File Name |
File Size |
Last Modified |
MD5 Checksum |
0212-exploits.tgz | 148326 | Jan 4 00:07:04 2003 | 453e3d39455acc5c7122b54181521176 |
Packet Storm new exploits for December, 2002. |
0x09wule.c | 8228 | Dec 24 01:05:10 2002 | a7b2bf13c624a3f76c3a4f0b91a59c30 |
0x09wule.c is a Linux/x86 wu-ftpd v2.6.2(1) remote root exploit. Tested against RedHat 7.2 running wu-ftpd-2.6.2(1) on the default install. Note: This exploit is reported to be old and does not work. By Sunnyholer. |
0x3a0x29wuim.c | 2961 | Dec 24 01:07:59 2002 | 8d14482320cf3f9273391a43e04ffa6b |
WU-IMAP v2000.287 linux/x86 remote root exploit. Tested against Debian 2.2. This code is also known as 7350owex.c. By Dekadish. |
2002-exploits.tgz | 31818360 | Jan 4 00:29:17 2003 | ce6c457e913570c741686a53741ece29 |
Packet Storm new exploits for the year of 2002. |
chatex.c | 1352 | Dec 10 21:03:32 2002 | 2f87064e42d4210e5b0acb1de6d2152f |
/usr/sbin/chat buffer overflow exploit local exploit. Tested on Redhat 6.2. Chat is not suid by default. Homepage: http://www.b0f.net. By Faulty |
cy.c | 2495 | Dec 24 01:30:30 2002 | afbe9453571139bd2ac3ca8601630a09 |
Cyrus-imap v2.1.10 remote exploit. Tested against Slackware linux v8.0 with glibc-2.2.3 and kernel 2.4.19. Localhost IP is hard coded. By Irian |
dsinet-sa-02-01.txt | 2221 | Dec 29 18:39:56 2002 | 9e05f4bff7b36055b12b943053e7f744 |
DSINet Security Advisory DSINET-SA-02-01 - Web-CyrAdm v0.5.2 and below contains a remote denial of service vulnerability. Homepage: http://www.dsinet.org. By Casper Aleva |
efs_local.c | 2648 | Dec 29 17:21:15 2002 | f29042b9530123b03028e704e90234b6 |
Efs_local.c is a stack based local root buffer overflow exploit for Linux/x86. Tested against Gentoo Linux 1.4-rc1, RedHat Linux 8.0, and Slackware Linux 8.0 and 8.1. By N. Kursu |
efshit.c | 2928 | Dec 27 13:57:35 2002 | c86684fda6ee684ff958d8fa296443cf |
Efshit is an exploit for the efstool vulnerability. Unlike other exploits for this vulnerability, Efshit is robust, has a wide range of attack options, incorporates brute forcing, and actually works. Homepage: http://www.t3chware.net. By Hi_Tech_Assassin |
emptypockets.pl | 1090 | Jan 3 22:38:49 2003 | 373793432a81107beaf59a83fb7bb138 |
IBM Web Traffic Express Caching Proxy Server v3.6 and 4.x (bundled with IBM WebSphere Edge Server v2.0) remote denial of service exploit in perl. Exploits the bug described in R7-0007.txt. By Knight420 |
ifenslave.c | 1319 | Dec 24 01:19:10 2002 | da70c26f960c310b74891c2f214de527 |
Local /sbin/ifenslave buffer overflow exploit tested on Redhat 8.0. Homepage: http://nerf.ru. By v1pee//nerf |
IP-putty.c | 6778 | Dec 28 18:04:45 2002 | 88a62418d110db66cf4e541618555d63 |
Putty v0.52 and below remote exploit which is a fake ssh server to exploit connecting putty clients. Downloads and executes an attacker supplied URL. Tested on linux and Cygwin against putty 0.52 running on WinXP and Win2000. Homepage: http://www.iproyectos.com. By Rand and Dani |
kadmin | 18864 | Dec 24 01:37:05 2002 | 8552bda183d078984fb3df592e0d2a7c |
Krb 4-1.2 kadmind remote stack overflow remote root exploit for FreeBSD 4.x, BSD/OS 4.2, SUSE 8.0, OpenBSD 2.9 and 3.0, Slackware 8.0, and OpenWall 0.10. |
lostlink.pl | 1099 | Jan 3 22:40:00 2003 | a4b67b702b4045bae93608c4ba317be6 |
Linksys BEFSR41 EtherFast Cable/DSL Router remote denial of service exploit in perl. By Knight420 |
mbof.c | 2857 | Dec 24 08:08:15 2002 | eb0643524b95dd0331af7784ffa7fcf1 |
Remote buffer overflow exploit for the melange chat server v1.10. Tested on SuSE 8.0 and Redhat 7.3. By Innerphobia |
mdexp.pl | 1294 | Jan 3 22:51:03 2003 | c95b1b65abc81c62640de36bf94c38c5 |
