Section:  .. / 0312-exploits  /

Page 1 of 2
<< 1 2 >> Files 1 - 25 of 42
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: 0312-exploits.tgz
Packet Storm new exploits for December, 2003.
File Size:3362818
Last Modified:Apr 16 07:08:19 2004
MD5 Checksum:fd96104b52452635a55566e5bde24485

 ///  File Name: 0x333ebola.c
Ebola v0.1.4 remote stack overflow exploit tested against Red Hat 8.0. Bug found by Secure Network Operations.
File Size:6810
Last Modified:Dec 15 04:59:01 2003
MD5 Checksum:1607f965b471b34d5d5e0300be518e95

 ///  File Name: 1n74ne-cha0s.exe
WarFTPD v1.82.0.2 and below remote denial of service exploit, win32 binary. Disables WarFTPD by making multiple connections, causing the server to stop accepting new connections, and crash after two days.
Author:Dr. Insane
File Size:135168
Last Modified:Dec 15 07:15:41 2003
MD5 Checksum:7d5791bcad0c1b4941743c8738286dfc

 ///  File Name: brk_poc.asm
Linux kernel v2.4.22 and below do_brk() proof of concept exploit written in ASM which tests for the vulnerability, rebooting your system if it is found. Requires nasm greater than v0.98.36, tested with nasm 0.98.38.
Author:Christophe Devine
File Size:2913
Last Modified:Dec 3 05:28:43 2003
MD5 Checksum:38e4261798444f0cd584107388e6c96e

 ///  File Name: cesarDoS.txt
CesarFTP version 0.99g and below has a security hold in the command CWD that allows a remote attacker the ability to cause a denial of service by raising the CPU utilization up to 100%.
Author:zib zib
File Size:2457
Last Modified:Dec 23 10:57:36 2003
MD5 Checksum:90b7691cee7a770103bf922c3069fb0c

 ///  File Name: dcamwebcam.txt
DCAM webcam versions 8.2.5 and below suffer from a directory traversal attack that allow a remote attacker to access any file available to the webserver uid.
Author:Luigi Auriemma
File Size:1979
Last Modified:Dec 23 11:12:26 2003
MD5 Checksum:5f7b85639545d288c78372f4006ccd66

 ///  File Name: dcomrpc_magickey_win.c
Dcom RPC remote win32 exploit, ported to Windows for compilation with VC++ 6. Uses "magic keys" to find the offset. Ported by Lordy
File Size:19369
Last Modified:Dec 15 06:40:13 2003
MD5 Checksum:e68f717861ce1d1e65ca2d14d5d93f20

 ///  File Name: dosMac.txt
It is possible to cause a denial of service attack against the SecurityServer daemon in MacOS X, MacOS X Server, and Darwin by unlocking a locked keychain and specifying a very long password.
Author:Matt Burnett
File Size:3533
Last Modified:Jan 1 07:02:11 2004
MD5 Checksum:d81f8b6a87bdb09dcd8e8e493388372e

 ///  File Name: exp_unix2tcp.c
Exp_unix2tcp.c is a local exploit for unix2tcp below v0.8.0 which gives root access if unix2tcp is setuid, which it is usually not. Tested on Redhat Linux 9.
File Size:1646
Last Modified:Dec 24 10:39:33 2003
MD5 Checksum:17f3b5fb7f646a6cb8647a775b53c63e

 ///  File Name:
Eznet v3.5.0 and below remote stack overflow exploit which includes shell code that downloads and runs an executable from a web server.
Author:Peter Winter-Smith
File Size:6655
Last Modified:Dec 16 08:10:10 2003
MD5 Checksum:55be4f3bf8bcb93395dae0be528a718a

 ///  File Name: ezphotoshare.txt
eZphotoshare has multiple overflow vulnerabilities that allow remote code execution from a heap corruption in ntdll.dll and the ability to overwrite important saved values via vulnerable code in mfc42.dll.
Author:Peter Winter-Smith
File Size:6511
Last Modified:Dec 4 23:32:00 2003
MD5 Checksum:77ff372954b829eda766bbf04b438890

 ///  File Name:
Remote exploit for eZnetwork versions 3.3 to 3.5 that sends a shell back to the host that the attack spawns from.
File Size:4092
Last Modified:Dec 18 05:22:02 2003
MD5 Checksum:1c79c869e872b376278eb4416b3b6625

 ///  File Name: f.c
F.c is a local root exploit for the the SuSEconfig.vmware symbolic link vulnerability. Tested on SuSE 8.2. More information available here.
Author:Nash Leon
File Size:1943
Last Modified:Dec 2 21:29:06 2003
MD5 Checksum:d24a6e89b53d4792d7839c915a6c05f8

