Section: .. / 0312-exploits /

Page 1 of 2
<< 1 2 >> Files 1 - 25 of 42

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	0312-exploits.tgz
Description:	Packet Storm new exploits for December, 2003.
File Size:	3362818
Last Modified:	Apr 16 07:08:19 2004
MD5 Checksum:	fd96104b52452635a55566e5bde24485

/// File Name:	milla.tar.gz
Description:	Mvdsv Quake Server v0.171 and below remote exploit. Tested against Debian GNU/Linux 3.0 and Slackware 9.0. Includes a patched Quake source which includes shellcode in cl_main.c which binds a shell to port 30464.
Author:	Oscar Linderholm
File Size:	3250388
Last Modified:	Dec 15 07:37:56 2003
MD5 Checksum:	dc1c49288d1bc3fa76cc72ffdb03b3e7

/// File Name:	1n74ne-cha0s.exe
Description:	WarFTPD v1.82.0.2 and below remote denial of service exploit, win32 binary. Disables WarFTPD by making multiple connections, causing the server to stop accepting new connections, and crash after two days.
Author:	Dr. Insane
File Size:	135168
Last Modified:	Dec 15 07:15:41 2003
MD5 Checksum:	7d5791bcad0c1b4941743c8738286dfc

/// File Name:	dcomrpc_magickey_win.c
Description:	Dcom RPC remote win32 exploit, ported to Windows for compilation with VC++ 6. Uses "magic keys" to find the offset. Ported by Lordy
File Size:	19369
Last Modified:	Dec 15 06:40:13 2003
MD5 Checksum:	e68f717861ce1d1e65ca2d14d5d93f20

/// File Name:	ms03-049-II.c
Description:	Microsoft Workstation Service WKSSVC Remote Exploit for the bug discussed in MS03-049. This version does not crash services.exe until the shell exits.
Author:	snooq
Homepage:	http://www.angelfire.com/linux/snooq
File Size:	15982
Last Modified:	Dec 16 08:22:45 2003
MD5 Checksum:	cd0ae50e67851a9a724ad3f6a064b09c

/// File Name:	SPK-IMSPd.c
Description:	IMSPd v1.7 and below remote root buffer overflow exploit which takes advantage of a bug in abook_dbname(). Tested against IMSPd 1.7 and 1.6a3 under RedHat 8.0. Fix available here.
Author:	SpikE
File Size:	14498
Last Modified:	Dec 25 08:00:28 2003
MD5 Checksum:	5162fefc17a2d96ad76b83a84c36f570

/// File Name:	lsbody.c
Description:	UW-imapd v12.261, 12.264, 2000.283, 2000.284, 2000.287 and 2001.315 remote exploit which takes advantage of a bug in the body command. Requires an IMAP username and password.
Author:	skylazart
Homepage:	http://core.cx/skylazart
File Size:	14136
Last Modified:	Dec 15 06:32:27 2003
MD5 Checksum:	908db2cb149c78738ba743a8ffb0d9f5

/// File Name:	ThunderstormWks.cpp
Description:	ThunderstormWks is a mass exploiter / scanner for the windows workstation vulnerability discussed in ms03-049. Can scan random IP ranges quickly and contains a ftp download payload.
Author:	hi_tech_assassin
File Size:	10909
Last Modified:	Dec 16 08:34:30 2003
MD5 Checksum:	3b686e6d08c2b7c6cb1d2d11ca3cbc62

/// File Name:	Security_FlexWATCH-2.txt
Description:	The FlexWATCH surveillance camera server (tested FlexWATCH-50 web ver 2.2 Build Nov 18 2003) is used by many banks and "secure" places and contains remotely exploitable vulnerabilities which allow remote attackers to view camera footage, add users, remove users, change the configuration, disable camera surveillance, cross site scripting, and more.
Author:	Slaizer
File Size:	10603
Last Modified:	Dec 15 06:47:52 2003
MD5 Checksum:	109e75117811a6f4fdc578e24bb624fd

/// File Name:	qwks.cpp
Description:	Microsoft Windows WKSSVC remote exploit written in C++. Upon successful exploitation, it downloads a binary via a remote ftp server and executes it.
Author:	qaaz
File Size:	9842
Last Modified:	Dec 6 00:55:00 2003
MD5 Checksum:	b2e388a3d4cac23b59525fc9aa6e497f

/// File Name:	lssoltel.c
Description:	Remote exploit for login/telnetd tested on Solaris Sparc v6/7/8 which uses the TTYPROMPT vulnerability. Spawns a shell.
Author:	skylazart
Homepage:	http://core.cx/skylazart
File Size:	9375
Last Modified:	Dec 15 06:23:07 2003
MD5 Checksum:	ad70f20ff91e7a8f764012a9f0e6606f

/// File Name:	rpc_wks_bo.c
Description:	Remote exploit for the Microsoft Windows WKS vulnerability that allows a specially crafted network message the ability to trigger a buffer overflow.
Author:	fiNis
Related File:	CA-2003-28.MS.txt
File Size:	9181
Last Modified:	Dec 5 05:01:00 2003
MD5 Checksum:	466e9162a46e5f7009dbd6fc9020abd1