Mdaemon v6.0.7 and below remote denial of service exploit in perl. Exploits the bug described in mdaemon-dos.txt. By Knight420 |
mount.c | 1545 | Jan 3 22:41:53 2003 | 9c5108f6f9cb3decf85a8ce507021c58 |
/usr/sbin/rpc.mountd Local Exploit tested on Slackware 8.1. Test only - not setuid. By Knight420 |
pc-cillin.pl | 4683 | Dec 10 22:14:30 2002 | f8b00015a53191bec894d80a93c87fa5 |
Pc-cillin pop3trap.exe buffer overflow exploit in perl. Return address is off a little making it a denial of service exploit, but could be tweaked to execute shellcode that downloads a trojan. By Deadbeat |
prodos.sh | 636 | Dec 10 20:42:27 2002 | 0 |
sorry, a description is unavailable. |
raqrewt.c | 5021 | Dec 18 08:13:22 2002 | 40a09252eaa231589406cc33f8cef2da |
Cobalt RaQ 4 and possibly others overflow.cgi remote root exploit which takes advantage of a flaw in the Security Hardening Package. Homepage: http://www.i-security.nl. By Grazer |
s8exp.tar.gz | 65057 | Dec 4 23:31:01 2002 | 3bcd21292d299854b6e37baa019b5277 |
Solaris 8 local root exploit which uses ../../../tmp/module to cause priocntl(2) to load a module from anywhere. Includes 32 and 64 bit versions with source and binaries. Homepage: http://www.catdogsoft.com/S8EXP. By Catdog |
sendfaild.c | 1133 | Dec 10 21:50:36 2002 | db9812c4b32373da099f7a1f6bf9750a |
Sendmaild.c is a local root exploit for Sendmail on BSD. Exploits the bug discussed in FreeBSD-SA-01:57. Tested on FreeBSD 4.3-RELEASE with Sendmail 8.11.3. Homepage: http://lbyte.void.ru. By CrZ |
sfx_exploit.c | 2253 | Dec 28 22:41:15 2002 | 386bbe466f4dc4f6b60932f86f505f57 |
Local proof of concept for non-setuid binary /bin/sfxload which overflows the $HOME environment variable. Tested on Red Hat 7.0 and 7.2. Other setuid programs may call this binary, leading to privilege escalation. Homepage: http://qb0x.net. By Gabriel Maggiotti |
shutdown_Cups.c | 2931 | Dec 28 19:31:08 2002 | 33fa36c03919bbd5f1ee1380d2894ad8 |
Cups-1.1.17 and below remote denial of service exploit. Tested against Red Hat Linux 7.0 and 7.3. Homepage: http://qb0x.net. By Gabriel Maggiotti |
sphere.pl | 861 | Jan 3 22:47:53 2003 | 3c7aacf9698a10ab71781ea6ced694ef |
IBM Websphere 4.0.3 for Windows 2000 Server remote denial of service exploit in perl. Exploits the bug described in websphere.crash.txt. Knight420 |
sshredder.zip | 140583 | Dec 16 07:49:06 2002 | c881f91b25b48985902a3e039c6a1e2b |
Denial of service exploit for SSH servers and clients from several vendors containing vulnerabilities in the greeting and key-exchange-initialization phases of the SSHv2 transport layer that allow denial of service attacks and/or arbitrary code execution. OpenSSH, SecureCRT, and LSH are not affected - vulnerable versions include F-Secure 3.1.0 and below for unix and v5.2 and below for Windows, SSH 3.2.2 and below for windows and unix, putty v0.53 and below, WinSCP 2.0.0 and below, and more. Includes binary files which can be sent to ssh servers or clients via netcat. Homepage: http://www.rapid7.com/. By Rapid 7 Security Advisories |
tcpdumpFBSD363.c | 4211 | Dec 24 01:28:36 2002 | dd364284b9e6dca09cb5ff4e7d13c6b5 |
Tcpdump v3.6.3 remote root exploit. Tested against FreeBSD-4.6. By Icesk. |
telnetjuarez.c | 25004 | Dec 24 01:33:08 2002 | 434ec5141e899879ea5f80edadf2238e |
Fake Freebsd-4.6 remote telnetd setenv() heap overflow exploit which is very similar to 7350854.c. By Leech. |
UC-login.c | 5049 | Dec 10 21:59:25 2002 | 180ea267a0b7c499b5c699db698c7d7e |
SunOS 5.6,5.7,5.8 remote /bin/login root exploit which uses the vulnerability described here. By Mikecc |