.:[packet storm]:. ArchivesForums
 

 
 
about | forums | assessment | defense | papers | magazines | miscellaneous | links


To change sort order, click on the category. Sorted By: File Name.
.: 0203-exploits
File Name File Size Last Modified MD5 Checksum
0203-exploits.tgz1840053Apr 2 00:05:51 200207b176a4f3caa5aeb0e71dc7d048509d
Packet Storm new exploits for March, 2002.
agate.tar.gz339340Mar 5 22:38:00 2002b0e6e1f796741cc0afbcb3fd7b954d46
Avirt Gateway 4.2 remote exploit ported to Windows with Cygwin. By Luigi Grandini
Apache.Win32.txt3016Mar 22 07:57:41 200204bda8f5bf73eb6fe91b03b836198c35
A vulnerability in the way the Windows versions of Apache parses batch files with cmd.exe allows remote users to execute commands on versions of Apache prior to 1.3.24 and 2.0.29-BETA. Exploit URL's included. By Ory Segal
apache_php.c3660Mar 4 00:26:43 20025126bbf8e63b2126ebdd8a9450b62ff8
Apache 1.3.x + php 4.0.6 proof of concept exploit for the multipart/form-data POST requests bug. This exploit crashes the daemon.  Homepage: http://qb0x.net. By Gabriel A. Maggiotti
apache_php.tar.gz339383Mar 5 22:39:29 2002bdf92baef409ba2576ddfb67c6972625
Cygwin Windows port of the Apache 1.3.x + php 4.0.6 proof of concept exploit for the multipart/form-data POST requests bug. This exploit crashes the daemon. Ported by Luigi Grandini
Colbalt-RAQ-v4.txt5236Mar 4 08:56:42 2002a4e649e09cdd871f9843ce8582d573d5
Cobalt's RAQ 4 server has three remote vulnerabilities. The service.cgi script has a cross site scripting vulnerability because it incorrectly parses the incoming searches and includes HTML tags and Javascript in the result. A directory traversal vulnerability allows attackers to read restricted files or passwords and profiles the users. In addition, a very long URL string will crash the service. Exploits included. By Alex Hernandez
DLA-18-03-2002.txt2741Mar 20 09:47:50 200293581200755ee08576317b5c3179619b
Microsoft posted a security bulletin on this (ms99-040) way back in September 28, 1999; it is still exploitable if the html file is run from the users local disk and not from a webserver or file-share. By Gollum
hhp-qtip.c1350Mar 12 19:44:26 2002b1f1e53e81b7b495f4faeb362d585475
Hhp-qtip.c is a local root exploit for /usr/bin/tip on BSDI 4.2. Requires access to tip, usually gid(dialer).  Homepage: http://www.hhp-programming.net. By Cody Tubbs
osshchan.tgz20241Mar 29 09:28:53 2002ae4a56b17dda15f0c2b2ef133479a4e9
OpenSSH 2.9p* channel_lookup() off by one exploit. Tested against SuSE Linux 7.2 and FreeBSD 4.5-STABLE with OpenSSH 2.9p1 and p2. Based on OpenSSH-2.9p2 source. By Morgan
php-nuke.5.5.css.txt1106Mar 12 19:47:46 2002392663e5198a29c4a1c3c2daf1b7e121
PHP Nuke v5.5 has a cross site scripting vulnerability. Exploit information included.  Homepage: http://hackergurus.tk. By Ravish
phpnukeEKO.txt970Mar 13 21:15:24 20022546c50f77cdccffa18d54d48870f2d9
PHP Nuke 5.X path disclosure vulnerability through modules.php.  Homepage: http://nyshock.hypermart.net. By Patryk K.
phpxpl.c12998Mar 6 22:14:46 20020f3502ccdfd5f2739f73f8841d4708ba
PHP 3.0.16/4.0.2 remote root format string overflow exploit for Linux/x86. Included shellcode adds a root shell on tcp port 1524 to inetd.conf. By Count August Anton Wilhelm Neithardt von Gneisenau
ptrace-dark.c3411Mar 12 20:24:28 2002400dd79a65c806ae4fe25bee6f1573e4
Ptrace2.4 is a local root exploit for linux kernels prior to v2.4.9 and 2.2.20. By Darknessx
realown.tar.gz340890Mar 5 22:41:35 200236989e96eebc153db49cfe7e9be93297
Cygwin port of the unix port of the real own realserver exploit. Ported by Luigi Grandini
sp_quickill.zip431940Mar 24 21:09:41 2002df1ed07f57c90114475fb5b2cedabf67
Sp_Quickkill scans internal networks for unpatched windows machines, IIS and SQL.  Homepage: http://www.sensepost.com. By Roelof Temmingh
ucd-snmp.c12316Mar 13 23:09:39 2002b6e6a827e6265c29937e7052e444d49c
UCD-snmp v4.2.1 and below remote root exploit for the long community string overflow on Linux/x86. Tested against Slackware 8.0, includes instructions for finding more offsets. Binds a shell to tcp port 10000. By Jove
vwxploit.tar.gz340795Mar 5 22:42:55 2002b19a0556613b5a2bd2a5bb32ab7c84e0
Cygwin Windows port of the Interscan VirusWall 3.23/3.3 exploit. Ported by Luigi Grandini
Xerver-2.10.txt4162Mar 7 21:59:40 2002f5c20e4013a63f1117a415ea47a3fc93
The Xerver Free Web Server v2.10 contains file disclosure and denial of service vulnerabilities. Platforms affected include Windows, Linux, BSD, Solaris, and Mac. Exploits included. By Alex Hernandez

 
 
Privacy Statement