| File Name |
File Size |
Last Modified |
MD5 Checksum |
| 0210-exploits.tgz | 2215227 | Nov 1 00:49:18 2002 | 47543d2f228312316b7dee8cf60d6850 |
| Packet Storm new exploits for October, 2002. |
| analogx-socks4a.sbal..> | 11502 | Oct 14 07:51:26 2002 | c262c0d90d724ec4b9601631e027d683 |
| This is an exploit for AnalogX Proxy 4.10 configurations running on Windows 2000 Pro (SP2). The exploit binds a shell to port 8008 TCP. By Kanatoko |
| bearshare.4.0.6.txt | 2024 | Oct 4 00:19:54 2002 | 4deb6c402a2323bbbb6d32da4944cd84 |
| Bearshare v4.0.6 and below is contains a directory traversal bug which allows remote attackers to view any file on the system by sending a specially crafted HTTP request. Exploit URL's included. Homepage: http://www.BeyondSecurity.com. By Gluck, Mario Solares, Aviram Jenik |
| bop.pl | 1947 | Oct 20 22:58:26 2002 | 9350db07af8a58ea99c7d027033e8a96 |
| PlanetDNS v1.14 remote buffer overflow exploit which sends 6K of data to port 80 of PlanetWeb. By Securma Massine |
| ChmOverflow.zip | 12979 | Oct 9 19:41:06 2002 | 3e134633e8a21051ff9f3c15d47c266d |
| Windows Help Buffer Overflow proof of concept remote exploit in Visual Basic 6. Starts a cmd.exe shell on Microsoft Windows XP Kernel Version 5.1.2600.0. Includes source. By Sylvain Descoteaux |
| euxploit.zip | 12709 | Oct 9 19:51:04 2002 | 796d31fc38fbdbd23f050a46fee29a69 |
| Remote exploit for the Eudora v5.x boundary buffer overflow. Works against Eudora v5.1 and 5.1.1 and is independent of Windows version. By Vecna |
| GetAd.c | 3560 | Oct 16 19:51:13 2002 | 5aaf16bbab2ab14dcbff5aa6879af839 |
| GetAd.c is a new Windows 2000 local exploit which gains Local System rights on Win2k SP1-3 be taking advantage of the NetDDE window of winlogon with a shatter attack. Binaries available here. SecurityFocus vulnerability information available here. Homepage: http://getad.chat.ru. By Serus |
| gm011-ie.txt | 3810 | Oct 16 19:24:10 2002 | c4e9108a3cc65e6a2d639324e9ba64d3 |
| Internet Explorer 5.5 SP2 and Internet Explorer 6 allow the oIFrameElement.Document reference to return a document with no security restrictions, allowing remote attackers to steal cookies from any site, gain access to content in sites (forging content), read local files and execute arbitrary programs on the client's machine. Exploit HTML included which reads the client's google.com cookie. IE6 SP1 is not affected. Four demonstration exploits are available here. Homepage: http://security.greymagic.com. By GreyMagic Software |
| gm012-more-ie.txt | 4927 | Oct 24 21:22:39 2002 | 1f5a5fed0d2cb400606aef190e3eef9f |
| Microsoft Internet Explorer versions 5.5 and 6.0 are susceptible to 9 attacks involving object caching. When communicating between windows, security checks ensure that both pages are in the same security zone and on the same domain. These crucial security checks wrongly assume that certain methods and objects are only going to be called through their respective window. This assumption enables some cached methods and objects to provide interoperability between otherwise separated documents. Homepage: http://security.greymagic.com/. By GreyMagic Software |
| hackingcitrix.txt | 17406 | Oct 2 20:02:00 2002 | 61e74e786bf9267b909c01e175a4c699 |
| Citrix is a Remote Desktop application that is becoming widely popular. It is similar to Microsoft's Terminal Services, RDP (Remote Desktop Protocol). Unlike Terminal Services, Citrixs' lines of products allow the administrator to specify certain applications to be run on the server. This allows them to control which programs they want to allow the end user to execute. There exists an interesting gray line for the security of Citrix applications due to the mixing of both Citrix technology, and Microsoft technology. With an application that allows users remote access to not only published programs, but remote desktops, a serious threat arises. By wirepair |
| iosmash2.c | 2150 | Oct 6 17:12:32 2002 | 7b28078a9bc5a3407f5939b88d2cf0ec |
| Iosmash2.c is a local root exploit for the FreeBSD file descriptors kernel bug that resides in all releases of FreeBSD up to and including 4.6-RELEASE. The exploit create 5 valid root passwords that give instant root access trough S/key. Homepage: http://www.l33tsecurity.com. By Dvdman |
| kitkat.pl | 1296 | Oct 16 22:46:39 2002 | bf6c938417e1bb5537a706e1f973e070 |
| Kitkat.pl exploits a directory traversal bug in webMathematica v1.0.0 and 1.0.0.1. Homepage: http://legion2000.security.nu. By NTFX |
| l-zonealarm.c | 7642 | Oct 22 23:43:22 2002 | 820d0cd440c7a6ca25f87098cfb94cd5 |
