Section: .. / 0309-exploits /

Page 1 of 2
<< 1 2 >> Files 1 - 25 of 47

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	0309-exploits.tgz
Description:	Packet Storm new exploits for September, 2003.
File Size:	289863
Last Modified:	Oct 1 18:30:31 2003
MD5 Checksum:	59467f6e73e9c68cdd7add8c6a4a0c31

/// File Name:	Mirc-USERHOST-Poc.zip
Description:	Remote MIRC proof of concept exploit that makes use of an overflow in the USERHOST reply to the mirc-client.
Author:	Sylvain Descoteaux
File Size:	165320
Last Modified:	Sep 25 05:28:19 2003
MD5 Checksum:	0c6308f424c2487217ea6a89f381c512

/// File Name:	sorpine.c
Description:	Remote Pine exploit for versions 4.56 and below. Makes use of a vulnerability discussed here.Binds a shell to port 6682. Written for Slackware 8.0, 8.1, and 9.0 and works for RedHat as well.
Author:	sorbo
Homepage:	http://www.darkircop.org
File Size:	20847
Last Modified:	Sep 16 21:37:14 2003
MD5 Checksum:	f9e9118421a2a9d7c0f6da00eb98f949

/// File Name:	rpcHeap.txt
Description:	A detailed analysis and exploitation of the RPC Long Filename heap overflow found in the CoGetInstanceFromFile API that was originally discovered by NSFOCUS.
Author:	Flashsky
Homepage:	http://www.xfocus.net
Related File:	sa2003-06.txt
File Size:	20562
Related CVE(s):	CAN-2003-0528
Last Modified:	Sep 21 21:22:06 2003
MD5 Checksum:	0c78799bf2460199a346ad31c4598e7d

/// File Name:	xmpg123.c
Description:	mpg123 v0.59r and 0.59s remote client-side heap corruption exploit that makes use of the overflow found in the readstring() function of httpget.c which does not limit the amount of data written to a buffer.
Author:	vade79
File Size:	20282
Last Modified:	Sep 23 17:54:22 2003
MD5 Checksum:	578765a85ce61b5cbc41aa2541e2d7dc

/// File Name:	word.zip
Description:	Exploit that makes use of the Microsoft Word WordPerfect document converter which has been found vulnerable to a buffer overflow when a malicious .doc file is opened.
Author:	valgasu
Homepage:	http://valgasu.rstack.org/
Related File:	mswordcon.txt
File Size:	19944
Last Modified:	Sep 6 03:32:20 2003
MD5 Checksum:	19134e503acc53ad924e617d58add3f7

/// File Name:	MS03-039-linux.c
Description:	Remote Windows exploit for the RPC DCOM long filename heap overflow discovered by NSFOCUS.
Author:	ey4s. This version was ported to Linux by nulluid.
Related File:	sa2003-06.txt
File Size:	13641
Last Modified:	Sep 18 20:31:36 2003
MD5 Checksum:	bc05567626bebd91b9ea3c9844b4a56a

/// File Name:	09.16.MS03-039-exp.c
Description:	Remote Windows exploit for the RPC DCOM long filename heap overflow discovered by NSFOCUS.
Author:	ey4s
Related File:	sa2003-06.txt
File Size:	13143
Last Modified:	Sep 16 23:53:46 2003
MD5 Checksum:	914d1c99e072cfb536a6d00fd8a75d8a

/// File Name:	rootdown.pl
Description:	Remote exploit for Solaris that only requires a single UDP packet to the sadmind service to execute commands.
Author:	H D Moore
Homepage:	http://www.metasploit.com/
Related File:	09.16.03.txt
File Size:	12406
Last Modified:	Sep 19 00:51:29 2003
MD5 Checksum:	866bc503fccd155f0a660998fd1ee863

/// File Name:	atphttp0x06.c
Description:	Remote exploit for atphttpd version 0.4b and below on Linux x86 that binds a shell to port 65535. Tested against Debian 3.0 and RedHat 8.0.
Author:	r-code
File Size:	9954
Last Modified:	Sep 25 23:58:20 2003
MD5 Checksum:	12201535f967d9970d38c353615b22a4

/// File Name:	mounty.c
Description:	Remote root exploit for rpc.mountd that makes use of the xlog off-by-one vulnerability discussed here.
Author:	newroot
Homepage:	http://www.newroot.de
File Size:	9448
Last Modified:	Sep 17 18:30:54 2003
MD5 Checksum:	eb911a8a195173435b059a49e159a2a7

/// File Name:	geeklog2.txt
Description:	Geeklog versions 2.x and below are susceptible to cross site scripting vulnerabilities and various SQL injection attacks.
Author:	Lorenzo Hernandez Garcia-Hierro
Homepage:	http://security.novappc.com
File Size:	9088
Last Modified:	Sep 29 20:18:03 2003
MD5 Checksum:	5e292ac0ff2be42ecabd916e479a3305

/// File Name:	09.14.mysql.c
Description:	Remote exploit for Mysql 3.x versions 3.23.56 and Mysql 4.x versions below 4.0.15. More information available here.
Author:	Bkbll
File Size:	8867
Related CVE(s):	CAN-2003-0780
Last Modified:	Sep 16 22:04:40 2003
MD5 Checksum:	6db4d9e49e4882f5622fd5b59932596c

