all things security
Showing 1 - 25 of 51 RSS Feed

Files

ex_enq_aix4x.sh
Posted Apr 30, 2003
Authored by Watercloud | Site xfocus.org

The enq program under AIX has an overflow that exists in the command line argument parsing. This exploit successfully utilizes the vulnerability to escalate privileges to egid=printq. Tested on AIX 4.3.3.

tags | exploit, overflow
systems | aix
MD5 | 364890572f74686b8e21cb0e6b0164f7
ShopCart.pl
Posted Apr 2, 2003
Authored by SPAX | Site spabam.tk

Hassan Consulting Shopping Cart Version 1.x remote exploit that will spawn a bash shell with the webserver uid.

tags | exploit, remote, shell, bash
MD5 | 0c9b6ff5a2d1c75542b248563046aeba
xitami-2.5b4.txt
Posted Nov 22, 2001
Authored by Zerologic | Site nssolution.net

Xitami WEB/FTP Server for Windows 95/98/NT/2k v2.5b4 has remote vulnerabilities which allow users to view sensitive system information via testcgi.exe. Passwords are stored in plain text. Denial of service is possible.

tags | exploit, remote, web, denial of service, vulnerability
systems | windows, 9x
MD5 | c9e95f053b3bd9e85e7f9aa02c0229e7
2000-exploits.tgz
Posted Jan 4, 2001
Authored by Todd J.

Packet Storm exploits for the year 2000!

tags | exploit
MD5 | 7bedd7e8384f3097d270edc791c35532
0012-exploits.tgz
Posted Jan 2, 2001
Authored by Todd J.

Packet Storm new exploits for December, 2000.

tags | exploit
MD5 | 4a995818afd053d60e8f8e037299dc68
wu-ftpd-solsparc.c
Posted Jan 2, 2001
Authored by Kalou

Solaris Wu-ftpd wu-2.4(1) remote root exploit which uses the site exec format string vulnerability. Tuned for Solaris Sparc v2.8 w/ inetd.

tags | exploit, remote, root
systems | solaris
MD5 | 5b9f482e6eddd637260d2044ba0d82d4
scx-sa-13.txt
Posted Jan 1, 2001
Authored by Root-dude | Site securax.org

Securax Security Advisory #13 - When someone telnets to a unix system, the tty that will be assigned to him will be writable for any user on the system. However, when he is logged in, his tty will not be writable for all users. So if someone would write data to a tty that is currently used by someone who's logging in, that person won't be able to log in. Includes ttywrite.c proof of concept code.

tags | exploit, proof of concept
systems | unix
MD5 | 9d37a0bc617a164db82322ac5c30ad09
scx-sa-11.txt
Posted Jan 1, 2001
Authored by Root-dude | Site securax.org

Securax Security Advisory #11 - XFree86 Version 3.3.6 is vulnerable to a remote denial of service attack over tcp port 6000. The server can freeze if sent many characters, requiring a reboot to restore normal operation. Includes Linnuke.c proof of concept code.

tags | exploit, remote, denial of service, tcp, proof of concept
MD5 | 546b45528635b7d5d9ef69e7e60982f2
7350wu-v5.tar.gz
Posted Dec 31, 2000
Authored by teso, scut | Site team-teso.net

7350wu.c is a Wu-ftpd v2.6.0 remote root exploit which does it the proper way. Works on Linux/x86 and FreeBSD.

tags | exploit, remote, x86, root
systems | linux, freebsd
MD5 | eea111a6537ebd19799b49265f404dc8
SEClpd.c
Posted Dec 31, 2000
Authored by Netcat | Site netcat.it

Lpr-ng v3.6.24 and below remote root exploit for Linux/x86 which exploits the syslog() format string vulnerability. Tested against RedHat 7.0. Includes the ability to brute force the offset.

tags | exploit, remote, x86, root
systems | linux, redhat
MD5 | 463ce14557a462163782888e5d86681b
hhp-expect_adv0017.txt
Posted Dec 31, 2000
Authored by hhp, Isox | Site hhp-programming.net

Expect v5.31.8 and v5.28.1 contains local buffer overflows. It is possible to exploit any suid/sgid expect application.

tags | exploit, overflow, local
MD5 | d4683a31e003e1d110fcc9fde5e5c203
hhp-GnomeScott_smash.c
Posted Dec 31, 2000
Authored by Loophole, hhp | Site hhp-programming.net

GnomeScott local buffer overflow which provides a gid=40 (game) shell on SuSE 6.4 and 7.0.

tags | exploit, overflow, shell, local
systems | linux, suse
MD5 | acd214c6042007d291a1c8f0fa829904
hhp-expect_smash.c
Posted Dec 31, 2000
Authored by hhp, Isox | Site hhp-programming.net

Expect (/usr/bin/expect) v5.31.8 and v5.28.1 local buffer overflow exploit. Tested on Slackware 7.x. Advisory available here.

tags | exploit, overflow, local
systems | linux, slackware
MD5 | da8604330b6cf684127712d3e2938053
hhp-gnomehack_smash.c
Posted Dec 31, 2000
Authored by Loophole, hhp | Site hhp-programming.net

Gnomehack local buffer overflow exploit which provides a gid=60 (games) shell on Debian 2.2.

tags | exploit, overflow, shell, local
systems | linux, debian
MD5 | 13f17ac2fd9c6293682ff867a2aeab1b
hhp-kwintv_smash.c
Posted Dec 31, 2000
Authored by Loophole, hhp | Site hhp-programming.net

