| File Name |
File Size |
Last Modified |
MD5 Checksum |
| 0201-exploits.tgz | 275995 | Feb 2 00:08:16 2002 | 68671ffeb8f1ab115e5962caeab7c9a6 |
| Packet Storm new exploits for January, 2002. |
| cm-ssh.tgz | 227312 | Jan 12 12:23:21 2002 | 7ef4c345b731ddb9c4c41793273edbf7 |
| Cm-ssh is the Teso SSH remote exploit. Includes targets for SSH-1.5-1.2.27, SSH-1.99-OpenSSH_2.2.0p1, SSH-1.5-1.2.26, and SSH-1.5-1.2.31. Binary form only. Brute forces the stack. |
| woot.java | 15295 | Jul 6 01:33:07 2002 | 65e717bab45e30856c4bca541beeeda8 |
| Wu-ftpd 2.6.[0/1] remote heap overflow written in Java. Provides a remote shell. Includes targets for RedHat 7.0 and wu-2.6.0/1 from www.wu-ftpd.org. Homepage: http://www.0x4553.org. By CraigTM |
| iisshell-1.3.tgz | 11776 | Jan 7 21:52:28 2002 | 2e63c70bedd349e50bde028caa0d132e |
| A small scanner and shell-like interface for the IIS unicode vulnerability (exploits directory traversal to reach cmd.exe). By Cartel Informatique |
| w00aimexp.tgz | 10681 | Jan 2 18:17:19 2002 | daec79a085c3cb4e73ec9764785c7471 |
| AOL Instant Messenger remote buffer overflow exploit. Affects AOL AIM for Windows stable v4.7.2480 and beta v4.8.2616. Over 100,000,000 users affected. Included shellcode shuts down the AIM client. Homepage: http://www.w00w00.org. By Matt Conover |
| netgear.txt | 8123 | Jan 30 23:05:03 2002 | 9d7dbab5ae54817fb0af918b799bd42c |
| NetGear RO318 HTTP Filter Advisory - The firmware does not check URL's well enough and will send out restricted content if given a malformed URL. Includes perl exploit. Homepage: http://home.tampabay.rr.com/nbs/. By Null Byte Security |
| sniffit-exp1.txt | 6675 | Jan 18 21:11:07 2002 | 9e59a59251ace6f72b61e53cd1843f1f |
| Sniffit v0.3.7beta remote root buffer overflow exploit. Requires the admin to be running sniffit with the -L option. By g463 |
| boozt.c | 4388 | Jan 10 22:16:38 2002 | 54a2881575b025fcef77361b2bb13609 |
| The Boozt! banner management software for Linux v0.9.8alpha remote exploit. Included shellcode creates a suid httpd shell in /tmp. Fix available here. By Rafael San Miguel Carrasco |
| attn.tar.gz | 3830 | Jan 18 20:59:02 2002 | 228228e20fdbea6cba09e2718ad8cad0 |
| Attn.tar.gz is a Redhat 7.0 local root exploit which takes advantage of a bug in the at command which allows an attacker to free() user controlled memory. Tested on Redhat 7.0 with the glibc-2.2.4-18.7.0.3 and at-3.1.8-12 packages installed. By zen-parse |
| nt.php.htm | 3826 | Jan 7 22:22:43 2002 | 408c92549ba7db07950ad9720121c213 |
| NT PHP.exe remote exploit. Allows any file on the webserver to be read. Homepage: http://www.securiteam.com. By Securiteam |
| hosting.controller.t..> | 3799 | Jan 7 22:44:54 2002 | 3e38c30aabfad13f773058326f5fac3d |
| Hosting Controller v1.4.1, an all-in-one administrative hosting tool for Windows, contains multiple vulnerabilities. It allows remote users to read any file on the system and browse non-public directories. Exploit URL's included. By Phuong |
| buggyzilla.pl | 2763 | Jan 10 21:39:02 2002 | a34590985ad2c781d4a2ef465b370e00 |
| Buggyzilla.pl exploits two vulnerabilities in bugzilla 2.14 or prior in order to execute commands on affected systems. This uses bad quotation of user input in bugzilla to gain access to administrator pages. The a weakness in the reports.cgi is then used to allow execution of commands. Advisory available here. Fix available here. By Funkysh |
| gicu-dos.c | 1771 | Jan 24 23:31:05 2002 | 619d5fe13a0c7cbcdc31462b9aab2591 |
| GnomeICU v0.96.1 remote dos exploit. Sends a message with uin=0000000 causing a seg fault. Tested on GnomeICU 0.95->0.96.1 on RH 7.0, Slackware 8.0. By Christian Milow |
| zml.cgi.txt | 1534 | Jan 1 22:03:35 2002 | a34aeee880ee35dee55047fb1ed2efca |
| Zml.cgi contains remote vulnerabilities which allow any file on the webserver to be read. Exploit URL included. Tested against Redhat w/ Apache. By Blackshell Development Team |
| debian-uucp.tar.gz | 1489 | Jan 21 21:34:08 2002 | c288ab795b3f52d9cc85af362801096c |
| Debian uucp v1.06.1 local uid=utmp or root exploit. Trojans uucp and uux, attempting to get a root shell. Based on an exploit by zen-parse. Tested on Debian PowerPC Unstable. By Charles Stevenson |
| sudo-xpl.sh | 1178 | Jan 16 22:59:44 2002 | 055ebc951dada82997439ceafe436d5b |
| Local root exploit for sudo + postfix. Exploits sudo prior to sudo-1.6.4.1. Tested on debian powerpc unstable. By Charles 'core' Stevenson |
| BSD-H_osx_local_root..> | 1042 | Jan 30 21:24:19 2002 | 4e32ba3a79c40f5908183ffc60896118 |
| RootX is a local Macintosh OS/X exploit for sudo. Must be in sudoers. The latest Client/Server (10.1.2) are affected. Homepage: http://bsdh.dhs.org. By Freestyler and Xor^SS |
