Section:  .. / 0304-exploits  /

Page 2 of 2
<< 1 2 >> Files 25 - 40 of 40
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: hl-headnut.c
Description:
 Denial of service exploit against Half-life servers. After sending 3 specially formed packets the server is unresponsive and there is 100% CPU utilization. Tested against versions 3.1.1.0 under Suse Linux 7.3 and Windows 2000.
Author:delikon
Homepage:http://www.delikon.de
File Size:5367
Last Modified:Apr 10 05:46:54 2003
MD5 Checksum:4b7fdf6ea9c385fa1aa0d71210d8f222

 ///  File Name: coppermine.tgz
Description:
 Coppermine Photo Gallery, the picture gallery which allows users to HTTP upload pictures, fails to extension check pictures that are uploaded. Due to this, a file with the extension .jpg.php can be uploaded allowing a remote attacker to execute commands. Sample .jpg.php included. Patch available here.
Author:Berend-Jan Wever
Homepage:http://spoor12.edup.tudelft.nl
File Size:6446
Last Modified:Apr 10 05:34:32 2003
MD5 Checksum:9dff4ed3d9e5f7147f3f1ea940fe8b22

 ///  File Name: 0x82-Remote.XxxxBSD_passlogd.xpl.c
Description:
 Remote exploit for the buffer overrun found in passlogd on FreeBSD and OpenBSD. Tested against OpenBSD 3.0 and FreeBSD 4.6.2.
Author:Xpl017Elz
Homepage:http://www.inetcop.org/
File Size:13396
Last Modified:Apr 10 03:40:28 2003
MD5 Checksum:fc80e62e429a718916250f5fcf6c842f

 ///  File Name: regexploit.c
Description:
 Local exploit/trojan that makes use of REGEDIT.EXE. Any file containing a value of more than 260 characters causes an error exception by the RegSetValueExW function, which then uses a function of NTDLL.DLL which is vulnerable.
Author:ThreaT
Homepage:http://www.chez.com/mvm
File Size:7095
Last Modified:Apr 5 20:00:24 2003
MD5 Checksum:4e0643d6654634b53c7b22b0a871dc54

 ///  File Name: OpenFuckV2.c
Description:
 Remote exploit for Apache + OpenSSL v0.9.6d and below. This exploit is based upon the openssl-too-open exploit by Solar Eclipse and offers more than 130 targets including various flavors of Linux. Updates: More targets have been added and this version of the exploit also attempts to download the ptrace exploit, compile, and execute it in an attempt to gain root privileges.
Author:Spabam
Homepage:http://spabam.tk
File Size:32221
Last Modified:Apr 5 19:52:29 2003
MD5 Checksum:74736770ccf70b0a51ab16be165f6884

 ///  File Name: abyss.txt
Description:
 The Abyss Web Server v1.1.2 and below has a denial of service vulnerability where the server can be crashed remotely via uncompleted fields.
Author:Auriemma Luigi
Homepage:http://www.pivx.com/luigi/
File Size:6010
Last Modified:Apr 5 19:40:34 2003
MD5 Checksum:03a2daafc99c121f5d3d6d7588bd0929

 ///  File Name: xlock-XLOCALEDIR.c
Description:
 Local root exploit utilizing the overflow in XLOCALEDIR under XFree86 Version 4.2.x using xlock. Written to work on Redhat 7.2.
Author:Omega
File Size:3683
Last Modified:Apr 5 19:24:59 2003
MD5 Checksum:5c46aeb641757ecb42e3148969495004

 ///  File Name: safemode-adv-chitext.txt
Description:
 ChiTeX, the utility used to put Chinese Big5 codes in TeX/LaTeX documents, contains two setuid root binaries that execute cat without using an explicit path allowing an attacker to easily gain root privileges.
Author:zillion
Homepage:http://www.safemode.org/
File Size:2322
Last Modified:Apr 3 17:59:56 2003
MD5 Checksum:f107ca1f74294149bd0cffe342b40ffe

 ///  File Name: 0x82-Remote.passlogd_sniff.xpl.c
Description:
 Remote exploit for the buffer overrun found in passlogd. Target list includes four flavors of Linux with more to come.
Author:Xpl017Elz
Homepage:http://www.inetcop.org/
File Size:11034
Last Modified:Apr 3 17:54:49 2003
MD5 Checksum:83b091d93ebf795346148208ce789b44

 ///  File Name: passlogd.txt
Description:
 A buffer overrun exists in passlogd, the passive syslog capture daemon, in the parse.c code.
Author:Xpl017Elz
Homepage:http://www.inetcop.org/
File Size:6094
Last Modified:Apr 3 07:10:09 2003
MD5 Checksum:c77f0db00f14f1c4b7ee512c80b1ed23

 ///  File Name: rpcexp.c
Description:
 Microsoft Windows RPC Locator Service remote exploit. Binds cmd.exe to port 5151. Tested again Windows 2000 SP3 and Windows NT 4 SP6a.
Author:Marcin Wolak
File Size:7923
Related CVE(s):CAN-2003-0003
Last Modified:Apr 2 23:55:44 2003
MD5 Checksum:1c54314eaaa5599e809910e5ba1957b3

 ///  File Name: ptrace-kmod.c
Description:
 Local root exploit for ptrace/kmod that exploits a race condition which creates a kernel thread in an insecure manner. Works under the 2.2.x and 2.4.x series of kernels.
Author:Wojciech Purczynski
File Size:3921
Last Modified:Apr 2 06:01:21 2003
MD5 Checksum:62a1d99ea86b0d49a09346cb59589f5c

 ///  File Name: SCSA015.txt
Description:
 Security Corporation Security Advisory [SCSA-015]: PowerFTP has a denial of service vulnerability that allows a remote attackers to crash the server by executing a specific command with a buffer of 1994 or 1995 bytes in length or more.
Author:Gregory Le Bras
Homepage:http://www.Security-Corp.org
File Size:8292
Last Modified:Apr 2 01:41:54 2003
MD5 Checksum:d5877935727cdaa8b9cb9ba43c38bdc1

 ///  File Name: DDI1012.txt
Description:
 Digital Defense Inc. Security Advisory DDI-1012 - A malformed request used against HP Instant TopTools versions below 5.55 can cause a denial of service against a host by having it constantly it request itself.
Author:Digital Defense Inc.
Homepage:http://www.digitaldefense.net/
File Size:4016
Last Modified:Apr 2 01:00:01 2003
MD5 Checksum:9450adbf7971ea4c6efc612826915610

 ///  File Name: SCSA014.txt
Description:
 Security Corporation Security Advisory [SCSA-014]: EZ Server, which provides both HTTP and FTP services, has a denial of service vulnerability in the FTP server that allows a remote attackers to crash the server by executing a specific command with a buffer of 1994 or 1995 bytes in length or more.
Author:Gregory Le Bras
Homepage:http://www.Security-Corp.org
File Size:8029
Last Modified:Apr 2 00:45:45 2003
MD5 Checksum:131bdc15f4f9b0e47e5848e82acb7598