Kwintv local buffer overflow exploit which provides a gid=33 (video) shell on SuSE 7.0.

tags | exploit, overflow, shell, local
systems | linux, suse
MD5 | dd5032ac157db74a06d24a992baca46c
hhp-fancy_smash.c
Posted Dec 31, 2000
Authored by hhp, Icesk | Site hhp-programming.net

Fancylogin v0.99.7 local root exploit. Tested on Red Hat 6.1.

tags | exploit, local, root
systems | linux, redhat
MD5 | bd17ae6dbc38a3a95fecc60e731790d5
scx-sa-12.txt
Posted Dec 31, 2000
Authored by Incubus | Site securax.org

Securax Security Advisory #12 - Apache 1.3.14 access_log and error_log can be altered somewhat by remote users if the site administrator reads the logs with cat or tail. Includes proof of concept code kosheen.c which attempts to display false values in a remote site's access_log and error_log.

tags | exploit, remote, proof of concept
MD5 | c5379cf5ad7d982e2c0165fc0a40f0c6
hhp-stonx_smash.c
Posted Dec 28, 2000
Authored by Loophole, hhp | Site hhp-programming.net

STonX v0.6.5 and v0.6.7 local root exploit. Tested on Slackware 7.0.

tags | exploit, local, root
systems | linux, slackware
MD5 | 8a1770d7784c6541840ba4ee8c888446
xxconq.c
Posted Dec 26, 2000
Authored by vade79, realhalo | Site realhalo.org

Linux xconq v7.4.1 local exploit - Gives a gid=games shell by exploiting the -L parameter. Tested on Slackware.

tags | exploit, shell, local
systems | linux, slackware
MD5 | f418606627aaac0b33630928c6e7278d
obsd-ftpd.c
Posted Dec 24, 2000
Authored by synnergy, Scrippie | Site synnergy.net

OpenBSD v2.6 and 2.7 ftpd remote root exploit.

tags | exploit, remote, root
systems | openbsd
MD5 | 851ecd7cde4ff528736a6f54e5ea9649
identdDoS.c
Posted Dec 24, 2000
Authored by Root-dude

SuSE identd remote denial of service attack - Uses a long sting to set a pointer to NULL.

tags | exploit, remote, denial of service
systems | linux, suse
MD5 | 0ddf9677ef65b2ce004d04d7db4613de
catman-race.txt
Posted Dec 23, 2000
Authored by Larry W. Cashdollar | Site vapid.betteros.org

Solaris 2.7/2.8 /usr/bin/catman allows local users to clobber root owned files by symlinking temporary files. Includes catman-race.pl and ctman-race2.pl for proof of concept.

tags | exploit, local, root, proof of concept
systems | solaris
MD5 | bdf08aefd1a27a54c4ac57903f9613a6
bindview.naptha.txt
Posted Dec 22, 2000
Site razor.bindview.com

The NAPTHA dos vulnerabilities (Revised Edition - Dec 18) - The naptha vulnerabilities are weaknesses in the way that TCP/IP stacks and network applications handle the state of a TCP connection.

tags | exploit, tcp, vulnerability
MD5 | 24fd66bf696abe31348a262c6e2961dc
sonata-teleconf-2.txt
Posted Dec 22, 2000
Authored by Larry W. Cashdollar | Site vapid.betteros.org

Voyant Technologies Sonata Conferencing Software v3.x on Solaris 2.x comes with the setuid binary doroot which executes any command as root.

tags | exploit, root
systems | solaris
MD5 | f91a7c23eb0d6b0604a0fe4ff5e99b6c
omnihttpdex.c
Posted Dec 22, 2000
Authored by Kilrid | Site Hack-X.org

Omni httpd v2.07 and below remote denial of service exploit. Combines a shell script from sirius from buffer0vefl0w security with a bugtraq report from Valentin Perelogin.

tags | exploit, remote, denial of service, shell
MD5 | 03d46159c51df91d37b666c06e4d150c
Page 1 of 3
Back123Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Millions Of High Security Crypto Keys Crippled By Newly Discovered Flaw
Posted Oct 16, 2017

tags | headline, flaw, cryptography
Pizza Hut Latest To Be Hit In Card Data Breach
Posted Oct 16, 2017

tags | headline, hacker, privacy, bank, cybercrime, data loss, fraud
Artificial Intelligence - Hype, Hope, And Fear
Posted Oct 16, 2017

tags | headline, botnet, cyberwar
KRACK Attacks: Breaking WPA2 By Forcing Nonce Reuse
Posted Oct 16, 2017

tags | headline, privacy, phone, wireless, flaw, cryptography
Even Pokemon Go Was Used By Russia To Meddle In The Election
Posted Oct 13, 2017

tags | headline, government, usa, russia, cyberwar
US Voices Frustration With Warrant-Proof Encryption
Posted Oct 13, 2017

tags | headline, government, privacy, usa, cryptography
An Unknown Hacker Stole Sensitive Data On Australia's War Planes
Posted Oct 13, 2017

tags | headline, hacker, government, australia, data loss, cyberwar
Legacy Office Feature Used In Novel Document Attacks
Posted Oct 13, 2017

tags | headline, hacker, malware, microsoft, flaw
Equifax Rival TransUnion Also Sends Site Visitors To Malicious Pages
Posted Oct 12, 2017

tags | headline, malware
The Myth Of Responsible Encryption: Experts Say It Can't Work
Posted Oct 12, 2017

tags | headline, government, backdoor, cryptography
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close