File Name |
File Size |
Last Modified |
MD5 Checksum |
0211-exploits.tgz | 223311 | Dec 4 23:21:04 2002 | 983f14ce602bbef6a9a8f47f2f99a103 |
Packet Storm new exploits for November, 2002. |
0x82wsmp3.c | 10442 | Nov 30 12:41:45 2002 | d511e3b41688c8eb1d3e2e07d7e128d4 |
WSMP3 Remote root exploit for Linux which spawns a shell on tcp port 36864. Homepage: http://x82.i21c.net. By Xpl017Elz |
artyfarty.c | 1525 | Dec 24 01:09:32 2002 | 5d4fe9514d8fcdb1df0501a379536b86 |
artyfarty.c is a local /opt/kde/bin/artswrapper exploit tested against Slakware 8.1. By Knight420. |
cvsupd-startup.txt | 682 | Nov 12 06:10:23 2002 | 99f103b1c7bc137c474f67b70b742c5f |
This email describes a temporary file vulnerability that exists in the cvsupd startup script that comes with the FreeBSD cvsup port. A fix for this issue can be found here. By Joshua Goodall |
d7-mdaemonx.c | 9395 | Nov 19 08:23:57 2002 | 826436855e62f7b3eb25b44c814679dd |
Mdaemon v6.0.7 and below remote denial of service exploit which takes advantage of the UIDL bug. Exploit code tested to run on Redhat8 and FreeBSD 4.7-STABLE. Requires POP3 account on vulnerable daemon. Homepage: http://www.division7.us. By Phrail, Smurf, and Elu1d |
exploitipppd.c | 7053 | Nov 16 18:34:33 2002 | 27f0912fe4731939f9c6c5d741f2eaa1 |
Another exploit for ipppd, the daemon that is part of the isdn4linux-utils package and is part of the default install for many linux distributions. Tested on SuSE 7.3 and should work on SuSE 8.0. Anonymously submitted. |
ex_cifslogin.c | 1440 | Nov 16 21:06:24 2002 | a5c4c35b2cef9d42a894f614dadc63f7 |
Local root exploit for cifslogin on HP-UX 11.11 and below. By watercloud |
ex_pfinger.c | 3435 | Nov 30 12:31:06 2002 | b0bba19c112e81b8775fde89fcc0dc1a |
Pfinger v0.7.8 and below local root exploit. Tested on Red Hat 7.2 - 8.0, Debian 3.0, Slackware 8.0, FreeBSD-4.6 and OpenBSD-3.1. By Dvdman |
grpck-expl.pl | 2455 | Nov 19 07:56:30 2002 | 4d8850d74917747f5a571735c247166b |
/usr/sbin/grpck proof of concept local exploit. Not setuid by default. Tested on SuSE, Red Hat, Debian, and Mandrake. Homepage: http://www.uhagr.org. By Black Rose |
hlfsd-xp.c | 2875 | Dec 2 21:04:38 2002 | 9785bb5cee9d785c0e97d286f37f68f6 |
Hlfsd local exploit tested on FreeBSD 4.6-STABLE and 4.7-RELEASE. Hlfsd is not SUID by default. By Rooterx |
hudo.c | 20123 | Nov 26 21:57:15 2002 | 42847df931b3d90cce4fe4c5bac5f3ce |
Linux exploit for versions of sudo 1.6.3p7 and below. Takes advantage of the Sudo prompt overflow in v1.5.7 to 1.6.5p2. Detailed exploitation instructions included. By MaXX |
INwebMailServer.txt | 2866 | Nov 13 10:32:31 2002 | 3d4bcdb1ec5958cfbb4d54332825baf0 |
A memory corruption vulnerability exists in INweb Mail Server v2.01. The POP3 server included with INweb Mail Server does not properly handle some types of requests. By submitting a maliciously crafted request to the POP3 server, an attacker could crash the system, resulting in a denial of service. Homepage: http://www.securityoffice.net. By Tamer Sahin |
iplanet-ngxss.sh | 884 | Nov 19 00:27:37 2002 | bfe033f7f720ac34128ceaca8fea4652 |
iPlanet Remote root exploit tested on v4.x up to SP11. Advisory for this bug here. Homepage: http://www.ngsec.com. By Fermín J. Serna |
keyfocus.txt | 1750 | Nov 15 00:07:48 2002 | a3e430d22dba6f1b6b3c1319229d46ee |
The KeyFocus Web server, a Win32 HTTP server with web administration, contains a flaw that enables attackers to traverse above the webroot in the directory structure. Only files with recognized MIME types can be compromised as there are internal defenses by the server that disallow retrieval of other files. By Matt Murphy |
libhttpdbug.txt | 3600 | Nov 16 18:13:57 2002 | b26cb40adf1c2af776a46ec82fd59378 |
INetCop Security Advisory #2002-0x82-003 - LibHTTPD, a utility that can be used to add basic web server capabilities to an application or embedded device, is vulnerable to a buffer overflow which allows remote attackers to gain root access to the system. Homepage: http://wizard.underattack.co.kr/~x82/h0me/adv1sor1es/. By dong-houn yoU |
lightwebug.txt | 11768 | Nov 16 18:10:05 2002 | 25b63cc326162605a0a4d285025ba3ae |
INetCop Security Advisory #2002-0x82-002 - A buffer overflow in Light HTTPd version 1.0 allows for remote attackers to grab a shell or perform related activities as the webserver uid. Homepage: http://wizard.underattack.co.kr/~x82/h0me/adv1sor1es/. By dong-houn yoU |
liteserve.txt | 1666 | Nov 16 19:24:28 2002 | b7fabdfdb7bb9206e4b61e9d0855447e |
