Section: .. / 0303-exploits /

Page 1 of 2
<< 1 2 >> Files 1 - 25 of 40

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	0303-exploits.tgz
Description:	Packet Storm new exploits for March, 2003.
File Size:	631802
Last Modified:	Sep 23 20:38:21 2003
MD5 Checksum:	8de821018c3d03573538a1be238a2355

/// File Name:	0x333cya.tar.gz
Description:	0x333cya.tar.gz is a Mandrake 9.0 local root exploit which uses bugs in the printer-drivers package. Cya.c gets group sys privileges with a bug in /usr/bin/mtink, and anger.c uses the sys privileges to exploit a bug in /usr/bin/ml85p, spawning a root shell.
Author:	Cowboy
Homepage:	http://www.0x333.org
File Size:	1682
Last Modified:	Mar 3 07:10:12 2003
MD5 Checksum:	c6654bda25cad0217945eee8922be483

/// File Name:	0x333toper-local.c
Description:	Local exploit that yields gid of games for /usr/bin/toppler. Tested against RedHat 8.0.
Author:	nic
Homepage:	http://www.0x333.org
File Size:	4039
Last Modified:	Jul 18 03:27:33 2003
MD5 Checksum:	3227eb42cffcb5a73535d8935e16bc6c

/// File Name:	85deadelf.c
Description:	Exploit for the file(1) buffer overflow vulnerability found by iDEFENSE. When file is run upon this binary, a shell is bound to port 2003.
Author:	CrZ
File Size:	3589
Last Modified:	Mar 7 08:17:08 2003
MD5 Checksum:	a353c1302cbcbc300c36e3265e98f555

/// File Name:	85pxe.c
Description:	Remote exploit for Intel's PXE (Pre-boot eXecution Environment) daemon on RedHat Linux 8.0.
Author:	CrZ, LByte
Homepage:	http://lbyte.void.ru
File Size:	5696
Last Modified:	Mar 17 07:35:29 2003
MD5 Checksum:	2f512e5088c11ba8c64b2bfd733a7f06

/// File Name:	alexandria.txt
Description:	Alexandria versions 2.5 and 2.0, the open-source project management system used by Sourceforge, has multiple vulnerabilities in its PHP scripts. In the upload scripts there is a lack of input validation that allows an attacker to remotely retrieve any files off of the system, such as /etc/passwd. Other vulnerabilities including the sendmessage.php script allowing spammers to make use of it to mask real source identities and various cross site scripting problems exist as well.
Author:	Ulf Harnhammar
Homepage:	http://www.secunia.com/
File Size:	6179
Last Modified:	Mar 29 09:12:11 2003
MD5 Checksum:	53ef53a2cf3fb8f1209246dfd6d1f124

/// File Name:	axis1exp-13_3_0.c
Description:	Exploit for remote administrative access on the freeware Ultima Online server emulator from sphereserver.com. Tested against axissvr 0.13.3.0.
Author:	sloth
Homepage:	http://www.nopninjas.com
File Size:	4093
Last Modified:	Jul 6 21:47:07 2003
MD5 Checksum:	a91fed4ea17cee3ec66f075169cff84e

/// File Name:	core.gnome.txt
Description:	CORE Security Technologies Advisory - A vulnerability exists in GNOME's Eye of Gnome versions 2.2.0 and below that is locally exploitable. When EOG is used as a default image viewer, it takes in the image name as a command line argument and in turn can execute arbitrary commands with the privileges of the user attempting to view the image.
Homepage:	http://www.coresecurity.com
File Size:	5543
Last Modified:	Mar 29 09:03:13 2003
MD5 Checksum:	b683e87cc57b124ad78cf448c8ab8409

/// File Name:	cpanel.exe
Description:	Remote CGI exploit written in Perl for Cpanel 5 Guestbook. Spawns a bash shell with the uid of the webserver. Windows version. Warning: Use this binary at your own risk.
Author:	Spabam
Homepage:	http://spabam.tk
File Size:	960370
Last Modified:	Mar 11 04:06:39 2003
MD5 Checksum:	4f268fd0b9bbd2b1a18650f544f0492a

/// File Name:	cpanel.pl
Description:	Remote CGI exploit written in Perl for Cpanel 5 Guestbook. Spawns a bash shell with the uid of the webserver.
Author:	Spabam
Homepage:	http://spabam.tk
File Size:	3611
Last Modified:	Mar 14 16:49:18 2003
MD5 Checksum:	b74b98833c694b43c9004d61d7c35c97

/// File Name:	DSR-toppler.pl
Description:	Local exploit to get gid of games for toppler.
Author:	Kokanin
Homepage:	http://www.dtors.net
File Size:	592
Last Modified:	Mar 11 03:17:28 2003
MD5 Checksum:	cff54e7df97086e60b0a29f381d442d0

/// File Name:	DSR-unreal.c
Description:	Local exploit for Unreal IRC daemon 3.2.
Author:	Rave
Homepage:	http://www.dtors.net
File Size:	1773
Last Modified:	Mar 11 03:19:46 2003
MD5 Checksum:	3944c76e3276bbbb584f20f211bc1545