/// File Name:	I2S-LAB-10-15-03.Shell32-Do.txt
Description:	I2S LAB Security Advisory - A malicious attacker can utilize any type of media against the SHELL32.DLL library to cause a massive denial of service. Microsoft Windows 2000 versions SP4 and below are affected. Full research and exploit provided. The next service pack released will have this fixed.
Author:	I2S-LaB
Homepage:	http://www.I2S-LaB.com
File Size:	9175
Last Modified:	Dec 5 18:22:00 2003
MD5 Checksum:	1e98d8c19dfcda7d2669632436140845

/// File Name:	ms03-043v2.c
Description:	Remote exploit for the Microsoft Messenger service buffer overflow described in ms03-043. Tested against Windows 2000 FR SP0.
Author:	Mr. Nice
File Size:	8042
Last Modified:	Dec 18 05:01:20 2003
MD5 Checksum:	7923cdcc15237bb37be9249d97ee337e

/// File Name:	m00-mod_gzip.c
Description:	Unavailable.
File Size:	7913
Last Modified:	Dec 15 07:21:15 2003
MD5 Checksum:	385c31b5ee1dd97a7c52554b6aefc0ad

/// File Name:	0x333ebola.c
Description:	Ebola v0.1.4 remote stack overflow exploit tested against Red Hat 8.0. Bug found by Secure Network Operations.
Author:	c0wboy
Homepage:	http://www.0x333.org
File Size:	6810
Last Modified:	Dec 15 04:59:01 2003
MD5 Checksum:	1607f965b471b34d5d5e0300be518e95

/// File Name:	eznetexploit.pl
Description:	Eznet v3.5.0 and below remote stack overflow exploit which includes shell code that downloads and runs an executable from a web server.
Author:	Peter Winter-Smith
Homepage:	http://www.elitehaven.net
File Size:	6655
Last Modified:	Dec 16 08:10:10 2003
MD5 Checksum:	55be4f3bf8bcb93395dae0be528a718a

/// File Name:	ezphotoshare.txt
Description:	eZphotoshare has multiple overflow vulnerabilities that allow remote code execution from a heap corruption in ntdll.dll and the ability to overwrite important saved values via vulnerable code in mfc42.dll.
Author:	Peter Winter-Smith
Homepage:	http://www.elitehaven.net/ezphotoshare.txt
File Size:	6511
Last Modified:	Dec 4 23:32:00 2003
MD5 Checksum:	77ff372954b829eda766bbf04b438890

/// File Name:	hatorihanzo.c
Description:	Linux kernel do_brk local root exploit for kernel v2.4 prior to 2.4.23.
Author:	Paul Starzetz, Wojciech Purczynski
File Size:	6510
Last Modified:	Dec 16 08:28:08 2003
MD5 Checksum:	15831ce915376b30d4db0512a3ad10f1

/// File Name:	projectforum.txt
Description:	A fault lies in ProjectForum versions 8.4.2.1 and below that allow an attacker the ability to cause the server application 'projectforum.exe' to crash and stop responding to requests from clients. This can be triggered by sending an overly long 'find' request string to the server in question.
Author:	Peter Winter-Smith
Homepage:	http://www.elitehaven.net/pfbugs.txt
File Size:	5683
Last Modified:	Dec 23 10:38:43 2003
MD5 Checksum:	d343ce102b631366e79d2489a662a593

/// File Name:	netobserve.txt
Description:	NetObserve versions 2.0 and below suffer from a severe security bypass flaw that will enable remote attackers to gain administrative privileges and execute arbitrary code on the server.
Author:	Peter Winter-Smith
Homepage:	http://www.elitehaven.net/netobserve.txt
File Size:	4129
Last Modified:	Dec 31 03:21:28 2003
MD5 Checksum:	2bd139ff34e8256e5aee6cfc5963c5e9

/// File Name:	eZXploit.pl
Description:	Remote exploit for eZnetwork versions 3.3 to 3.5 that sends a shell back to the host that the attack spawns from.
Author:	kralor
Homepage:	http://www.coromputer.net
File Size:	4092
Last Modified:	Dec 18 05:22:02 2003
MD5 Checksum:	1c79c869e872b376278eb4416b3b6625

/// File Name:	xgrpck.c
Description:	/usr/sbin/grpck local buffer overflow exploit. Note that grpck is not setuid by default. Tested on Red Hat 7.3 and 8.0, Cobalt Linux 6.x and 7.x, Debian 2.1 and 2.2, and Mandrake 8.1 and 8.2.
Author:	Metin Cengiz
Homepage:	http://www.rsf.gen.tr
File Size:	3781
Last Modified:	Dec 15 05:05:49 2003
MD5 Checksum:	56e7c86766fc1efedffdfaaefe263664

/// File Name:	dosMac.txt
Description:	It is possible to cause a denial of service attack against the SecurityServer daemon in MacOS X, MacOS X Server, and Darwin by unlocking a locked keychain and specifying a very long password.
Author:	Matt Burnett
File Size:	3533
Last Modified:	Jan 1 07:02:11 2004
MD5 Checksum:	d81f8b6a87bdb09dcd8e8e493388372e

/// File Name:	Opera7.22.pl
Description:	Opera for Windows v7.x prior to v7.23 build 3227 remote exploit which sets up a web server and feeds Opera a URL that will create and execute a batch file on the clients computer.
Author:	Nesumin
Homepage:	http://opera.rainyblue.org
File Size:	3402
Last Modified:	Dec 16 08:50:54 2003
MD5 Checksum:	85a437cea2b1f6be1b26143e87f00b60