.:[packet storm]:. ArchivesForums
 

 
 
about | forums | assessment | defense | papers | magazines | miscellaneous | links


To change sort order, click on the category. Sorted By: File Size.
.: 0212-exploits
File Name File Size Last Modified MD5 Checksum
2002-exploits.tgz31818360Jan 4 00:29:17 2003ce6c457e913570c741686a53741ece29
Packet Storm new exploits for the year of 2002.
0212-exploits.tgz148326Jan 4 00:07:04 2003453e3d39455acc5c7122b54181521176
Packet Storm new exploits for December, 2002.
sshredder.zip140583Dec 16 07:49:06 2002c881f91b25b48985902a3e039c6a1e2b
Denial of service exploit for SSH servers and clients from several vendors containing vulnerabilities in the greeting and key-exchange-initialization phases of the SSHv2 transport layer that allow denial of service attacks and/or arbitrary code execution. OpenSSH, SecureCRT, and LSH are not affected - vulnerable versions include F-Secure 3.1.0 and below for unix and v5.2 and below for Windows, SSH 3.2.2 and below for windows and unix, putty v0.53 and below, WinSCP 2.0.0 and below, and more. Includes binary files which can be sent to ssh servers or clients via netcat.  Homepage: http://www.rapid7.com/. By Rapid 7 Security Advisories
s8exp.tar.gz65057Dec 4 23:31:01 20023bcd21292d299854b6e37baa019b5277
Solaris 8 local root exploit which uses ../../../tmp/module to cause priocntl(2) to load a module from anywhere. Includes 32 and 64 bit versions with source and binaries.  Homepage: http://www.catdogsoft.com/S8EXP. By Catdog
telnetjuarez.c25004Dec 24 01:33:08 2002434ec5141e899879ea5f80edadf2238e
Fake Freebsd-4.6 remote telnetd setenv() heap overflow exploit which is very similar to 7350854.c. By Leech.
kadmin18864Dec 24 01:37:05 20028552bda183d078984fb3df592e0d2a7c
Krb 4-1.2 kadmind remote stack overflow remote root exploit for FreeBSD 4.x, BSD/OS 4.2, SUSE 8.0, OpenBSD 2.9 and 3.0, Slackware 8.0, and OpenWall 0.10.
0x09wule.c8228Dec 24 01:05:10 2002a7b2bf13c624a3f76c3a4f0b91a59c30
0x09wule.c is a Linux/x86 wu-ftpd v2.6.2(1) remote root exploit. Tested against RedHat 7.2 running wu-ftpd-2.6.2(1) on the default install. Note: This exploit is reported to be old and does not work. By Sunnyholer.
IP-putty.c6778Dec 28 18:04:45 200288a62418d110db66cf4e541618555d63
Putty v0.52 and below remote exploit which is a fake ssh server to exploit connecting putty clients. Downloads and executes an attacker supplied URL. Tested on linux and Cygwin against putty 0.52 running on WinXP and Win2000.  Homepage: http://www.iproyectos.com. By Rand and Dani
UC-login.c5049Dec 10 21:59:25 2002180ea267a0b7c499b5c699db698c7d7e
SunOS 5.6,5.7,5.8 remote /bin/login root exploit which uses the vulnerability described here. By Mikecc
raqrewt.c5021Dec 18 08:13:22 200240a09252eaa231589406cc33f8cef2da
Cobalt RaQ 4 and possibly others overflow.cgi remote root exploit which takes advantage of a flaw in the Security Hardening Package.  Homepage: http://www.i-security.nl. By Grazer
pc-cillin.pl4683Dec 10 22:14:30 2002f8b00015a53191bec894d80a93c87fa5
Pc-cillin pop3trap.exe buffer overflow exploit in perl. Return address is off a little making it a denial of service exploit, but could be tweaked to execute shellcode that downloads a trojan. By Deadbeat
tcpdumpFBSD363.c4211Dec 24 01:28:36 2002dd364284b9e6dca09cb5ff4e7d13c6b5
Tcpdump v3.6.3 remote root exploit. Tested against FreeBSD-4.6. By Icesk.
0x3a0x29wuim.c2961Dec 24 01:07:59 20028d14482320cf3f9273391a43e04ffa6b
WU-IMAP v2000.287 linux/x86 remote root exploit. Tested against Debian 2.2. This code is also known as 7350owex.c. By Dekadish.
