| File Name |
File Size |
Last Modified |
MD5 Checksum |
| 0105-exploits.tgz | 44771 | Jun 4 16:26:27 2001 | c5aff02f19eb6b0d6609b6f1a24ed2fb |
| Packet Storm new exploits for May, 2001. |
| rdC-cfingerd.c | 13001 | May 8 15:24:25 2001 | 2c8c5b4b13dedbf6ebdf17665491a0a0 |
| Cfingerd prior to v1.4.3 remote root exploit for linux/x86. Exploits a format string vulnerability in the syslog() call. Homepage: http://www.rdcrew.com.ar. By Venomous |
| gnupig.tar.gz | 9174 | May 31 16:23:05 2001 | 4ae22f44dab20051a933aea3d72d5f12 |
| Gnupig is an advisory and exploit for the Gnupg v1.0.5 format string vulnerability which creates an encrypted file which executes code when it is decrypted. Homepage: http://gibson.analog.org. By Fish Stiqz |
| iishack2000.c | 8145 | May 2 19:18:50 2001 | f0bd495ec1eb2791ff66258da26512d1 |
| Windows 2000 / IIS 5.0 sp0 + sp1 remote exploit. Overflows the Host: header of the isapi .printer extension. The included shellcode creates a file in the root drive of c:\ which contains instructions on how to patch your vulnerable server. Compiles on Windows, linux, and *bsd. Homepage: http://www.eeye.com. By Ryan Permeh |
| jill.c | 7743 | May 7 16:40:17 2001 | 93cdeb0e038d60f38995346576863811 |
| Jill.c (fixed version) is a remote exploit for the IIS 5.0 / Windows 2000 remote .printer overflow. Spawns a reverse cmd shell. By Dark Spyrit |
| fingex.pl | 7561 | May 3 14:47:07 2001 | 24019c08c3dedc1545ebecd7ef99cf5b |
| Cfingerd prior to v1.4.2 remote root exploit - Takes advantage of the syslog format string bug. Tested on Debian 2.1 and 2.2. By Lez |
| xchat.c | 6442 | May 25 15:34:19 2001 | 4f9aa0075b3dc87c65ead96a596e4d0f |
| X-Chat v1.2.x format string bug exploit. Tested against x-chat v1.2.1 on Slackware 7.1. Homepage: http://www.crosswinds.net/~xorteam. By Sector X |
| sa2001_02.txt | 4809 | May 17 13:39:45 2001 | 2a33a193bcb02b7e958beb9a0beca3d2 |
| NSFOCUS Security Advisory SA2001-02 - The nsfocus team has found a vulnerability in filename processing of CGI program in MS IIS4.0/5.0, as discussed in ms01-026. CGI filename is decoded twice by error. Exploitation of this vulnerability leads to intruders being able to run arbitrary system commands with IUSER_machinename account privilege. Exploit URL's included. Homepage: http://www.nsfocus.com. |
| dqsexp.c | 3504 | May 21 15:35:02 2001 | 61b0cbcbff2ae657e2cd27c9c7e8b137 |
| DQS package v3.2.7 (/usr/bin/dsh) local root exploit. Tested against SuSE 6.3, 6.4, and 7.0. Homepage: http://www.raza-mexicana.org. By Dex |
| scx-sa-20.txt | 3223 | May 30 13:29:04 2001 | 3701c3ea0da5d59d6240277e61e3cf52 |
| Securax Security Advisory #20 - The 1st Up Mail Server version 4.1.6a and below contains a remote denial of service vulnerability. Fix available here. Homepage: http://securax.org. By Incubus |
| cool2 | 3115 | May 30 16:07:14 2001 | 964b2c769f3959df27d30da320cb6260 |
| Cool2 is a perl script which checks a list of hosts for IIS servers which are vulnerable to the decode bug and the old unicode bug. By Renato Turini |
| sol8_mailx.c | 2899 | May 8 15:49:26 2001 | 520e42332e0f23e523bc15a68ef0be5b |
| /usr/bin/mailx local buffer overflow exploit. Gives gid=mail shell. Tested against Solaris 8. By Nemes||y |
| execiis.c | 2291 | May 17 14:13:12 2001 | fe57bb8fe16ba0322fd1c95a75df5270 |
| Execiis.c is a remote exploit for Bugtraq ID 2708 - Microsoft IIS CGI filename decode error. Homepage: http://vorlon.hexyn.be. By Filip Maertens |
| sensedecode.tgz | 2140 | May 17 14:09:12 2001 | 86d5e3c61e31daab59964869741639e5 |
| Sensedecode.tgz includes 2 perl scripts which exploit the IIS url decoding bug. Decodecheck.pl checks for hosts that have the "decode" problem, and decodexecute executes code using the decoding problem, with redirection. Homepage: http://www.sensepost.com. By Roelof W Temmingh |
| LinkMax.txt | 2088 | May 23 16:23:11 2001 | 5e10bd2bcfb053e79270c5e564cf78b9 |
| The WebAvail LinkMax2 (ASP) allows website visitors to view the LinkMax2 admin login and password. Fix included. By Vertigo |
| ronin.c | 1802 | May 3 14:43:38 2001 | d9fb736181b3c5e40177affa5cbef7d8 |
| Ronin.c is a FreeBSD-4.2 remote root exploit. Requires user access and a writable home directory without chroot. By Styx |
| webexplt.pl | 1544 | May 2 18:48:01 2001 | d6ddc1ed29d70f3955e46b0fa7785df1 |
| Windows 2000 / IIS 5.0 + SP1 Internet Printing Protocol vulnerability test. Causes a memory leak and reports whether or not the remote site is vulnerable, but does not contain shellcode. By Wanderley |
| requiem.c | 1426 | May 30 17:28:47 2001 | 8b18048ace7a6f4ea409fa5848415264 |
| HP/UX local exploit for /opt/OV/bin/ecsd. Homepage: http://www.idiotbox.co.il. By Sagi |
| webcgi98.txt | 1263 | May 17 12:56:41 2001 | 3d0b31a89bc866be6e1cdac15eb759db |
| Acadsoft's webcgi98.exe displays the full path to the binary in an error message. By Xbud |
| omnised.pl | 1190 | May 30 13:18:32 2001 | c7e9d7db73478899dc769bed4cf3135f |
| Omnised.pl is an exploit for Omnihttpd v2.08 for Windows 98/me/nt/2000 which lets you dump the source of php perl and other files to a txt file. These files may contain passwords. Homepage: http://www.dutchriot.com. By Speedy |
| decodecgi.pl | 960 | May 23 17:01:57 2001 | 2fb4ce29a3e87d13e39e916a92bc2e1c |
| This little piece of perl code tries to exploit the double decoding BUG on IIS 4 & 5. By **W** |
| g6-dos.txt | 371 | May 3 14:26:22 2001 | d75e83b84d93a14de68bc4d6112b2c82 |
| The G6 FTP server v2.00 freezes if told to create a directory "COM1", "COM2", "COM3" or "COM4". By G_Kos |