A vulnerability in the LiteServe combination server for Win32 exists in that the handling of filenames on Win32 platforms may reveal the code of a desired CGI script to an attacker. Windows handles file names with the period character (0x2E) on the end as if the character had been removed. LiteServe fails to compensate for this behavior, and is vulnerable to a simple CGI disclosure attack. By Matthew Murphy |
lycosxss.txt | 6368 | Nov 5 20:02:00 2002 | 50a95a06f50096614e6980b6d980131b |
Lycos.com, the popular search engine and free e-mail site, has a Cross Site Scripting vulnerability that allows an attacker to fool a victim into clicking on a link to Lycos and in turn the attacker can hijack the Cookies of the victim. By NightHawk |
ora-isqlplus.txt | 1587 | Nov 19 01:05:01 2002 | 327019a2b3830dce9355dbcfa12783ea |
The Oracle iSQL*Plus 91 R1 and R2 web based application has an authentication buffer overflow on all OS's in the User ID parameter which allows remote attackers to execute arbitrary code as the oracle user on Unix and SYSTEM on Windows. Patch available here. Homepage: http://www.ngssoftware.com. By David Litchfield |
PHP.networking_utils | 1244 | Nov 5 20:02:00 2002 | 74dbd4fefec6c5c236118d0f5b03cee4 |
Exploit for the utility networking_utils.php which does not properly sanitize variables from the client side and in turn will allow any remote visitor to view any file on the webserver. By Tacettin Karadeniz |
SavantSlap.zip | 142093 | Nov 16 21:01:13 2002 | 643974eee11381fa51bda2e554138e47 |
Windows with Delphi interface denial of service exploit for Savant HTTP Server 3.0 and below. This exploit utilizes four methods, all from old known vulnerabilities, to crash the daemon. By Tolueno |
SF-talkischeap.pl | 1263 | Nov 24 19:27:15 2002 | 09acae77211b07f74c3142a55a4e2fac |
Calisto Internet Talker Version 0.04 Remote Denial of Service exploit. Homepage: http://www.securityfreaks.com. By subversive |
smartmail.dos.pl | 2042 | Nov 1 00:31:22 2002 | c5f1c7bdc31899ef5c8bb1bdd250f539 |
Smartmail v1.0Beta10 and 2.0 remote denial of service exploit in perl. By Securma Massine |
sorsync.c | 12582 | Nov 16 18:46:30 2002 | 8338e72e4ebeaded8b24ff73a92fee78 |
Remote exploit for rsync version 2.5.1 and below run on Linux. This exploit makes use of a simple frame pointer overflow. By sorbo |
sql2.cpp | 7659 | Nov 19 08:04:59 2002 | 84ce83fb7a4607df03a928124093ee3a |
MSSQL Server 2000 SP0 - SP2 remote exploit which uses UDP to overflow a buffer and send a shell to tcp port 53. By David Litchfield, fixed up by Lion |
sql2.exe | 45056 | Nov 19 08:06:22 2002 | 0c44bf698947b98ba405d11f6ce7a339 |
MSSQL Server 2000 SP0 - SP2 remote exploit which uses UDP to overflow a buffer and send a shell to tcp port 53. Windows binary, C++ source code here. By David Litchfield, fixed up by Lion |
tftpd32.pl | 8962 | Nov 19 00:56:47 2002 | bfdcaf6fee00de1a6085cff776e6672d |
Tftpd TFTP server v2.21 and below remote command execution exploit in perl. Fix available here. Homepage: http://www.SecuriTeam.com. By Aviram Jenik |
tftpd32.traverse.pl | 7938 | Nov 19 00:59:56 2002 | 18d1597e67623da2b320a5e61658f4b9 |
Tftpd TFTP server v2.50.2 and below remote exploit which allows any file on the system to be viewed and written to arbitrary locations. Fix available here. Homepage: http://www.SecuriTeam.com. By Aviram Jenik |
traceroute-exploit.c | 17644 | Nov 30 03:29:51 2002 | fd1b29e427bd7740cdb7f11217170d38 |
Nanog traceroute v6.0 to 6.1.1 local root stack overflow exploit. Tested on SuSE 7.1, 7.2, 7.3 & 8.0, and should work on 7.0 and 6.x. By Carl Livitt |
XSS-Cookie-Advisory...> | 11850 | Nov 16 19:19:31 2002 | 6c8859dbe61b1953b195e03088b63841 |
Cross Site Scripting vulnerabilities exist in the e-mail web services of hotmail.com, yahoo.com, and excite.com. These problems allow for cookie capturing of unsuspecting victims who may easily give up their cookies via clicking on a link in an e-mail or elsewhere and with the link actually pointing to the legitimate site. By NightHawk |
Xsun-expl.c | 6813 | Nov 13 04:24:36 2002 | 69a84aa41d973387c5e4979e6c30abfa |
Xsun-expl.c is a local exploit for the SPARC architecture that makes use of the Xsun -co heap overflow found in April, 2002 on Solaris 2.6, 7, and 8. Homepage: http://www.netric.org/. By gloomy, eSDee |
zeroobug.txt | 5153 | Nov 16 18:17:15 2002 | a842ba1e9a7b5841befe87a3c82fda22 |
INetCop Security Advisory #2002-0x82-004 - Various buffer overflow vulnerabilities exist in Zeroo HTTP Server v1.5. Remote linux exploit included to gain root privileges. Homepage: http://wizard.underattack.co.kr/~x82/h0me/adv1sor1es/. By dong-houn yoU |
zerooexploit.txt | 1018 | Nov 23 17:24:08 2002 | 85ea5cabd6e20390b1eb75c32ad83e69 |
Zeroo HTTPd server remote command execution exploit. Based on advisory by InetCop. By Matt Murphy |