 ///  File Name: gallery133.txt
Gallery versions 1.3.3 and below suffer from a cross-site scripting vulnerability in its searching functionality.
File Size:1649
Last Modified:Dec 30 19:30:52 2003
MD5 Checksum:bd8fa7a52e93df322ab5dc54d4b6faf3

 ///  File Name: hatorihanzo.c
Linux kernel do_brk local root exploit for kernel v2.4 prior to 2.4.23.
Author:Paul Starzetz, Wojciech Purczynski
File Size:6510
Last Modified:Dec 16 08:28:08 2003
MD5 Checksum:15831ce915376b30d4db0512a3ad10f1

 ///  File Name: I2S-LAB-10-15-03.Shell32-Do.txt
I2S LAB Security Advisory - A malicious attacker can utilize any type of media against the SHELL32.DLL library to cause a massive denial of service. Microsoft Windows 2000 versions SP4 and below are affected. Full research and exploit provided. The next service pack released will have this fixed.
File Size:9175
Last Modified:Dec 5 18:22:00 2003
MD5 Checksum:1e98d8c19dfcda7d2669632436140845

 ///  File Name:
Remote exploit for Eudora 6.0.1's (on Windows) LaunchProtect feature, which warns the user before running executable attachments. Unfortunately this only works in the attach folder; using spoofed attachments, executables stored elsewhere may run without warning.
Author:Paul Szabo
File Size:2466
Last Modified:Dec 3 05:22:16 2003
MD5 Checksum:9a3e27e8c64d0481380bbcf5c7ea965f

 ///  File Name: lsbody.c
UW-imapd v12.261, 12.264, 2000.283, 2000.284, 2000.287 and 2001.315 remote exploit which takes advantage of a bug in the body command. Requires an IMAP username and password.
File Size:14136
Last Modified:Dec 15 06:32:27 2003
MD5 Checksum:908db2cb149c78738ba743a8ffb0d9f5

 ///  File Name: lssoltel.c
Remote exploit for login/telnetd tested on Solaris Sparc v6/7/8 which uses the TTYPROMPT vulnerability. Spawns a shell.
File Size:9375
Last Modified:Dec 15 06:23:07 2003
MD5 Checksum:ad70f20ff91e7a8f764012a9f0e6606f

 ///  File Name: m00-apache-w00t.tar.gz
Apache 1.3.*-2.0.48 remote users disclosure exploit - Checks Apache webservers for a wrong default configuration of mod_userdir which allows account name guessing and then attempts to login to the found accounts with ftp. Effective against Linux and *BSD boxes.
File Size:3186
Last Modified:Dec 16 08:42:04 2003
MD5 Checksum:01464a2fa047af3a15831c455b89f9c9

 ///  File Name: m00-mod_gzip.c
File Size:7913
Last Modified:Dec 15 07:21:15 2003
MD5 Checksum:385c31b5ee1dd97a7c52554b6aefc0ad

 ///  File Name: mdaemon-raw.txt
Alt-N Technologies MDaemon Mail Server versions 6.52 to 6.85 suffer from a remote buffer overflow in its raw message handler. Sending more than 153 bytes in the From field to FROM2Raw.exe creates a raw file, that when processed by mdaemon, will cause a stack buffer overflow.
Author:Pejamn Davarzani, Behrang Fouladi
File Size:3352
Last Modified:Dec 29 23:43:52 2003
MD5 Checksum:74de9bd4c75e8a57e115b87b3aff2516

 ///  File Name: milla.tar.gz
Mvdsv Quake Server v0.171 and below remote exploit. Tested against Debian GNU/Linux 3.0 and Slackware 9.0. Includes a patched Quake source which includes shellcode in cl_main.c which binds a shell to port 30464.
Author:Oscar Linderholm
File Size:3250388
Last Modified:Dec 15 07:37:56 2003
MD5 Checksum:dc1c49288d1bc3fa76cc72ffdb03b3e7

 ///  File Name: ms03-043v2.c
Remote exploit for the Microsoft Messenger service buffer overflow described in ms03-043. Tested against Windows 2000 FR SP0.
Author:Mr. Nice
File Size:8042
Last Modified:Dec 18 05:01:20 2003
MD5 Checksum:7923cdcc15237bb37be9249d97ee337e

 ///  File Name: ms03-049-II.c
Microsoft Workstation Service WKSSVC Remote Exploit for the bug discussed in MS03-049. This version does not crash services.exe until the shell exits.
File Size:15982
Last Modified:Dec 16 08:22:45 2003
MD5 Checksum:cd0ae50e67851a9a724ad3f6a064b09c