| File Name |
File Size |
Last Modified |
MD5 Checksum |
| 01-wu261.c | 35201 | Dec 12 08:55:37 2001 | faa411281a9318348a43d54c8ab92769 |
| Wu-Ftpd v2.6.1 and below remote root exploit which takes advantage of the SITE EXEC globbing vulnerability. Includes instructions on finding the offset with gdb. By Zen-parse |
| smash_bin_login.c | 13357 | Dec 28 12:12:34 2001 | 21f881c14e04e0b69412d1c74d3dcfa2 |
| Solaris x86 v2.8 /bin/login via telnet remote buffer overflow exploit. Uses fixed addresses. Executes any command as root. Homepage: http://monkey.org/~mat. By JW. Oh |
| jim.c | 11168 | Dec 4 20:51:43 2001 | ce7ba29b042a913db88bb171d6db8db4 |
| Jim.c is an exploit for the remote IIS server side include buffer overflow vulnerability. Tested on Linux and Win32. To exploit this vulnerability you must have write access to the web root of the target web server. Causes the server to send you a shell with SYSTEM level access. By Indigo |
| pmexpl.c | 10766 | Dec 28 11:11:48 2001 | 60072037d04fb99236213b82a4239fdf |
| Pmake <= 2.1.33 local root exploit. Some distributions have pmake suid root by default. By IhaQueR@IRCnet |
| badboy.c | 9207 | Dec 4 20:49:20 2001 | 30aecb9b9cc3b85879d290607853efe9 |
| Badboy.c is a remote exploit for the Win32 Checkpoint Firewall-1 GUI log viewer program. Binds a shell to a port with SYSTEM level access. Must be run from a valid GUI client machine. By Indigo |
| jack.c | 8269 | Dec 4 20:52:58 2001 | 485e818e6aa9c8cd8c3a3d692a4a084f |
| Jack.c is a remote exploit for the Active Perl ISAPI overflow described in Bugtraq ID 3526. Sends you a shell with SYSTEM level access. By Indigo |
| own-ettercap.c | 7673 | Dec 8 19:50:36 2001 | d6e5951f7604f7851edf50f992c03724 |
| Ettercap v0.6.2 local root format string exploit. Works if the administrator made Ettercap SUID. Homepage: http://www.bugtraq.org. By Alicia |
| XPloit.c | 6874 | Jan 1 02:22:01 2002 | f9206046fe2db51c88104dea21788ee8 |
| WinME/XP UPNP remote dos and buffer overflow overflow exploit. Sends malformed data to TCP port 5000. Includes the option to spawn a shell on port 7788. Homepage: http://qb0x.net. By Gabriel Maggiotti |
| ie.cert.attack.txt | 6373 | Dec 25 22:28:13 2001 | 29e55396623a1ab90242ba5407be8b24 |
| A flaw in Microsoft Internet Explorer allows an attacker to perform a SSL Man-In-The-Middle attack without the majority of users recognizing it. In fact the only way to detect the attack is to manually compare the server name with the name stored in the certificate due to a flaw in the way IE checks HTTPS objects that are embedded into normal HTTP pages. Homepage: http://www.e-matters.de. By Stefan Esser |
| adstreamer.txt | 6358 | Dec 25 22:44:43 2001 | 06fc404d3b77658241ef7dfe94f0d8bf |
| AdStreamer is a cgi package with several remote vulnerabilities, one of which allows remote command execution. Buggy open calls were found in addbanner.cgi, banner.cgi, bannereditor.cgi, and report2.cgi. Homepage: http://www.bugtraq.org. By Gobbles Security |
| nb-isakmp.c | 5762 | Dec 25 22:51:57 2001 | 690321d47ef04f0d314c84e8da296191 |
| Nb-isakmp.c is a proof of concept exploit for Bugtraq # 3652 - ISAKMP/IKE remote denial of service against Win2k. This code may exploit other bugs as well. C version. Homepage: http://nelson.wwsecurity.net. By Nelson Brito |
| atphttpd-smack.c | 3907 | Dec 16 20:55:39 2001 | ebcb55b399e6cc1df9b8a7590bfa606b |
| ATPhttpd v0.4b remote buffer overflow exploit. Tested on and against OpenBSD 2.8. Binds a shell to port 6969 which has the UID of the webserver. Homepage: http://sec.angrypacket.com. By Methodic |
| SpeedXess.txt | 2823 | Dec 12 18:10:58 2001 | 415cfed7781561fcb5133a3b24345773 |
| SpeedXess DSL routers come with a default password of speedxess. Homepage: http://www.wowhacker.com. By Secret |
| twlc-adv-plesk211201..> | 2542 | Dec 25 22:14:18 2001 | a7d92ef2dc4845c652651a3543755d05 |
| Plesk, a popular server administration tool used by many web hosting companies, has a bug which allows remote users to view the source of .php hosted files. All versions prior to v2.0 are affected. Homepage: http://www.twlc.net. By Supergate |
| UseLogin.txt | 2146 | Dec 8 19:33:59 2001 | ee90a8217d3ebac2b297609567373f38 |
| OpenSSH v3.0.1p1 and below root exploit which only works of the administrator has turned on the UseLogin feature. Uses the libroot library. Requires an account on the remote machine. Homepage: http://www.genhex.org. By War |
| atphttpd.pl | 2081 | Dec 16 21:00:46 2001 | 392571248a30489738ca74447900141a |
| ATPhttpd v0.4a remote denial of service buffer overflow Tested against OpenBSD 2.9. Homepage: http://www.securityoffice.net. By Tamer Sahin |
| kebi-webmail_vul.txt | 2042 | Dec 8 19:29:08 2001 | faaf892f274f6a268f6768e4f56b1b5d |
| The Kebi Webmail server allows remote users to have administrator access by going to http://site.com/a/. Homepage: http://www.wowhacker.org. By Secret |
| nb-isakmp.pl | 1889 | Dec 25 22:52:51 2001 | f5af9905a00822bcb51cfbd06064da72 |
| Nb-isakmp.pl is a proof of concept exploit for Bugtraq # 3652 - ISAKMP/IKE remote denial of service against Win2k. This code may exploit other bugs as well. Perl version. Homepage: http://nelson.wwsecurity.net. By Nelson Brito |
| script.command.txt | 1855 | Dec 17 21:29:23 2001 | e546ea507ca071abe3463d61624074c1 |
| The script command overwrites hardlinks named typescript in the current directory. Homepage: http://ws.obit.nl. By Marco van Berkum |
| itransact.txt | 673 | Dec 16 20:37:51 2001 | 156e08a83f72f8a46397366a52e8ad1f |
| A security flaw in the itransact.com credit card payment system allows users to change the price of merchandise ordered. By Jesse S. Williams |
