| File Name |
File Size |
Last Modified |
MD5 Checksum |
| woot.java | 15295 | Jul 6 2002 01:33:07 | 65e717bab45e30856c4bca541beeeda8 |
| Wu-ftpd 2.6.[0/1] remote heap overflow written in Java. Provides a remote shell. Includes targets for RedHat 7.0 and wu-2.6.0/1 from www.wu-ftpd.org. Homepage: http://www.0x4553.org. By CraigTM |
| 0201-exploits.tgz | 275995 | Feb 2 2002 00:08:16 | 68671ffeb8f1ab115e5962caeab7c9a6 |
| Packet Storm new exploits for January, 2002. |
| netgear.txt | 8123 | Jan 30 2002 23:05:03 | 9d7dbab5ae54817fb0af918b799bd42c |
| NetGear RO318 HTTP Filter Advisory - The firmware does not check URL's well enough and will send out restricted content if given a malformed URL. Includes perl exploit. Homepage: http://home.tampabay.rr.com/nbs/. By Null Byte Security |
| BSD-H_osx_local_root..> | 1042 | Jan 30 2002 21:24:19 | 4e32ba3a79c40f5908183ffc60896118 |
| RootX is a local Macintosh OS/X exploit for sudo. Must be in sudoers. The latest Client/Server (10.1.2) are affected. Homepage: http://bsdh.dhs.org. By Freestyler and Xor^SS |
| gicu-dos.c | 1771 | Jan 24 2002 23:31:05 | 619d5fe13a0c7cbcdc31462b9aab2591 |
| GnomeICU v0.96.1 remote dos exploit. Sends a message with uin=0000000 causing a seg fault. Tested on GnomeICU 0.95->0.96.1 on RH 7.0, Slackware 8.0. By Christian Milow |
| debian-uucp.tar.gz | 1489 | Jan 21 2002 21:34:08 | c288ab795b3f52d9cc85af362801096c |
| Debian uucp v1.06.1 local uid=utmp or root exploit. Trojans uucp and uux, attempting to get a root shell. Based on an exploit by zen-parse. Tested on Debian PowerPC Unstable. By Charles Stevenson |
| sniffit-exp1.txt | 6675 | Jan 18 2002 21:11:07 | 9e59a59251ace6f72b61e53cd1843f1f |
| Sniffit v0.3.7beta remote root buffer overflow exploit. Requires the admin to be running sniffit with the -L option. By g463 |
| attn.tar.gz | 3830 | Jan 18 2002 20:59:02 | 228228e20fdbea6cba09e2718ad8cad0 |
| Attn.tar.gz is a Redhat 7.0 local root exploit which takes advantage of a bug in the at command which allows an attacker to free() user controlled memory. Tested on Redhat 7.0 with the glibc-2.2.4-18.7.0.3 and at-3.1.8-12 packages installed. By zen-parse |
| sudo-xpl.sh | 1178 | Jan 16 2002 22:59:44 | 055ebc951dada82997439ceafe436d5b |
| Local root exploit for sudo + postfix. Exploits sudo prior to sudo-1.6.4.1. Tested on debian powerpc unstable. By Charles 'core' Stevenson |
| cm-ssh.tgz | 227312 | Jan 12 2002 12:23:21 | 7ef4c345b731ddb9c4c41793273edbf7 |
| Cm-ssh is the Teso SSH remote exploit. Includes targets for SSH-1.5-1.2.27, SSH-1.99-OpenSSH_2.2.0p1, SSH-1.5-1.2.26, and SSH-1.5-1.2.31. Binary form only. Brute forces the stack. |
| boozt.c | 4388 | Jan 10 2002 22:16:38 | 54a2881575b025fcef77361b2bb13609 |
| The Boozt! banner management software for Linux v0.9.8alpha remote exploit. Included shellcode creates a suid httpd shell in /tmp. Fix available here. By Rafael San Miguel Carrasco |
| buggyzilla.pl | 2763 | Jan 10 2002 21:39:02 | a34590985ad2c781d4a2ef465b370e00 |
| Buggyzilla.pl exploits two vulnerabilities in bugzilla 2.14 or prior in order to execute commands on affected systems. This uses bad quotation of user input in bugzilla to gain access to administrator pages. The a weakness in the reports.cgi is then used to allow execution of commands. Advisory available here. Fix available here. By Funkysh |
| hosting.controller.t..> | 3799 | Jan 7 2002 22:44:54 | 3e38c30aabfad13f773058326f5fac3d |
| Hosting Controller v1.4.1, an all-in-one administrative hosting tool for Windows, contains multiple vulnerabilities. It allows remote users to read any file on the system and browse non-public directories. Exploit URL's included. By Phuong |
| nt.php.htm | 3826 | Jan 7 2002 22:22:43 | 408c92549ba7db07950ad9720121c213 |
| NT PHP.exe remote exploit. Allows any file on the webserver to be read. Homepage: http://www.securiteam.com. By Securiteam |
| iisshell-1.3.tgz | 11776 | Jan 7 2002 21:52:28 | 2e63c70bedd349e50bde028caa0d132e |
| A small scanner and shell-like interface for the IIS unicode vulnerability (exploits directory traversal to reach cmd.exe). By Cartel Informatique |
| w00aimexp.tgz | 10681 | Jan 2 2002 18:17:19 | daec79a085c3cb4e73ec9764785c7471 |
| AOL Instant Messenger remote buffer overflow exploit. Affects AOL AIM for Windows stable v4.7.2480 and beta v4.8.2616. Over 100,000,000 users affected. Included shellcode shuts down the AIM client. Homepage: http://www.w00w00.org. By Matt Conover |
| zml.cgi.txt | 1534 | Jan 1 2002 22:03:35 | a34aeee880ee35dee55047fb1ed2efca |
| Zml.cgi contains remote vulnerabilities which allow any file on the webserver to be read. Exploit URL included. Tested against Redhat w/ Apache. By Blackshell Development Team |
