File Name |
File Size |
Last Modified |
MD5 Checksum |
0204-exploits.tgz | 777405 | May 6 22:56:05 2002 | da76776c09caeb80dc346c3147fe4567 |
Packet Storm new exploits for April, 2002. |
7350fun | 49723 | Jul 17 23:01:07 2002 | 55dd71bbb7d23d1220f8bb33a4b20edd |
7350fun is a remote exploit for mod_php v4.0.2rc1-v4.0.5 and v4.0.6-v4.0.7RC2. This exploit appears to be a revised version of the 73501867 exploit, which was written by the same author, contained less functionality and was not encrypted. Note: this exploit also causes PHP 4.1.2 versions to segfault. By Lorian. This code was abandoned in a honey pot and is published under Fair Use Law 17 U.S.C.A 107 |
cisco677.pl | 2143 | May 4 22:32:17 2002 | 71acdbfebdc481e031687d06bbb810e7 |
Cisco 677/678 Telnet Overflow denial of service perl exploit. Homepage: http://mail.dhbit.ca. By DNV |
epop.c | 821 | Apr 24 23:22:30 2002 | d53cc8ba199088d13beffe904c1f9450 |
This exploit hangs WiredRed e/pop v2.0.3, probably works on all 2.x versions. By Cult |
evelyne.sh | 1043 | Apr 24 18:36:31 2002 | 6e686fc543c6ddbad436bfb0f81fd5be |
Local root exploit for the "Suid application execution bug" (< FreeBSD 4.5-STABLE) that was discovered by Joost Pol from Pine. Homepage: http://www.netric.org. By Atje |
food_for_the_poor.c | 2829 | May 1 12:53:32 2002 | 02f164a7343a06b6563818a43d6d7357 |
Food_for_the_poor is a linux exploit for a heap overflow in the Kerberos 4 ftp client which creates a suid shell in /tmp. Homepage: http://mantra.freeweb.hu/. By Marcell Fodor |
guninski-53.txt | 10258 | Apr 2 00:05:00 2002 | 2fbb5a730b6516363c61c5ba49238bcb |
Georgi Guninski security advisory #53, 2002 - Two serious security vulnerabilities have been found in Microsoft Office XP. It is possible to embed active content (object + script) in HTML mail which is triggered if the user replies to or forwards mail. In addition, a bug in the Host() function of the spreadsheet allows creating files with arbitrary names and their content may be specified to some extent at which is sufficient to place an executable file (.hta) in user's startup directory which may lead to taking full control over user's computer. Homepage: http://www.guninski.com. By Georgi Guninski |
icx.c | 13494 | Apr 2 09:23:07 2002 | 30658aa7461384b8a294cfc3db8fab5a |
Icecast v1.3.11 and below remote root exploit for linux/x86. Binds a shell to port 30464. Tested against SuSE 7.2, Debian 2.2r2, and Slackware 8.0. By Diz |
iis.asp.overflow.txt | 5740 | Apr 11 04:41:33 2002 | 4cdf305e59b0d7ba7de3156cc1e0c3c2 |
A vulnerability in the ASP (Active Server Pages) ISAPI filter, loaded by default on all NT4 and Windows 2000 server systems (running IIS), can be exploited to remotely execute code of an attackers choice. Example which causes an application error included. Microsoft advisory on this vulnerability here. Homepage: http://www.eEye.com. By Marc Maiffret |
iischeck.pl | 2891 | Apr 24 21:40:00 2002 | 2b2edd24b76ee0b58d5186d14b8d3923 |
Microsoft IIS .HTR heap overflow checker. Determines remotely if patch MS02-018 has been applied. Homepage: http://filip.compsec.be. By Filip Maertens |
iisfux0r.txt | 2047 | Apr 22 22:28:30 2002 | 187ee85dc854e518c0b386d561dd3a33 |
Microsoft IIS W3SVC Denial of Service - Brings down the inetinfo.exe process, crashing IIS. Homepage: http://filip.compsec.be. By Filip Maertens |
