7350cowboy.c is supposedly a PHP/3.0.12, 3.0.15, and 3.0.16 with apache 1.3.12 remote format string exploit for FreeBSD 3.4, Slackware Linux 4.0, and 7.0. Very similar to http://packetstormsecurity.org/0010-exploits/phploit.c.
e940a4a8984ee2cd304f252e58a8dff2073d5977d73bfb168d98d7d54ca42f0f
This paper describes in detail the exploitation of the libc locale format string vulnerability on Solaris/SPARC. The full source code for the exploit is presented and some details of the implementation are discussed.
7b17fe99c5995c3700f946e8abe827d958a46295cd8e9068e1a590b08b7ef993
Mac OS X v10.1 and below contains a local root vulnerability which allows logged in users to get a root shell by running a specific series of applications. More info here.
46aabb3e472e54612654c559a4bc57f5adf76fa15eb0274b3c38f0cc2b38d0d4
Packet Storm new exploits for October, 2000.
f1145b6d659bf5ec559a08dd9096cf689913972f0351e3538d9060762579d13c
Georgi Guninski security advisory #26 - Using specially designed URLs, IIS 5.0 may return user specified content to the browser. This poses great security risk, especially if the browser is JavaScript enabled and the problem is greater in IE. By clicking on links, just visiting hostile web pages or opening HTML email the target IIS sever may return user defined malicous active content. This is a bug in IIS 5.0, but it affects end users and is exploited with a browser. A typical exploit scenario is stealing cookies which may contain sensitive information.
6b6ccfbe0c8d541e629a7ae9731b71c0ae8c45f405aa6e7a7b3f0a9674808daa
Mailing List & News Version 1.7 remote exploit - takes advantage of insecure mail handling to spawn a shell on tcp port 60179.
3a148d33c2f43170a5459c274e9265844c395aa32ff20393b2138faa0365ddd6
Listmail v112 remote exploit which spawns a shell on tcp port 60179. Takes advantage of an insecure open call.
a2ac27c937b546ef9d313562c45140abe85c463a173244433131cd8154e5689a
FormNow CGI script v1.0 remote exploit - Takes advantage of an insecure sendmail call to bind a shell to tcp port 60179.
42bf2ffcf31c7fb94d3cd685478259c9560724e80bf63d3d45532dea4c785e1e
News Update 1.1 advisory / remote exploit which allows changing the passwords for the cgi program without knowing the former password, allowing malicious users to modify your news-page.
8ebdb22642d1fa6286496e52ac9000e2dacc42f9352cbae20dec72dc68ce24bc
Older version of the host command contains a remotely exploitable buffer overflow. The host command is used to perform the AXFR request to obtain the zone transfer information, and can be caused to execute arbitrary code when connecting to a fake DNS server, a netcat process listening on port 53.
39951d3f589829a119033d3606128b1ac7e7273f64901d487f9e72eb6efa1de7
The Half-life Dedicated Server for Linux contains remotely exploitable buffer overflow vulnerabilities. Includes remote buffer overflow exploit hl-rcon.c which has been tested against v3.1.0.x for Linux x86.
4e21668332d5a5c5d6b07f99eee2df8e776267a63c81e42ab56b09b08e270f90
This program exploits a flaw in the share level password authentication of MS windows 95/98/ME in its CIFS protocol to find the password of a given share on one of these machines, as discussed in ms00-072. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".
96e29bad718463491122f8f7ad5158fa52c389629d4c02a73b7d0bb812c5f9c8
Unicodexecute2 is a simple perl script to execute commands on vulnerable IIS servers w/ Unicode, as described in this article.
5b2cf0d0ae0a8d6764aa36ceead14fd067a55867c82158f7611f7b7fe312bc2c
Godmessage 4 Revision 5 is an implementation of Georgi Guninski's recent ActiveX exploit for Internet Explorer which attempts to install a trojan on any machine which views the included HTML.
4169810d4b2ebb4d39ec0d7dcc8a86bacb18f9009719e1fafc944364097eda78
Denial of Service attack against an Intel InBusiness eMail Station. Will send a 630 char buffer to the pop server as argument of a USER command. The little box needs to be "powered off" and -on again.
097d217d961c8d8bf396fe40cca2df3a255ed805abb39c1fe873baf76da9a46a
Ntop -w v1.2a1 remote stack overflow exploit. Ntop in web mode (-w) contains an overflow when a long filename is requested. Fix available here.
ce04a0904b889efb589dd7afd4461f07739d833d857e3149af3cf2126d26ec8e
HP/UX crontab local shell script exploit.
8db2472fc166d889f4791e2f620b41fb4436110f5536153e1ce57597db33ec00
This program exploits a flaw in the share level password authentication of MS windows 95/98/ME in its CIFS protocol to find the password of a given share on one of these machines, as discussed in ms00-072. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".
84e85c9487fc7ab4b25b357ee23948e85add674c5c955c17a2f3230d2fe92178
How to read ASP source code on an IIS 5 server using the recently discovered IIS vulnerability.
fbbc4a903d4d14e72415134d1f5fec3c86d4c7566f7cc3e2e8f21160f8293dc4
Lpr lpr-0.50-4 and below contains vulnerabilities which allow local users to access other accounts, and sometimes root.
6ab9815eb4979f4f020da0a0b9a0978875d632bc2a0951630c7aef34b390f59a
Linux /usr/games/zarch v.92 local root buffer overflow exploit.
d420c219019c22b1db498fbe394d018774d0fc7f953b8a9a311f957a40202d37
Oracle 8.1.5 local buffer overflow exploit for Linux.
d10cd01d2e252d4560cf80fd8e8ad2a8ab0de947c5c91cad0cda66125a53492f
Webevent v3.3.3 (webevent.pl) is an online calendar which contains a remote cgi vulnerability which allows administrative access.
5496ce9dcc8d0910d984fc7e479e1a67727682f51767ceae31adf5e834118d53
Linux space plumber (/usr/games/splumber) local buffer overflow exploit.
807d031351ea5f76324fc2b5994894828847822ca1112cab19cbaff5f38514e9
Unicde.pl exploits vulnerable IIS servers which allow remote command execition, as described in iis-unicode.txt.
ab15a086254fb78c36eb6996bbda2ad646248d11ed4dc609531b7f3030a47b81