| File Name |
File Size |
Last Modified |
MD5 Checksum |
| massrooterfinal.tar...> | 1724731 | Nov 13 2002 07:43:19 | f104041ba08694e3bfdd9e511715d7c5 |
| Massrooter takes advantage of remote vulnerabilities in bind, PHP, lpd, rpc, wuftpd, null httpd, telnet, mail, ssl, and ssh on multiple systems. Homepage: http://www.abouthacking.net. By Daddy_cad |
| 0210-exploits.tgz | 2215227 | Nov 1 2002 00:49:18 | 47543d2f228312316b7dee8cf60d6850 |
| Packet Storm new exploits for October, 2002. |
| sambar.5.1.pl | 936 | Oct 30 2002 21:09:52 | fd9bc557a02bc20a56871b03f3fb968b |
| Sambar Webserver v5.1 for Windows Pbcgi.exe remote denial of service exploit in perl. Homepage: http://www.systat.cl. By Sebastian Breit |
| Oracle9iAS.dos.pl | 1389 | Oct 29 2002 23:52:04 | 5587607f8f49ffd172b5844f93e01670 |
| Oracle9iAS Web Cache Denial of Service exploit in perl, as described in Atstake advisory a102802-1. By Deadbeat |
| solarhell | 768 | Oct 29 2002 05:49:29 | 750b7545abb4813fae07fb331e4b0c43 |
| Solarhell is a remote root exploit shell script which abuses the Solaris /bin/login bug by using telnet. Solaris 2.6, 2.7 and 2.8 (7.0 and 8.0) is vulnerable. More information available here. Homepage: http://www.deloitte.co.za/By Deloitte & Touche SSG (Security Services Group). |
| tftp.dos.pl | 1972 | Oct 24 2002 22:27:22 | 940a91e472909d558a7cf5bdf8d5360b |
| Solarwinds TFTP server v5.0.55 and below remote denial of service exploit in perl. Homepage: http://www.dhgroup.org. By D4rkGr3y |
| virgil.txt | 3922 | Oct 24 2002 21:41:37 | db03d67f3f01a9badd1d398868b94862 |
| Virgil CGI Scanner by Mark Ruef has a vulnerability where user input is trusted without being sanitized and is actually populating bash variables which end up getting executed. Simple exploit examples are included. By KALIF research group, Joschka Fischer |
| gm012-more-ie.txt | 4927 | Oct 24 2002 21:22:39 | 1f5a5fed0d2cb400606aef190e3eef9f |
| Microsoft Internet Explorer versions 5.5 and 6.0 are susceptible to 9 attacks involving object caching. When communicating between windows, security checks ensure that both pages are in the same security zone and on the same domain. These crucial security checks wrongly assume that certain methods and objects are only going to be called through their respective window. This assumption enables some cached methods and objects to provide interoperability between otherwise separated documents. Homepage: http://security.greymagic.com/. By GreyMagic Software |
| wc.tar.gz | 16231 | Oct 24 2002 20:58:22 | 4c26c877c1f0530353bfc2ef74331c67 |
| Two modified versions of the slapper worm exploit made more user-friendly with simple interaction to define what host and port will be hit with the exploit. By aion |
| l-zonealarm.c | 7642 | Oct 22 2002 23:43:22 | 820d0cd440c7a6ca25f87098cfb94cd5 |
| Zone-Labs ZoneAlarm Pro 3.1.291 and 3.0 remote denial of service exploit which consumes all available CPU via synflooding. To fix, update to the newest zonealarm and run windows update. By Lupsyn |
| anhttpd141c_exploit...> | 5696 | Oct 22 2002 00:07:13 | 1f1b01d7ab128a508febb5ff2176e78a |
| AN HTTPD v1.30 to 1.41c remote heap overflow exploit written in java for Japanese Windows 2000 Pro (SP2). Homepage: http://www.jumperz.net. By Kanatoko |
| sendmail-8-11-x.c | 7399 | Oct 22 2002 00:01:13 | 2fe9594bfd8aa84b38546e5e85f92b8a |
| Sendmail 8.11.x linux/x86 local root exploit. Uses gdb to find offsets. By sd[at]sf.cz |
| web602dos.pl | 417 | Oct 21 2002 23:52:53 | 073f82729fa7fdf2640bda249a4d2743 |
| Web602 webserver remote denial of service exploit which uses the com1 windows flaw. By eip aka deadbeat aka AnGrY_SQl |
| web602dir.pl | 577 | Oct 21 2002 23:51:59 | c3828ca76731be0eeaafc1af5b545a8d |
| Web602 (Czech version) directory tree exploit. By eip aka deadbeat aka AnGrY_SQl |
| bop.pl | 1947 | Oct 20 2002 22:58:26 | 9350db07af8a58ea99c7d027033e8a96 |
| PlanetDNS v1.14 remote buffer overflow exploit which sends 6K of data to port 80 of PlanetWeb. By Securma Massine |
| tomcat.dos.sh | 2317 | Oct 16 2002 22:52:33 | d350ab2f1f17570561020752a2d24d68 |
| Apache Tomcat 3.3 and 4.0.4 for Windows NT and 2000 remote denial of service exploit. Uses device names like AUX, LPT1, CON, and PRN to crash the server. Homepage: http://www.dcert.de. By Olaf Schulz |
| kitkat.pl | 1296 | Oct 16 2002 22:46:39 | bf6c938417e1bb5537a706e1f973e070 |
| Kitkat.pl exploits a directory traversal bug in webMathematica v1.0.0 and 1.0.0.1. Homepage: http://legion2000.security.nu. By NTFX |
| GetAd.c | 3560 | Oct 16 2002 19:51:13 | 5aaf16bbab2ab14dcbff5aa6879af839 |
