20.txt3223May 30 2001 13:29:043701c3ea0da5d59d6240277e61e3cf52
Securax Security Advisory #20 - The 1st Up Mail Server version 4.1.6a and below contains a remote denial of service vulnerability. Fix available here.  Homepage: http://securax.org. By Incubus
omnised.pl1190May 30 2001 13:18:32c7e9d7db73478899dc769bed4cf3135f
Omnised.pl is an exploit for Omnihttpd v2.08 for Windows 98/me/nt/2000 which lets you dump the source of php perl and other files to a txt file. These files may contain passwords.  Homepage: http://www.dutchriot.com. By Speedy
xchat.c6442May 25 2001 15:34:194f9aa0075b3dc87c65ead96a596e4d0f
X-Chat v1.2.x format string bug exploit. Tested against x-chat v1.2.1 on Slackware 7.1.  Homepage: http://www.crosswinds.net/~xorteam. By Sector X
decodecgi.pl960May 23 2001 17:01:572fb4ce29a3e87d13e39e916a92bc2e1c
This little piece of perl code tries to exploit the double decoding BUG on IIS 4 & 5. By **W**
LinkMax.txt2088May 23 2001 16:23:115e10bd2bcfb053e79270c5e564cf78b9
The WebAvail LinkMax2 (ASP) allows website visitors to view the LinkMax2 admin login and password. Fix included. By Vertigo
dqsexp.c3504May 21 2001 15:35:0261b0cbcbff2ae657e2cd27c9c7e8b137
DQS package v3.2.7 (/usr/bin/dsh) local root exploit. Tested against SuSE 6.3, 6.4, and 7.0.  Homepage: http://www.raza-mexicana.org. By Dex
execiis.c2291May 17 2001 14:13:12fe57bb8fe16ba0322fd1c95a75df5270
Execiis.c is a remote exploit for Bugtraq ID 2708 - Microsoft IIS CGI filename decode error.  Homepage: http://vorlon.hexyn.be. By Filip Maertens
sensedecode.tgz2140May 17 2001 14:09:1286d5e3c61e31daab59964869741639e5
Sensedecode.tgz includes 2 perl scripts which exploit the IIS url decoding bug. Decodecheck.pl checks for hosts that have the "decode" problem, and decodexecute executes code using the decoding problem, with redirection.  Homepage: http://www.sensepost.com. By Roelof W Temmingh
sa2001_02.txt4809May 17 2001 13:39:452a33a193bcb02b7e958beb9a0beca3d2
NSFOCUS Security Advisory SA2001-02 - The nsfocus team has found a vulnerability in filename processing of CGI program in MS IIS4.0/5.0, as discussed in ms01-026. CGI filename is decoded twice by error. Exploitation of this vulnerability leads to intruders being able to run arbitrary system commands with IUSER_machinename account privilege. Exploit URL's included.  Homepage: http://www.nsfocus.com.
webcgi98.txt1263May 17 2001 12:56:413d0b31a89bc866be6e1cdac15eb759db
Acadsoft's webcgi98.exe displays the full path to the binary in an error message. By Xbud
sol8_mailx.c2899May 8 2001 15:49:26520e42332e0f23e523bc15a68ef0be5b
/usr/bin/mailx local buffer overflow exploit. Gives gid=mail shell. Tested against Solaris 8. By Nemes||y
rdC-cfingerd.c13001May 8 2001 15:24:252c8c5b4b13dedbf6ebdf17665491a0a0
Cfingerd prior to v1.4.3 remote root exploit for linux/x86. Exploits a format string vulnerability in the syslog() call.  Homepage: http://www.rdcrew.com.ar. By Venomous
jill.c7743May 7 2001 16:40:1793cdeb0e038d60f38995346576863811
Jill.c (fixed version) is a remote exploit for the IIS 5.0 / Windows 2000 remote .printer overflow. Spawns a reverse cmd shell. By Dark Spyrit
fingex.pl7561May 3 2001 14:47:0724019c08c3dedc1545ebecd7ef99cf5b
Cfingerd prior to v1.4.2 remote root exploit - Takes advantage of the syslog format string bug. Tested on Debian 2.1 and 2.2. By Lez
ronin.c1802May 3 2001 14:43:38d9fb736181b3c5e40177affa5cbef7d8
Ronin.c is a FreeBSD-4.2 remote root exploit. Requires user access and a writable home directory without chroot. By Styx
g6-dos.txt371May 3 2001 14:26:22d75e83b84d93a14de68bc4d6112b2c82
The G6 FTP server v2.00 freezes if told to create a directory "COM1", "COM2", "COM3" or "COM4". By G_Kos
iishack2000.c8145May 2 2001 19:18:50f0bd495ec1eb2791ff66258da26512d1
Windows 2000 / IIS 5.0 sp0 + sp1 remote exploit. Overflows the Host: header of the isapi .printer extension. The included shellcode creates a file in the root drive of c:\ which contains instructions on how to patch your vulnerable server. Compiles on Windows, linux, and *bsd.  Homepage: http://www.eeye.com. By Ryan Permeh
webexplt.pl1544May 2 2001 18:48:01d6ddc1ed29d70f3955e46b0fa7785df1
Windows 2000 / IIS 5.0 + SP1 Internet Printing Protocol vulnerability test. Causes a memory leak and reports whether or not the remote site is vulnerable, but does not contain shellcode. By Wanderley

 
 
Privacy Statement