.:[packet storm]:. ArchivesForums
 

 
 
about | forums | assessment | defense | papers | magazines | miscellaneous | links


To change sort order, click on the category. Sorted By: Last Modified.
.: 0210-exploits
File Name File Size Last Modified MD5 Checksum
massrooterfinal.tar...>1724731Nov 13 2002 07:43:19f104041ba08694e3bfdd9e511715d7c5
Massrooter takes advantage of remote vulnerabilities in bind, PHP, lpd, rpc, wuftpd, null httpd, telnet, mail, ssl, and ssh on multiple systems.  Homepage: http://www.abouthacking.net. By Daddy_cad
0210-exploits.tgz2215227Nov 1 2002 00:49:1847543d2f228312316b7dee8cf60d6850
Packet Storm new exploits for October, 2002.
sambar.5.1.pl936Oct 30 2002 21:09:52fd9bc557a02bc20a56871b03f3fb968b
Sambar Webserver v5.1 for Windows Pbcgi.exe remote denial of service exploit in perl.  Homepage: http://www.systat.cl. By Sebastian Breit
Oracle9iAS.dos.pl1389Oct 29 2002 23:52:045587607f8f49ffd172b5844f93e01670
Oracle9iAS Web Cache Denial of Service exploit in perl, as described in Atstake advisory a102802-1. By Deadbeat
solarhell768Oct 29 2002 05:49:29750b7545abb4813fae07fb331e4b0c43
Solarhell is a remote root exploit shell script which abuses the Solaris /bin/login bug by using telnet. Solaris 2.6, 2.7 and 2.8 (7.0 and 8.0) is vulnerable. More information available here.  Homepage: http://www.deloitte.co.za/By Deloitte & Touche SSG (Security Services Group).
tftp.dos.pl1972Oct 24 2002 22:27:22940a91e472909d558a7cf5bdf8d5360b
Solarwinds TFTP server v5.0.55 and below remote denial of service exploit in perl.  Homepage: http://www.dhgroup.org. By D4rkGr3y
virgil.txt3922Oct 24 2002 21:41:37db03d67f3f01a9badd1d398868b94862
Virgil CGI Scanner by Mark Ruef has a vulnerability where user input is trusted without being sanitized and is actually populating bash variables which end up getting executed. Simple exploit examples are included. By KALIF research group, Joschka Fischer
gm012-more-ie.txt4927Oct 24 2002 21:22:391f5a5fed0d2cb400606aef190e3eef9f
Microsoft Internet Explorer versions 5.5 and 6.0 are susceptible to 9 attacks involving object caching. When communicating between windows, security checks ensure that both pages are in the same security zone and on the same domain. These crucial security checks wrongly assume that certain methods and objects are only going to be called through their respective window. This assumption enables some cached methods and objects to provide interoperability between otherwise separated documents.  Homepage: http://security.greymagic.com/. By GreyMagic Software
wc.tar.gz16231Oct 24 2002 20:58:224c26c877c1f0530353bfc2ef74331c67
Two modified versions of the slapper worm exploit made more user-friendly with simple interaction to define what host and port will be hit with the exploit. By aion
l-zonealarm.c7642Oct 22 2002 23:43:22820d0cd440c7a6ca25f87098cfb94cd5
Zone-Labs ZoneAlarm Pro 3.1.291 and 3.0 remote denial of service exploit which consumes all available CPU via synflooding. To fix, update to the newest zonealarm and run windows update. By Lupsyn
anhttpd141c_exploit...>5696Oct 22 2002 00:07:131f1b01d7ab128a508febb5ff2176e78a
AN HTTPD v1.30 to 1.41c remote heap overflow exploit written in java for Japanese Windows 2000 Pro (SP2).  Homepage: http://www.jumperz.net. By Kanatoko
sendmail-8-11-x.c7399Oct 22 2002 00:01:132fe9594bfd8aa84b38546e5e85f92b8a
Sendmail 8.11.x linux/x86 local root exploit. Uses gdb to find offsets. By sd[at]sf.cz
web602dos.pl417Oct 21 2002 23:52:53073f82729fa7fdf2640bda249a4d2743
Web602 webserver remote denial of service exploit which uses the com1 windows flaw. By eip aka deadbeat aka AnGrY_SQl
web602dir.pl577Oct 21 2002 23:51:59c3828ca76731be0eeaafc1af5b545a8d
Web602 (Czech version) directory tree exploit. By eip aka deadbeat aka AnGrY_SQl
bop.pl1947Oct 20 2002 22:58:269350db07af8a58ea99c7d027033e8a96
PlanetDNS v1.14 remote buffer overflow exploit which sends 6K of data to port 80 of PlanetWeb. By Securma Massine
tomcat.dos.sh2317Oct 16 2002 22:52:33d350ab2f1f17570561020752a2d24d68
Apache Tomcat 3.3 and 4.0.4 for Windows NT and 2000 remote denial of service exploit. Uses device names like AUX, LPT1, CON, and PRN to crash the server.  Homepage: http://www.dcert.de. By Olaf Schulz
kitkat.pl1296Oct 16 2002 22:46:39bf6c938417e1bb5537a706e1f973e070
Kitkat.pl exploits a directory traversal bug in webMathematica v1.0.0 and 1.0.0.1.  Homepage: http://legion2000.security.nu. By NTFX
GetAd.c3560Oct 16 2002 19:51:135aaf16bbab2ab14dcbff5aa6879af839
