Section:  .. / 0306-exploits  /

Page 1 of 2
<< 1 2 >> Files 1 - 25 of 42
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: 0306-exploits.tgz
Description:
Packet Storm new exploits for June, 2003.
File Size:103237
Last Modified:Aug 28 03:54:22 2003
MD5 Checksum:ac9f4f68ae6eef059db7338a6c6fcb34

 ///  File Name: 06.16.03.txt
Description:
iDEFENSE Security Advisory 06.16.03: The pam_wheel module of Linux-PAM uses getlogin() in an insecure manner, thereby allowing attackers to bypass certain restrictions. The pam_wheel module is often used with the su command to allow users belonging to a trusted group to utilize the command without supplying a password. The module utilizes the getlogin() function to determine the name of the currently logged in user. This name is then compared against a list of members of a trusted group as specified in the configuration file. If the trust option is enabled in the pam_wheel configuration file and the use_uid option is disabled, any local user may spoof the username returned by getlogin() and gain access to a super-user account without supplying a password.
Author:Karol Wiesek
Homepage:http://www.idefense.com/
File Size:5415
Last Modified:Jun 17 02:17:57 2003
MD5 Checksum:ac13337671c6ada04dcb6c4a7dec904e

 ///  File Name: 0x82-GNATS_own.c
Description:
Local root exploit against GNATS v3.2 that makes use of the heap overflow found in the -d switch.
Author:Xpl017Elz
Homepage:http://www.inetcop.org
Related File:INetCop.GNATS.txt
File Size:6875
Last Modified:Jun 22 02:00:49 2003
MD5 Checksum:39b4e56f07ade73a703b6eada24cb533

 ///  File Name: 0x82-GNATS_sux.c
Description:
Local root exploit against GNATS v3.113.x that makes use of a heap based environment variable overflow vulnerability.
Author:Xpl017Elz
Homepage:http://www.inetcop.org
Related File:INetCop.GNATS.txt
File Size:11619
Last Modified:Jun 22 02:03:13 2003
MD5 Checksum:c433613d79f8fd6493b48c10d8b30e3f

 ///  File Name: 5HP0G1FAAC.txt
Description:
The product Mailtraq suffers from multiple vulnerabilities that range from access to files that reside outside the bounding HTML root directory through decryption of locally stored password, to a cross site scripting vulnerability in the web mail interface.
Homepage:http://www.SecurITeam.com
File Size:6708
Last Modified:Jun 17 02:03:22 2003
MD5 Checksum:9fca066da119abecff422387906ab073

 ///  File Name: atftpdx.c
Description:
Proof of concept remote root exploit for atftpd version 0.6. Makes use of the filename overflow found by Rick Patel. Related post here. Tested against Debian 3.0.
Author:gunzip
File Size:10175
Last Modified:Jun 11 07:11:28 2003
MD5 Checksum:3b0c2689d61a4f537485d01ed45b9bbb

 ///  File Name: bazarr-episode-4.c
Description:
Local root exploit for XaoS that makes use of a specially crafted command line -language argument to cause it to execute arbitrary code.
Author:bazarr
Homepage:http://geocities.com/rrazab
File Size:8085
Last Modified:Jun 13 04:52:23 2003
MD5 Checksum:3b12f35f26095e564fa823f5f31c5810

 ///  File Name: bazarr-unsencored-episode-3.c
Description:
Local exploit for E-term that escalates privileges to gid utmp via insufficient bounds checking performed on an environment variable that is copied into an internal memory buffer.
Author:bazarr
Homepage:http://geocities.com/rrazab
File Size:30577
Last Modified:Jun 13 04:54:29 2003
MD5 Checksum:5dc7dad0fe0bd40dc28da3450025370c

 ///  File Name: blackicepro.txt
Description:
It is possible to evade the BlackICE PC Protection IDS logging of cross site scripting attempts due to a lack of it checking HEAD, PUT, DELETE, and TRACE requests for the <script> pattern.
Author:Marc Ruef
Homepage:http://www.computec.ch/
File Size:2978
Last Modified:Jun 14 21:20:43 2003
MD5 Checksum:506b6b9aa1ee94ea6ecdba88149c1b4b

 ///  File Name: compaq.txt
Description:
The Compaq Web Based Management Agent is vulnerable to server side injection, stack overflows, access violations, and creation of script objects.
Author:Ian Vitek
File Size:2258
Last Modified:Jun 30 21:01:00 2003
MD5 Checksum:b9ea91fe17deda91d69ffffe7d5c6ecc

 ///  File Name: consroot.exp
Description:
This script is used to automate escalation of normal user privileges to root making use of FORTH hacking on Sparc hardware.
Author:Michael H.G. Schmidt
File Size:3651
Last Modified:Jun 22 00:08:57 2003
MD5 Checksum:984f4ec5229ee63a42019081e311d2dd

 ///  File Name: dlinkDoS.txt
Description:
D-Link routers with a firmware of 2.70 and below are vulnerable to a denial of service vulnerability providing the attacker has the ability to see the internal interface on the router. Sending a malformed URL to the syslog script will caused a DNS query. Multitudes of this query can result in a DoS and other odd forms of behavior.
Author:chris
Homepage:http://www.securityindex.net/
File Size:3534
Last Modified:Jun 3 10:14:52 2003
MD5 Checksum:f153d7a119c458d70ebcf9389d2ae195