| Zone-Labs ZoneAlarm Pro 3.1.291 and 3.0 remote denial of service exploit which consumes all available CPU via synflooding. To fix, update to the newest zonealarm and run windows update. By Lupsyn |
| massrooterfinal.tar...> | 1724731 | Nov 13 07:43:19 2002 | f104041ba08694e3bfdd9e511715d7c5 |
| Massrooter takes advantage of remote vulnerabilities in bind, PHP, lpd, rpc, wuftpd, null httpd, telnet, mail, ssl, and ssh on multiple systems. Homepage: http://www.abouthacking.net. By Daddy_cad |
| mod_ssl-toolkit.tar...> | 2311 | Oct 9 19:59:41 2002 | 01386026a91e1adfdfa0829e0c211b3f |
| Mod_ssl off-by-one bug exploitation toolkit for OpenBSD. Creates a malicious .htaccess file which replaces the apache server process with an included HTTP server. By Grange |
| neuter.c | 5419 | Oct 15 05:39:38 2002 | 309ea638b470473176e87002adebaf66 |
| Remote denial of service exploit that can be used against systems running Apache Tomcat (versions prior to 4.1.10) combined with IIS. Homepage: http://www.enzotech.net By bmbr. |
| onelove.c | 13998 | Oct 5 09:49:39 2002 | e063bb014f958db8cdaa416b1bd1e98b |
| This is proof of concept code that demonstrates how commands can be injected in a ptraced telnet/ssh session. By xenion. |
| Oracle9iAS.dos.pl | 1389 | Oct 29 23:52:04 2002 | 5587607f8f49ffd172b5844f93e01670 |
| Oracle9iAS Web Cache Denial of Service exploit in perl, as described in Atstake advisory a102802-1. By Deadbeat |
| sambar.5.1.pl | 936 | Oct 30 21:09:52 2002 | fd9bc557a02bc20a56871b03f3fb968b |
| Sambar Webserver v5.1 for Windows Pbcgi.exe remote denial of service exploit in perl. Homepage: http://www.systat.cl. By Sebastian Breit |
| sendmail-8-11-x.c | 7399 | Oct 22 00:01:13 2002 | 2fe9594bfd8aa84b38546e5e85f92b8a |
| Sendmail 8.11.x linux/x86 local root exploit. Uses gdb to find offsets. By sd[at]sf.cz |
| solarhell | 768 | Oct 29 05:49:29 2002 | 750b7545abb4813fae07fb331e4b0c43 |
| Solarhell is a remote root exploit shell script which abuses the Solaris /bin/login bug by using telnet. Solaris 2.6, 2.7 and 2.8 (7.0 and 8.0) is vulnerable. More information available here. Homepage: http://www.deloitte.co.za/By Deloitte & Touche SSG (Security Services Group). |
| solaris.login.txt | 1203 | Oct 2 13:35:08 2002 | 37c0ebd7f767b321deb20890747689f2 |
| This document describes how to compromise Solaris systems prior to version 9 by using a telnet client only. By Jonathan Stuart. |
| sortrace.c | 8207 | Oct 9 19:39:55 2002 | b8b7f19d1870423e791ef80cef6f50a7 |
| Linux Traceroute v1.4a5 and below local root exploit which takes advantage of a malloc chunk vulnerability. Uses gdb to find offsets. By Sorbo |
| sunos_telnet_for_cyg..> | 431031 | Oct 9 18:14:59 2002 | 19b0e58b22e4cd4e3e8c9cced6a58e76 |
| The Solaris 2.6, 7, and 8 /bin/login TTYPROMPT remote exploit compiled with Cygwin for Windows. Tested against SunOS 5.5, 5.5.1, 5.6, 5.7, 5.8 Sparc and SunOS 5.6, 5.7, 5.8 x86. Homepage: http://www.cnhonker.net. Ported by Lion |
| telnet.c | 6065 | Oct 4 00:25:15 2002 | 68bddb79920400ed85b5fa28ba605aaa |
| SunOS 5.5, 5.5.1 and Solaris 2.6, 2.7, and 2.8 SPARC and SunOS 5.7 and 5.8 x86 /bin/login TTYPROMPT remote exploit. Homepage: http://www.cnhonker.com. By Lion |
| tftp.dos.pl | 1972 | Oct 24 22:27:22 2002 | 940a91e472909d558a7cf5bdf8d5360b |
| Solarwinds TFTP server v5.0.55 and below remote denial of service exploit in perl. Homepage: http://www.dhgroup.org. By D4rkGr3y |
| tomcat.dos.sh | 2317 | Oct 16 22:52:33 2002 | d350ab2f1f17570561020752a2d24d68 |
| Apache Tomcat 3.3 and 4.0.4 for Windows NT and 2000 remote denial of service exploit. Uses device names like AUX, LPT1, CON, and PRN to crash the server. Homepage: http://www.dcert.de. By Olaf Schulz |
| virgil.txt | 3922 | Oct 24 21:41:37 2002 | db03d67f3f01a9badd1d398868b94862 |
| Virgil CGI Scanner by Mark Ruef has a vulnerability where user input is trusted without being sanitized and is actually populating bash variables which end up getting executed. Simple exploit examples are included. By KALIF research group, Joschka Fischer |
| wc.tar.gz | 16231 | Oct 24 20:58:22 2002 | 4c26c877c1f0530353bfc2ef74331c67 |
| Two modified versions of the slapper worm exploit made more user-friendly with simple interaction to define what host and port will be hit with the exploit. By aion |
| web602dir.pl | 577 | Oct 21 23:51:59 2002 | c3828ca76731be0eeaafc1af5b545a8d |
| Web602 (Czech version) directory tree exploit. By eip aka deadbeat aka AnGrY_SQl |
| web602dos.pl | 417 | Oct 21 23:52:53 2002 | 073f82729fa7fdf2640bda249a4d2743 |
| Web602 webserver remote denial of service exploit which uses the com1 windows flaw. By eip aka deadbeat aka AnGrY_SQl |