iosmash.c | 853 | Apr 24 18:24:03 2002 | 5a17bababe3ea7ff5e73ed68e8bf079d |
Iosmash.c is an exploit for the stdio kernel bug that resides in all releases of FreeBSD up to and including 4.5-RELEASE. The exploit uses keyinit, which is part of the S/key package, to create 5 valid root passwords that give instant root access trough S/key. By Phased |
logwatch211.sh | 1655 | Apr 3 01:08:56 2002 | 26509d094a11d67a23e651d2e6fd95a6 |
LogWatch 2.1.1 is a part of the Red Hat Linux 7.2 distribution, enabled by default and daily run by the cron daemon. On a system running LogWatch, a local user is able to gain unauthorized root access, due to a race condition during the temporary directory creation. Homepage: http://www.kaybee.org/~kirk/html/linux.html. By Spybreak |
msh3comdos.c | 4351 | May 1 09:32:39 2002 | 2bf501dc4f6312377a58c1130e5beb44 |
3CDaemon FTP Server v2.0 buffer overflow dos exploit. By Skyrim |
obsd-cron.c | 570 | Apr 15 00:41:12 2002 | 72d35ea6ab315d9c96c3184343dee252 |
OpenBSD 3.0 cron / mail local root exploit. Creates a suid shell after /etc/daily runs. By Przemysaw Frasunek |
pos_expl.c | 2286 | Apr 22 22:42:02 2002 | aba3e4e67681520ccc17f4d5f548bbc0 |
Posadis m5pre1 local buffer overflow exploit. Homepage: http://www.netric.org. By eSDee |
pos_expl2.c | 1184 | Apr 22 22:40:44 2002 | 7475676aaa562e43d95925828590fb52 |
Posadis m5pre2 local format string exploit. Homepage: http://www.netric.org. By eSDee |
psydos.txt | 1223 | Apr 24 22:03:45 2002 | 72882c16409c851c3e19cdd8edf515a6 |
PsyBNC v2.3 has a problem dealing with oversized passwords, making it possible to tie up all the connection slots and consume a lot of CPU on the server. By Nawok |
pUll.pl | 845 | Jul 8 00:17:49 2002 | ddc9cde518d7a4282d6cb3248b448e48 |
Slrnpull '-d' buffer overflow exploit. Executes shellcode with group 'news' privileges. Tested to work on an Intel Red Hat 6.2 installation . Homepage: http://www.safemode.org. By zillion and Alex Hernandez |
screen-stuff.tgz | 4176 | Apr 24 19:39:06 2002 | bf834c1357f2a2f6814bd7bf51ecea1d |
Screen v3.9.11 local root linux/x86 exploit for braille module bug. By Gobbles Security |
tgt_v1_x86Lnx.tar.gz | 473805 | May 1 12:55:37 2002 | 98f1f82d423d16819bc96da528d31ca8 |
Exploit for the local root bug in Kerberos IV TGT and AFS Token implementation of the OpenSSH server (sshd) version 2.2.0 - 3.1.0. Homepage: http://mantra.freeweb.hu/. By Marcell Fodor |
tshttpd.pl | 2983 | May 4 22:24:59 2002 | cb8368a36e1c06aa0f994e1dce369789 |
AnalogX SimpleServer:WWW HTTP Server v1.1 denial of service buffer overflow exploit. By TrippinSmurfs |
x2.tgz | 221543 | Jul 17 23:05:13 2002 | 5ad26f20c8eeae79c09718165e21621d |
X2 exploits the SSH CRC-32 attack detection code buffer overflow vulnerability that exists in SSH1 implementations. The exploit is distributed in binary form and has been encrypted. Includes 45 target types. This code was abandoned in a honey pot and is published under Fair Use Law 17 U.S.C.A 107 |
xtelld261.c | 9193 | Apr 3 01:47:15 2002 | 1cafde97c61ae5070ffa7332f1bba3ea |
Xtell from the Debian Linux distribution is a network messaging client for sending messages to users on different computers. Xtell 2.6.1 with at least 3 remote buffer overflows, symlink bug, ".." directory traversal, file race condition, and more. Exploit spawns a shell on port 12321. Tested against Red Hat 7.2, 7.1; Debian Potato. By Spybreak |