/// File Name:	sp-myserver.c
Description:	Remote denial of service exploit for MyServer 0.4.3.
Author:	badpack3t
Homepage:	http://www.security-protocols.com
Related File:	myserver.txt
File Size:	8268
Last Modified:	Sep 10 02:21:13 2003
MD5 Checksum:	26fe6f995a2b40b213a0a7f660d0d2b5

/// File Name:	lsh_exploit.c
Description:	Remote exploit for lsh 1.4.x that makes use of a boundary error in read_line.c when checking for errors. Spawns a bindshell on port 45295.
Author:	Haggis aka Carl Livitt.
File Size:	8179
Last Modified:	Sep 23 17:22:37 2003
MD5 Checksum:	60a9d09b21839048217308ccd3cf3dd4

/// File Name:	4DWS_ftp.c
Description:	4D WebSTAR FTP server suite version 5.3.1 remote exploit that binds a shell to port 6969 as the uid running the server. This exploit makes use of the pre-authentication buffer overflow that exists in the login mechanism of the WebSTAR FTP service.
Author:	B-r00t
Homepage:	http://doris.scriptkiddie.net
File Size:	8046
Last Modified:	Sep 13 09:02:47 2003
MD5 Checksum:	7456e23cbadbcbea96645ab9eee368c0

/// File Name:	cfengine.c
Description:	Remote exploit for Cfengine versions 2.-2.0.3 that makes use of a stack overflow discussed here. Binds a shell to port 26112. Tested against RedHat.
Author:	jsk
File Size:	8044
Last Modified:	Sep 29 20:14:22 2003
MD5 Checksum:	cc32ba54fe67a178fcd9b423342f3643

/// File Name:	rp9-priv-esc.c
Description:	RealOne Player 9 exploit for Unix/Linux that escalates privileges to the person using the utility by taking advantage of group write permissions on user configuration files.
Author:	Jon Hart
File Size:	6183
Last Modified:	Sep 11 08:14:45 2003
MD5 Checksum:	4445831b67a74340eaffa17ee24060b4

/// File Name:	augustiner.c
Description:	Denial of service exploit for Microsoft Windows 98 that floods UDP traffic to random destination ports causing the system to lock up.
Author:	Warlord
Homepage:	http://www.nologin.org
File Size:	6171
Last Modified:	Sep 9 05:19:52 2003
MD5 Checksum:	e282c1433fab2315b14f50153e017834

/// File Name:	shatterSEH3.txt
Description:	Version three of this paper discussing more shatter attacks that are possible using progress bars. Related information available here.
Author:	Brett Moore
Homepage:	http://www.security-assessment.com
File Size:	5578
Last Modified:	Sep 29 20:31:32 2003
MD5 Checksum:	1135794bd92aa08169c33e449387a87c

/// File Name:	dbabble.txt
Description:	DBabble 2.5i suffers from cross site scripting issues that can lead to cookie hijacking.
Author:	dr_insane
Homepage:	http://members.lycos.co.uk/r34ct/
File Size:	5399
Last Modified:	Sep 18 20:54:25 2003
MD5 Checksum:	d7bd98900757ac09369e6a2ae7509dfe

/// File Name:	netris-shash.c
Description:	Remote exploit for netris version 0.5 on RedHat 8.0 that makes use of a buffer overflow vulnerability where a client connecting to an untrusted netris server could be sent an unusually long data packet, which would be copied into a fixed-length buffer without bounds checking.
Author:	Shashank Pandey
File Size:	5241
Last Modified:	Sep 21 21:06:28 2003
MD5 Checksum:	b41e303ebc81036b1621bb7f2266048b

/// File Name:	bazooka_penaka.pl
Description:	Proof of concept remote exploit for Foxweb 2.5 on Microsoft Windows that achieves access of the web server user id and makes use of a buffer overflow found in the PATH_INFO variable in foxweb.dll.
Author:	pokleyzz
Homepage:	http://www.scan-associates.net
File Size:	4771
Last Modified:	Sep 6 02:46:22 2003
MD5 Checksum:	c3599adf8b5c36ef30b4eb85ff7a6773

/// File Name:	pandpdos.txt
Description:	The Plug and Play Web Server version 1.0002c is susceptible to multiple buffer overflow attacks that cause the server to crash.
Author:	Bahaa Naamneh
Homepage:	http://www.bsecurity.tk
File Size:	4014
Last Modified:	Sep 18 23:20:56 2003
MD5 Checksum:	3ad96e586456835afc357813677d3683

/// File Name:	TEXONET-20030902.txt
Description:	Texonet Security Advisory 20030902 - SCO OpenServer / Internet Manager (mana) versions 5.0.5 to 5.0.7 are susceptible to escalating a local attacker's privileges due to being tricked into executing the environment variable REMOTE_ADDR when it is set.
Homepage:	http://www.texonet.com/
File Size:	3991
Last Modified:	Sep 16 23:45:03 2003
MD5 Checksum:	e110cec39a0883d80e796ab5fd06d804