| GetAd.c is a new Windows 2000 local exploit which gains Local System rights on Win2k SP1-3 be taking advantage of the NetDDE window of winlogon with a shatter attack. Binaries available here. SecurityFocus vulnerability information available here. Homepage: http://getad.chat.ru. By Serus |
| gm011-ie.txt | 3810 | Oct 16 2002 19:24:10 | c4e9108a3cc65e6a2d639324e9ba64d3 |
| Internet Explorer 5.5 SP2 and Internet Explorer 6 allow the oIFrameElement.Document reference to return a document with no security restrictions, allowing remote attackers to steal cookies from any site, gain access to content in sites (forging content), read local files and execute arbitrary programs on the client's machine. Exploit HTML included which reads the client's google.com cookie. IE6 SP1 is not affected. Four demonstration exploits are available here. Homepage: http://security.greymagic.com. By GreyMagic Software |
| neuter.c | 5419 | Oct 15 2002 05:39:38 | 309ea638b470473176e87002adebaf66 |
| Remote denial of service exploit that can be used against systems running Apache Tomcat (versions prior to 4.1.10) combined with IIS. Homepage: http://www.enzotech.net By bmbr. |
| analogx-socks4a.sbal..> | 11502 | Oct 14 2002 07:51:26 | c262c0d90d724ec4b9601631e027d683 |
| This is an exploit for AnalogX Proxy 4.10 configurations running on Windows 2000 Pro (SP2). The exploit binds a shell to port 8008 TCP. By Grange |
| euxploit.zip | 12709 | Oct 9 2002 19:51:04 | 796d31fc38fbdbd23f050a46fee29a69 |
| Remote exploit for the Eudora v5.x boundary buffer overflow. Works against Eudora v5.1 and 5.1.1 and is independent of Windows version. By Vecna |
| ChmOverflow.zip | 12979 | Oct 9 2002 19:41:06 | 3e134633e8a21051ff9f3c15d47c266d |
| Windows Help Buffer Overflow proof of concept remote exploit in Visual Basic 6. Starts a cmd.exe shell on Microsoft Windows XP Kernel Version 5.1.2600.0. Includes source. By Sylvain Descoteaux |
| sortrace.c | 8207 | Oct 9 2002 19:39:55 | b8b7f19d1870423e791ef80cef6f50a7 |
| Linux Traceroute v1.4a5 and below local root exploit which takes advantage of a malloc chunk vulnerability. Uses gdb to find offsets. By Sorbo |
| sunos_telnet_for_cyg..> | 431031 | Oct 9 2002 18:14:59 | 19b0e58b22e4cd4e3e8c9cced6a58e76 |
| The Solaris 2.6, 7, and 8 /bin/login TTYPROMPT remote exploit compiled with Cygwin for Windows. Tested against SunOS 5.5, 5.5.1, 5.6, 5.7, 5.8 Sparc and SunOS 5.6, 5.7, 5.8 x86. Homepage: http://www.cnhonker.net. Ported by Lion |
| iosmash2.c | 2150 | Oct 6 2002 17:12:32 | 7b28078a9bc5a3407f5939b88d2cf0ec |
| Iosmash2.c is a local root exploit for the FreeBSD file descriptors kernel bug that resides in all releases of FreeBSD up to and including 4.6-RELEASE. The exploit create 5 valid root passwords that give instant root access trough S/key. Homepage: http://www.l33tsecurity.com. By Dvdman |
| onelove.c | 13998 | Oct 5 2002 09:49:39 | e063bb014f958db8cdaa416b1bd1e98b |
| This is proof of concept code that demonstrates how commands can be injected in a ptraced telnet/ssh session. By xenion. |
| telnet.c | 6065 | Oct 4 2002 00:25:15 | 68bddb79920400ed85b5fa28ba605aaa |
| SunOS 5.5, 5.5.1 and Solaris 2.6, 2.7, and 2.8 SPARC and SunOS 5.7 and 5.8 x86 /bin/login TTYPROMPT remote exploit. Homepage: http://www.cnhonker.com. By Lion |
| bearshare.4.0.6.txt | 2024 | Oct 4 2002 00:19:54 | 4deb6c402a2323bbbb6d32da4944cd84 |
| Bearshare v4.0.6 and below is contains a directory traversal bug which allows remote attackers to view any file on the system by sending a specially crafted HTTP request. Exploit URL's included. Homepage: http://www.BeyondSecurity.com. By Gluck, Mario Solares, Aviram Jenik |
| hackingcitrix.txt | 17406 | Oct 2 2002 20:02:00 | 61e74e786bf9267b909c01e175a4c699 |
| Citrix is a Remote Desktop application that is becoming widely popular. It is similar to Microsoft's Terminal Services, RDP (Remote Desktop Protocol). Unlike Terminal Services, Citrixs' lines of products allow the administrator to specify certain applications to be run on the server. This allows them to control which programs they want to allow the end user to execute. There exists an interesting gray line for the security of Citrix applications due to the mixing of both Citrix technology, and Microsoft technology. With an application that allows users remote access to not only published programs, but remote desktops, a serious threat arises. By wirepair |
| solaris.login.txt | 1203 | Oct 2 2002 13:35:08 | 37c0ebd7f767b321deb20890747689f2 |
| This document describes how to compromise Solaris systems prior to version 9 by using a telnet client only. By Jonathan Stuart. |