GetAd.c is a new Windows 2000 local exploit which gains Local System rights on Win2k SP1-3 be taking advantage of the NetDDE window of winlogon with a shatter attack. Binaries available here. SecurityFocus vulnerability information available here.  Homepage: http://getad.chat.ru. By Serus
gm011-ie.txt3810Oct 16 2002 19:24:10c4e9108a3cc65e6a2d639324e9ba64d3
Internet Explorer 5.5 SP2 and Internet Explorer 6 allow the oIFrameElement.Document reference to return a document with no security restrictions, allowing remote attackers to steal cookies from any site, gain access to content in sites (forging content), read local files and execute arbitrary programs on the client's machine. Exploit HTML included which reads the client's google.com cookie. IE6 SP1 is not affected. Four demonstration exploits are available here.  Homepage: http://security.greymagic.com. By GreyMagic Software
neuter.c5419Oct 15 2002 05:39:38309ea638b470473176e87002adebaf66
Remote denial of service exploit that can be used against systems running Apache Tomcat (versions prior to 4.1.10) combined with IIS.  Homepage: http://www.enzotech.net By bmbr.
analogx-socks4a.sbal..>11502Oct 14 2002 07:51:26c262c0d90d724ec4b9601631e027d683
This is an exploit for AnalogX Proxy 4.10 configurations running on Windows 2000 Pro (SP2). The exploit binds a shell to port 8008 TCP. By Grange
euxploit.zip12709Oct 9 2002 19:51:04796d31fc38fbdbd23f050a46fee29a69
Remote exploit for the Eudora v5.x boundary buffer overflow. Works against Eudora v5.1 and 5.1.1 and is independent of Windows version. By Vecna
ChmOverflow.zip12979Oct 9 2002 19:41:063e134633e8a21051ff9f3c15d47c266d
Windows Help Buffer Overflow proof of concept remote exploit in Visual Basic 6. Starts a cmd.exe shell on Microsoft Windows XP Kernel Version 5.1.2600.0. Includes source. By Sylvain Descoteaux
sortrace.c8207Oct 9 2002 19:39:55b8b7f19d1870423e791ef80cef6f50a7
Linux Traceroute v1.4a5 and below local root exploit which takes advantage of a malloc chunk vulnerability. Uses gdb to find offsets. By Sorbo
sunos_telnet_for_cyg..>431031Oct 9 2002 18:14:5919b0e58b22e4cd4e3e8c9cced6a58e76
The Solaris 2.6, 7, and 8 /bin/login TTYPROMPT remote exploit compiled with Cygwin for Windows. Tested against SunOS 5.5, 5.5.1, 5.6, 5.7, 5.8 Sparc and SunOS 5.6, 5.7, 5.8 x86.  Homepage: http://www.cnhonker.net. Ported by Lion
iosmash2.c2150Oct 6 2002 17:12:327b28078a9bc5a3407f5939b88d2cf0ec
Iosmash2.c is a local root exploit for the FreeBSD file descriptors kernel bug that resides in all releases of FreeBSD up to and including 4.6-RELEASE. The exploit create 5 valid root passwords that give instant root access trough S/key.  Homepage: http://www.l33tsecurity.com. By Dvdman
onelove.c13998Oct 5 2002 09:49:39e063bb014f958db8cdaa416b1bd1e98b
This is proof of concept code that demonstrates how commands can be injected in a ptraced telnet/ssh session. By xenion.
telnet.c6065Oct 4 2002 00:25:1568bddb79920400ed85b5fa28ba605aaa
SunOS 5.5, 5.5.1 and Solaris 2.6, 2.7, and 2.8 SPARC and SunOS 5.7 and 5.8 x86 /bin/login TTYPROMPT remote exploit.  Homepage: http://www.cnhonker.com. By Lion
bearshare.4.0.6.txt2024Oct 4 2002 00:19:544deb6c402a2323bbbb6d32da4944cd84
Bearshare v4.0.6 and below is contains a directory traversal bug which allows remote attackers to view any file on the system by sending a specially crafted HTTP request. Exploit URL's included.  Homepage: http://www.BeyondSecurity.com. By Gluck, Mario Solares, Aviram Jenik
hackingcitrix.txt17406Oct 2 2002 20:02:0061e74e786bf9267b909c01e175a4c699
Citrix is a Remote Desktop application that is becoming widely popular. It is similar to Microsoft's Terminal Services, RDP (Remote Desktop Protocol). Unlike Terminal Services, Citrixs' lines of products allow the administrator to specify certain applications to be run on the server. This allows them to control which programs they want to allow the end user to execute. There exists an interesting gray line for the security of Citrix applications due to the mixing of both Citrix technology, and Microsoft technology. With an application that allows users remote access to not only published programs, but remote desktops, a serious threat arises. By wirepair
solaris.login.txt1203Oct 2 2002 13:35:0837c0ebd7f767b321deb20890747689f2
This document describes how to compromise Solaris systems prior to version 9 by using a telnet client only. By Jonathan Stuart.

 
 
Privacy Statement