shutdown_Cups.c2931Dec 28 19:31:08 200233fa36c03919bbd5f1ee1380d2894ad8
Cups-1.1.17 and below remote denial of service exploit. Tested against Red Hat Linux 7.0 and 7.3.  Homepage: http://qb0x.net. By Gabriel Maggiotti
efshit.c2928Dec 27 13:57:35 2002c86684fda6ee684ff958d8fa296443cf
Efshit is an exploit for the efstool vulnerability. Unlike other exploits for this vulnerability, Efshit is robust, has a wide range of attack options, incorporates brute forcing, and actually works.  Homepage: http://www.t3chware.net. By Hi_Tech_Assassin
mbof.c2857Dec 24 08:08:15 2002eb0643524b95dd0331af7784ffa7fcf1
Remote buffer overflow exploit for the melange chat server v1.10. Tested on SuSE 8.0 and Redhat 7.3. By Innerphobia
efs_local.c2648Dec 29 17:21:15 2002f29042b9530123b03028e704e90234b6
Efs_local.c is a stack based local root buffer overflow exploit for Linux/x86. Tested against Gentoo Linux 1.4-rc1, RedHat Linux 8.0, and Slackware Linux 8.0 and 8.1. By N. Kursu
cy.c2495Dec 24 01:30:30 2002afbe9453571139bd2ac3ca8601630a09
Cyrus-imap v2.1.10 remote exploit. Tested against Slackware linux v8.0 with glibc-2.2.3 and kernel 2.4.19. Localhost IP is hard coded. By Irian
sfx_exploit.c2253Dec 28 22:41:15 2002386bbe466f4dc4f6b60932f86f505f57
Local proof of concept for non-setuid binary /bin/sfxload which overflows the $HOME environment variable. Tested on Red Hat 7.0 and 7.2. Other setuid programs may call this binary, leading to privilege escalation.  Homepage: http://qb0x.net. By Gabriel Maggiotti
dsinet-sa-02-01.txt2221Dec 29 18:39:56 20029e05f4bff7b36055b12b943053e7f744
DSINet Security Advisory DSINET-SA-02-01 - Web-CyrAdm v0.5.2 and below contains a remote denial of service vulnerability.  Homepage: http://www.dsinet.org. By Casper Aleva
mount.c1545Jan 3 22:41:53 20039c5108f6f9cb3decf85a8ce507021c58
/usr/sbin/rpc.mountd Local Exploit tested on Slackware 8.1. Test only - not setuid. By Knight420
chatex.c1352Dec 10 21:03:32 20022f87064e42d4210e5b0acb1de6d2152f
/usr/sbin/chat buffer overflow exploit local exploit. Tested on Redhat 6.2. Chat is not suid by default.  Homepage: http://www.b0f.net. By Faulty
ifenslave.c1319Dec 24 01:19:10 2002da70c26f960c310b74891c2f214de527
Local /sbin/ifenslave buffer overflow exploit tested on Redhat 8.0.  Homepage: http://nerf.ru. By v1pee//nerf
mdexp.pl1294Jan 3 22:51:03 2003c95b1b65abc81c62640de36bf94c38c5
Mdaemon v6.0.7 and below remote denial of service exploit in perl. Exploits the bug described in mdaemon-dos.txt. By Knight420
sendfaild.c1133Dec 10 21:50:36 2002db9812c4b32373da099f7a1f6bf9750a
Sendmaild.c is a local root exploit for Sendmail on BSD. Exploits the bug discussed in FreeBSD-SA-01:57. Tested on FreeBSD 4.3-RELEASE with Sendmail 8.11.3.  Homepage: http://lbyte.void.ru. By CrZ
lostlink.pl1099Jan 3 22:40:00 2003a4b67b702b4045bae93608c4ba317be6
Linksys BEFSR41 EtherFast Cable/DSL Router remote denial of service exploit in perl. By Knight420
emptypockets.pl1090Jan 3 22:38:49 2003373793432a81107beaf59a83fb7bb138
IBM Web Traffic Express Caching Proxy Server v3.6 and 4.x (bundled with IBM WebSphere Edge Server v2.0) remote denial of service exploit in perl. Exploits the bug described in R7-0007.txt. By Knight420
sphere.pl861Jan 3 22:47:53 20033c7aacf9698a10ab71781ea6ced694ef
IBM Websphere 4.0.3 for Windows 2000 Server remote denial of service exploit in perl. Exploits the bug described in websphere.crash.txt. Knight420
prodos.sh636Dec 10 20:42:27 20020
sorry, a description is unavailable.

 
 
Privacy Statement