Exim version 4.63 remote root exploit that uses a connect-back shell. Works on RedHat, Centos and Debian.
af8e1e361c82fc87041373b6e4044b0f7d87c3a5ff26e31b243a3efd06e7c7ca
LiteSpeed Web Server version 4.0.17 with PHP remote exploit for FreeBSD that uses a reverse shell.
b0012b61c33fd5c2dc2a099bfb8c36b4de98d5171a58428b919cf7223ecaadd4
ProFTPD IAC remote root exploit for versions 1.3.3, 1.3.3a and 1.3.2a/e/c.
ad63bce947283be1225a9c0f6124df424564efd77965f253fa2f9da15adffefd
This Metasploit module exploits a stack buffer overflow flaw in the Microsoft IIS FTP service. The flaw is triggered when a special NLST argument is passed while the session has changed into a long directory path. For this exploit to work, the FTP server must be configured to allow write access to the file system (either anonymously or in conjunction with a real account).
03dd84b1fa133f23eef6c093613e5dc4647bab107afd312e34d65559564a1da3
Microsoft IIS 6 suffers from an ASP denial of service stack overflow vulnerability.
968ad700fa412b03b08cda7cfb16f28e1648859ba12d1924d7d64d6a0139aeb6
FreeBSD mbufs() sendfile cache poisoning local privilege escalation exploit that throws a setuid shell in /tmp. Works on 7.x and 8.x builds prior to 12Jul2010.
52de447adb0cf2da2d0293e293c0bb572852ec6114e07299e2dfc735fc81b5ce
The FreeBSD stock ftpd suffers from a buffer overflow vulnerability that causes a crash.
b6e259094c3c43fb1c82b84e20102f51066243e8071d83e5e4e91d4d6d77e6c8
AIX 5l with FTP server remote root hash disclosure exploit. Creates a coredump including the root user hash from /etc/security/passwd. This is the second version that was written to be more portable between hosts.
3cbe3f2d71c1a259294434762694c1239444ee2fd3f2d2dc144601f1fe0a5675
AIX5l with FTP server remote root hash disclosure exploit. Creates a coredump including the root user hash from /etc/security/passwd.
ffcd4f4babc007df54a8c30b68c543ca31700ab2e57bbd47c9d45f7258140368
MDaemon Mailer Daemon version 11.0.1 suffers from a remote file disclosure vulnerability.
2bbf244585bc1c9905c4f926b37c9bfbdeaf6a38b2dc0652ad33b67113f42a8e
Sun Microsystems Sun Java System Web Server remote file disclosure exploit.
72bdf191a4d5b5152a79f4cee6ff1483f96b18ed588de9204927adb6ef2354da
Sun Microsystems Sun Java System Web Server remote exploit for Sparc. Binds a shell to port 5555.
58d3d00ceb2912ac710a08f0960ba35a4e854dccf29619ef655137c811281052
FreeBSD / OpenBSD ftpd suffers from a NULL pointer dereference denial of service vulnerability.
c82ba1adcf10f2187af10a4eb4c639f1f2b76aeaaff493966195043cf4cd3c12
The Spamassassin Milter plugin suffers from a remote root command execution vulnerability. Full exploit details provided.
75cd6d52002b0122839ef452c78b2755836360ff899b51abde576bc341679eb7
Todd Miller sudo 'sudoedit' local root exploit that affects 1.6.x versions before 1.6.9p21 and 1.7.x versions before 1.7.2p4.
0bc5ddb8c9f78020b6fdf754af735e0f64922f9795dab864f38f4d35c23c24d5
Samba suffers from a remote directory traversal vulnerability. A remote attacker can read, list and retrieve nearly all files on the system remotely. Required is a valid samba account for a share which is writable OR a writable share which is configured to be a guest account share, in this case this is a preauth exploit.Included is a smbclient patch that exploits this vulnerability.
0ae4ba015df7577d9dbca9aa358711f0c3e39584e775f1f27f63c7a3a11b2464
Remote command execution exploit for the AMS2 (Alert Management Systems 2) component of multiple Symantec products.
7756c7d033af4f9864f0db35014155628c4e407b538d8298529b17e02cf6d28d
Whitepaper called Reading Mission Control Data out of Predator Drone video feeds.
893c57808e275c209ff64f32529d4b5bf791b0ffdab61822c6d1f5362740359a
FreeBSD local root exploit that leverages a bug in the Run-Time Link-Editor (rtld). Versions 7.1 and 8.0 are vulnerable.
c639b539f4d450f65f034fcd0680e0b37942ecea3d7cae2277874a72cce2fc46
This Metasploit module exploits a stack overflow flaw in the Microsoft IIS FTP service. The flaw is triggered when a special NLST argument is passed while the session has changed into a long directory path. For this exploit to work, the FTP server must be configured to allow write access to the file system (either anonymously or in conjunction with a real account).
c094b78d6e147658a438663b48e4c7ba9f181fadc79f720b680f049d27cc2bbb
Remake of the IIS 5.0 FTP server / remote SYSTEM exploit. Useful for Win2k/JP SP0 through SP3.
ed41a61ee6a96323a70d1473d264138fe153fd8d0c341f6b6c99253319cc1ba0
nginx version 0.7.61 suffers from a WebDAV copy/move method directory traversal vulnerability.
7b4a38163573c74eaf582034e58861d28cafc0a15ba48b2128977ec6ff7ac759
Microsoft IIS versions 5 and 6 suffer from a remote denial of service vulnerability.
3ceabc846fce8b956f3254881cd055cce8a81b2b8d840a4c7e25f09c4cb250d0
Microsoft IIS versions 5.0 and 6.0 FTP server remote stack overflow exploit for Windows 2000.
19aff66ba11cf22843fc9c8141c7d0a3402067ee062ec94813adce26357def3d
Various BSD derived operating systems suffer from various vulnerabilities due to the setusercontext() function.
2c3e7e83b2f80025efe09e3bbad5c78624d782ab98b8cb97ba294434a3188293