 ///  File Name: DSR-geekrellm-linux.pl
Description:
Gkrellmd 2.1.10 remote exploit with shellcode that does kill(-1,9) then an exit. Written for Linux and tested on Slackware 9.
Author:kokanin
File Size:1344
Last Modified:Jun 29 22:47:40 2003
MD5 Checksum:4ccf4b85bdadaaaeea4abd31891779f4

 ///  File Name: DSR-geekrellm.pl
Description:
Gkrellmd 2.1.10 remote exploit with connect back shellcode. Tested on FreeBSD 4.8.
Author:kokanin
File Size:1329
Last Modified:Jun 24 16:12:55 2003
MD5 Checksum:19d0e595e3075a1352589025fa029087

 ///  File Name: DSR-korean-elm.pl
Description:
Exploit for Elm version ko-elm-2.4h4.1, the Korean release, that yields gid of bin. Old vulnerability related to this is here. Tested against FreeBSD 4.7.
Author:kokanin
File Size:868
Last Modified:Jun 24 07:48:42 2003
MD5 Checksum:0d17996f879f53f34e331038462c23b4

 ///  File Name: EnceladusServerSuite3.9.11.txt
Description:
Enceladus Server Suite v3.9.11 contains buffer overflows in its ftp server that allow a remote attacker to crash the server with the possibility of remote command execution.
Author:Dr_insane
Homepage:http://members.lycos.co.uk/r34ct/
File Size:784
Last Modified:Jun 17 06:09:57 2003
MD5 Checksum:43dd957e5b408e37a72bec408734a911

 ///  File Name: gkrellmd
Description:
Gkrellmd 2.1.10 has a daemon that suffers from a buffer overflow where it does not validate the 128 byte buffer input which allows an attack to crash the daemon resulting in a denial of service.
Author:dodo
Homepage:http://darkwired.ath.cx
File Size:1909
Last Modified:Jun 24 07:08:08 2003
MD5 Checksum:addc11f4375377dbd86df7c0e6ad570a

 ///  File Name: gkrhack0x03.c.gz
Description:
gkrellmd < 2.1.12 remote exploit for Linux. Tested against Debian 3.0 with version 2.1.4.
Author:r-code
File Size:2526
Last Modified:Jun 29 22:34:53 2003
MD5 Checksum:2eb2a5c1a727b39eab68acb29858ea39

 ///  File Name: gm014-ie.txt
Description:
Microsoft Internet Explorer 5.01, 5.5 and 6.0 has a parsing procedure with a flaw in it that may cause arbitrary script commands to be executed in the Local Zone. This can lead to potential arbitrary command execution, local file reading and other severe consequences.
Author:GreyMagic Software
Homepage:http://www.greymagic.com
File Size:4773
Last Modified:Jun 22 00:14:56 2003
MD5 Checksum:94c172dcec3f389d6d6c31e555a923cd

 ///  File Name: hack-nethack0x02.tar.gz
Description:
jnethack 1.1.5 and below exploit that yields gid of games. Tested against Debian Woody 3.0.
Author:r-code
File Size:2294
Last Modified:Jun 22 01:26:02 2003
MD5 Checksum:76f578f076dc4e0b37dbf2d7cdc12fb6

 ///  File Name: IIS-DoS.c
Description:
Remote IIS 5.0 denial of service exploit that makes use of the stack based overflow in nsiislog.dll.
Author:Rizzy
Related File:wmediaremote.txt
File Size:1314
Last Modified:Jul 19 01:30:28 2003
MD5 Checksum:28883908e092c49535e0ffceaa364f9e

 ///  File Name: JBoss.txt
Description:
Boss 3.2.1 with Jetty is vulnerable to full JSP source code disclosure when using a null byte.
Author:Marc Schoenefeld
Homepage:http://www.illegalaccess.org
File Size:736
Last Modified:Jun 3 10:00:33 2003
MD5 Checksum:d63a80b2f8b61a884e79e56655387094

 ///  File Name: kereval.tutos.txt
Description:
Kereval Security Advisory KSA-001 - Cross Site Scripting vulnerabilities exist in Tutos 1.1 allow for hostile code execution.
Author:François SORIN
Homepage:http://www.kereval.com
File Size:4147
Last Modified:Jun 24 07:54:45 2003
MD5 Checksum:dfed6e294cfba88c4ce010d032e6dcdf

 ///  File Name: lednews.txt
Description:
LedNews v0.7 lacks any filtering allowing a remote attacker to embed javascript or various HTML tags. It may also be possible to add server side include tags into news posts as well.
Author:Gilbert Vilvoorde
File Size:1196
Last Modified:Jun 17 06:04:16 2003
MD5 Checksum:19026b25c3d9e9ce12f765352372b6a4

 ///  File Name: linux-wb.c
Description:
The ntdll.dll remote exploit through WebDAV that was originally written by kralor. This version is ported to Linux by Dotcom.
File Size:9219
Last Modified:Jun 14 21:28:31 2003
MD5 Checksum:d2db38f58f501400802f8f52b91a7108