/// File Name:	elfrape.c
Description:	Proof of concept exploit that will patch an ELF binary to utilize the stack overflow in file 3.39 and below. If someone runs file against said binary, a suid shell is created as /tmp/.sh of that uid.
File Size:	9233
Last Modified:	Jun 22 07:32:46 2004
MD5 Checksum:	b1285b85abea7af08f5c4dc1bf2c4338

/// File Name:	elfrape2.c
Description:	Proof of concept exploit that will patch an ELF binary to utilize the stack overflow in file 3.39 and below. If someone runs file against said binary, a suid shell is created as /tmp/.sh of that uid. New version works on both Linux and the BSDs .
File Size:	4791
Last Modified:	Jun 22 07:33:03 2004
MD5 Checksum:	7d7f9c560785a0ae752cb43a175504ba

/// File Name:	ftpd.pl
Description:	The CuteFTP 5.0 client is vulnerable to an overflow in the LIST response. This exploit spawns a fake FTP daemon that will take advantage of an inbound vulnerable client.
Author:	snooq
Homepage:	http://www.angelfire.com/linux/snooq/
File Size:	2836
Last Modified:	Mar 29 05:44:14 2003
MD5 Checksum:	2ec2f7ed3b9660b30d8669fe95b5e839

/// File Name:	fws160.txt
Description:	Forum Web Server v1.60 has multiple vulnerabilities including a directory traversal that can be used to get usernames and passwords for the server and a cross site scripting vulnerability during message replies.
Author:	Dennis Rand
Homepage:	http://www.Infowarfare.dk/
File Size:	3727
Last Modified:	Mar 7 09:59:47 2003
MD5 Checksum:	f2d5d6463673b7a4caa5d34559f0ed13

/// File Name:	gespuis.c
Description:	Gespuis acts as an irc bouncer and exploits BitchX/Epic clients spawning a bindshell.
Author:	eSDee
Homepage:	http://www.netric.org
File Size:	38855
Last Modified:	Mar 29 06:21:14 2003
MD5 Checksum:	3ca5ef2ff1acf701252d9a1695323968

/// File Name:	hoagie_solarisldap.c
Description:	Local exploit for the SUNWlldap library buffer overflow vulnerability on Sun Solaris x86.
Author:	Andi
File Size:	4272
Last Modified:	Mar 14 20:48:09 2003
MD5 Checksum:	61e4ea12099a43481c81da63481e4cc7

/// File Name:	kebi.txt
Description:	INetCop Security Advisory #2002-0x82-013 - The Kebi Academy 2001 Web Solution suffers from a basic directory traversal vulnerability which may allow remote attackers to execute code on the server.
Author:	dong-houn yoU
File Size:	2012
Last Modified:	Mar 17 20:06:18 2003
MD5 Checksum:	170b01b195b33ebb9f6ea136257d9c6b

/// File Name:	lhttpd00r.c
Description:	LHTTPd 0.1 remote buffer overflow exploit for the Win32 platform. This exploits a buffer overflow in GET request handling of HTTPd 0.1 for Microsoft Windows and binds a shell to the desired port.
Author:	uid0x00
File Size:	7969
Last Modified:	Mar 4 06:14:10 2003
MD5 Checksum:	91f2bbbde3b22b3d8b5d11536dccfa80

/// File Name:	mailex-gen.c
Description:	pgp4pine local exploit for version 1.76 (and possibly below) for the buffer overflow which allows specially crafted emails the ability to execute arbitrary code on the recipient box when the mail is opened.
Author:	Eric AUGE
File Size:	2778
Last Modified:	Mar 13 03:53:36 2003
MD5 Checksum:	76503e21270ebc034fdc743270bb6075

/// File Name:	oC-localX.c
Description:	oC-localX.c is a XFree86 Version 4.2.x local root exploit which overflows the XLOCALEDIR environment variable. Tested against Slackware 8.1.
Author:	Dcryptr, Tarranta
Homepage:	http://crionized.net
File Size:	5822
Last Modified:	Mar 3 07:51:54 2003
MD5 Checksum:	79b1d63117f04cf3bf5dc206a4169cdf

/// File Name:	oC-zlib.c
Description:	Zlib gzprintf() proof-of-concept buffer overflow exploit.
Author:	dcryptr
Homepage:	http://crionized.net
File Size:	1530
Last Modified:	Nov 24 20:04:40 2003
MD5 Checksum:	d5b1906d63b88374446744f7749febd4

/// File Name:	OpenFuck.c
Description:	Remote exploit for Apache + OpenSSL v0.9.6d and below. This exploit is based upon the openssl-too-open exploit by Solar Eclipse and offers more than 130 targets including various flavors of Linux.
Author:	Spabam
Homepage:	http://spabam.tk
File Size:	33244
Last Modified:	Mar 14 17:41:29 2003
MD5 Checksum:	b6a3b4dc6f8899a7d85a1f7318d8bce4

/// File Name:	outblaze.txt
Description:	Outblaze web based email is vulnerable to user cookie spoofing that will allow an attacker to retrieve a user's password.
Author:	Xpl017Elz
File Size:	8514
Last Modified:	Mar 17 20:12:15 2003
MD5 Checksum:	e5b6b1ace59084e8b7a607d370416569