.:[packet storm]:.
 

 
 
about | forums | assessment | defense | papers | magazines | miscellaneous | links


.: Exploits for May, 2001
Some of these exploits are from Bugtraq

To Change Sort Order, Click On A Category.
Sorted By: Downloads.

File Name Downloads File Size Last Modified MD5 Checksum
sol8_mailx.c2899May 8 15:49:26 2001 520e42332e0f23e523bc15a68ef0be5b
/usr/bin/mailx local buffer overflow exploit. Gives gid=mail shell. Tested against Solaris 8. By Nemes||y
LinkMax.txt2088May 23 16:23:11 2001 5e10bd2bcfb053e79270c5e564cf78b9
The WebAvail LinkMax2 (ASP) allows website visitors to view the LinkMax2 admin login and password. Fix included. By Vertigo
fingex.pl7561May 3 14:47:07 2001 24019c08c3dedc1545ebecd7ef99cf5b
Cfingerd prior to v1.4.2 remote root exploit - Takes advantage of the syslog format string bug. Tested on Debian 2.1 and 2.2. By Lez
scx-sa-20.txt3223May 30 13:29:04 2001 3701c3ea0da5d59d6240277e61e3cf52
Securax Security Advisory #20 - The 1st Up Mail Server version 4.1.6a and below contains a remote denial of service vulnerability. Fix available here.  Homepage: http://securax.org. By Incubus
cool23115May 30 16:07:14 2001 964b2c769f3959df27d30da320cb6260
Cool2 is a perl script which checks a list of hosts for IIS servers which are vulnerable to the decode bug and the old unicode bug. By Renato Turini
jill.c7743May 7 16:40:17 2001 93cdeb0e038d60f38995346576863811
Jill.c (fixed version) is a remote exploit for the IIS 5.0 / Windows 2000 remote .printer overflow. Spawns a reverse cmd shell. By Dark Spyrit
sensedecode.tgz2140May 17 14:09:12 2001 86d5e3c61e31daab59964869741639e5
Sensedecode.tgz includes 2 perl scripts which exploit the IIS url decoding bug. Decodecheck.pl checks for hosts that have the "decode" problem, and decodexecute executes code using the decoding problem, with redirection.  Homepage: http://www.sensepost.com. By Roelof W Temmingh
dqsexp.c3504May 21 15:35:02 2001 61b0cbcbff2ae657e2cd27c9c7e8b137
DQS package v3.2.7 (/usr/bin/dsh) local root exploit. Tested against SuSE 6.3, 6.4, and 7.0.  Homepage: http://www.raza-mexicana.org. By Dex
requiem.c1426May 30 17:28:47 2001 8b18048ace7a6f4ea409fa5848415264
HP/UX local exploit for /opt/OV/bin/ecsd.  Homepage: http://www.idiotbox.co.il. By Sagi
gnupig.tar.gz9174May 31 16:23:05 2001 4ae22f44dab20051a933aea3d72d5f12
Gnupig is an advisory and exploit for the Gnupg v1.0.5 format string vulnerability which creates an encrypted file which executes code when it is decrypted.  Homepage: http://gibson.analog.org. By Fish Stiqz
xchat.c6442May 25 15:34:19 2001 4f9aa0075b3dc87c65ead96a596e4d0f
X-Chat v1.2.x format string bug exploit. Tested against x-chat v1.2.1 on Slackware 7.1.  Homepage: http://www.crosswinds.net/~xorteam. By Sector X
webcgi98.txt1263May 17 12:56:41 2001 3d0b31a89bc866be6e1cdac15eb759db
Acadsoft's webcgi98.exe displays the full path to the binary in an error message. By Xbud
rdC-cfingerd.c13001May 8 15:24:25 2001 2c8c5b4b13dedbf6ebdf17665491a0a0
Cfingerd prior to v1.4.3 remote root exploit for linux/x86. Exploits a format string vulnerability in the syslog() call.  Homepage: http://www.rdcrew.com.ar. By Venomous
decodecgi.pl960May 23 17:01:57 2001 2fb4ce29a3e87d13e39e916a92bc2e1c
This little piece of perl code tries to exploit the double decoding BUG on IIS 4 & 5. By **W**
sa2001_02.txt4809May 17 13:39:45 2001 2a33a193bcb02b7e958beb9a0beca3d2
NSFOCUS Security Advisory SA2001-02 - The nsfocus team has found a vulnerability in filename processing of CGI program in MS IIS4.0/5.0, as discussed in ms01-026. CGI filename is decoded twice by error. Exploitation of this vulnerability leads to intruders being able to run arbitrary system commands with IUSER_machinename account privilege. Exploit URL's included.  Homepage: http://www.nsfocus.com.
omnised.pl1190May 30 13:18:32 2001 c7e9d7db73478899dc769bed4cf3135f
Omnised.pl is an exploit for Omnihttpd v2.08 for Windows 98/me/nt/2000 which lets you dump the source of php perl and other files to a txt file. These files may contain passwords.  Homepage: http://www.dutchriot.com. By Speedy
ronin.c1802May 3 14:43:38 2001 d9fb736181b3c5e40177affa5cbef7d8
Ronin.c is a FreeBSD-4.2 remote root exploit. Requires user access and a writable home directory without chroot. By Styx
0105-exploits.tgz44771Jun 4 16:26:27 2001 c5aff02f19eb6b0d6609b6f1a24ed2fb
Packet Storm new exploits for May, 2001.
iishack2000.c8145May 2 19:18:50 2001 f0bd495ec1eb2791ff66258da26512d1
Windows 2000 / IIS 5.0 sp0 + sp1 remote exploit. Overflows the Host: header of the isapi .printer extension. The included shellcode creates a file in the root drive of c:\ which contains instructions on how to patch your vulnerable server. Compiles on Windows, linux, and *bsd.  Homepage: http://www.eeye.com. By Ryan Permeh
execiis.c2291May 17 14:13:12 2001 fe57bb8fe16ba0322fd1c95a75df5270
Execiis.c is a remote exploit for Bugtraq ID 2708 - Microsoft IIS CGI filename decode error.  Homepage: http://vorlon.hexyn.be. By Filip Maertens
g6-dos.txt371May 3 14:26:22 2001 d75e83b84d93a14de68bc4d6112b2c82
The G6 FTP server v2.00 freezes if told to create a directory "COM1", "COM2", "COM3" or "COM4". By G_Kos
webexplt.pl1544May 2 18:48:01 2001 d6ddc1ed29d70f3955e46b0fa7785df1
Windows 2000 / IIS 5.0 + SP1 Internet Printing Protocol vulnerability test. Causes a memory leak and reports whether or not the remote site is vulnerable, but does not contain shellcode. By Wanderley
 
 
Privacy Statement