exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 51 RSS Feed

Files

ksh.temp-hole.txt
Posted Dec 22, 2000
Authored by Paul Szabo

The Korn Shell (ksh) uses temp files in an insecure manner. Demonstration included.

tags | exploit, shell
SHA-256 | 46bf095b3af47f5a39cd2ce0d8c077e482095e3d43d2cc6b15980c73f2114313
interchange.txt
Posted Dec 22, 2000
Authored by SNS Research

Infinite InterChange is a Win95/98/NT/2k mail server which has a remote denial of service vulnerability where it can be caused to crash via a malformed post request. This has been fixed in Infinite InterChange v3.61.

tags | exploit, remote, denial of service
systems | windows
SHA-256 | 559ea8e4a462900c2ff37f454cf8826455a86a72a81384b69ee480184c46eb97
rpc-everythingform.txt
Posted Dec 19, 2000
Authored by RPC

everythingform.cgi uses a hidden field "config" to determine where to read configuration data from. Allows remote attackers to execute commands. Exploit URL's included.

tags | exploit, remote, cgi
SHA-256 | 01ce9f63078ea884e7545c04bce65a8e11c4e87b1fcbdb0508d60474d1357b4f
xitetris.c
Posted Dec 19, 2000
Authored by vade79, realhalo | Site realhalo.org

Itetris v1.6.2 local root exploit - Exploits a vulnerable system() call.

tags | exploit, local, root
SHA-256 | 13a0ac0bf7a88ce8832d4b779b8bebc6e5d04c2c956942c7b7664e4ff6f8a7ac
7350nxt-v3.tar.gz
Posted Dec 19, 2000
Authored by teso | Site team-teso.net

Exploit for the Bind NXT remote root vulnerability, which affects Bind v8.2 - 8.2.1. Compiles on Linux, tested against Irix, BSD, and Linux. Includes Irix shellcode for breaking chroot.

tags | exploit, remote, root, shellcode
systems | linux, irix, bsd
SHA-256 | febfc0b34d825bb1fd2b1ea1e96374fa6816966c45c2f8ac101caef72cf4b91b
7350oftpd.tar.gz
Posted Dec 19, 2000
Authored by teso, Caddis | Site team-teso.net

OpenBSD ftpd v2.4_BASE through 2.8 remote root exploit. Includes offsets for v2.6 through v2.8 and instructions for finding offsets of other versions. Requires a writable directory.

tags | exploit, remote, root
systems | openbsd
SHA-256 | e60d36076da9b2566b60a358f1600945cb7392b7f05305acfc0f2dfa49415169
xckermit.c
Posted Dec 19, 2000
Authored by vade79, realhalo | Site realhalo.org

Ckermit v7.0 local buffer overflow exploit for Linux/x86. Not setuid by default, but often installed setuid.

tags | exploit, overflow, x86, local
systems | linux
SHA-256 | a764a6764b205afa2af181409160d382cd7900bb0e413755bae2fd0a686d98de
xsold.c
Posted Dec 16, 2000
Authored by Zorgon | Site nightbird.free.fr

Linux Xsoldier local root buffer overflow exploit. Overflows the -display command line option.

tags | exploit, overflow, local, root
systems | linux
SHA-256 | b399b42f07b8641525a5352aaf822e9698210c090495c285cd9fc11af3fdf062
rdC-LPRng.c
Posted Dec 15, 2000
Authored by venomous | Site rdcrew.com.ar

LPRng v3.6.24 and below remote root exploit for Linux/x86 which exploits the syslog() format string vulnerability. Tested against the default install of Redhat 7.0 (LPRng-3.6.24-1) and LPRng3.6.22-1 installed on Slackware 7.0.

tags | exploit, remote, x86, root
systems | linux, redhat, slackware
SHA-256 | 711ec9e53d55297ca043c724b126975613590c27a195978efaf80054e1390558
killntoe.c
Posted Dec 15, 2000
Authored by vade79, realhalo | Site realhalo.org

Nettoe v1.0.5 denial of service attack - Causes the Nettoe server to use all available CPU cycles and lock the game.

tags | exploit, denial of service
SHA-256 | 0829ddccf17a5f6cf8784776e011d370671b9df074562df981cf1b37ab918cdd
mon_pine.sh
Posted Dec 12, 2000
Authored by JW Oh | Site hacksware.com

Pine v4.30 and below allows outgoing mail to be hijacked if the alternate editor is enabled. Exploit script included.

tags | exploit
SHA-256 | a697070970654ece18a16dfe44b4f7ffcf5b38cb5159bafae4e725f245de46ca
apcupsdos.c
Posted Dec 12, 2000
Authored by The Itch

Apcupsd v3.7.2 local denial of service attack. Can kill any running daemon.

tags | exploit, denial of service, local
SHA-256 | 98d94708575e0137e9354e702878bc24ca1f6d27866f241f5fccddfd8e165f5b
shop.pl.txt
Posted Dec 12, 2000
Authored by Dotslash

Hassan Consulting's Shopping Cart Version 1.x (cgi-bin/shop.pl) contains remote vulnerabilities, including directory transversal with file read ability, listing files, and path disclosure. Exploit URL's included.

tags | exploit, remote, cgi, vulnerability
SHA-256 | 85283352f70d94548d2b56de0d97bcf80906908ef932baf0b3a815cdc3e97361
scx-sa-10.txt
Posted Dec 8, 2000
Authored by Vorlon | Site securax.org

Securax Security Advisory #10 - The Watchguard SOHO Firewall is a small personal hardware firewall used for xDSL, ISDN and Cable connections. Local and Remote users can crash the Watchguard SOHO Firewall using multiple get requests to the webserver. Perl exploit included. This attack will not show up in the logfile except for a reboot notice.

tags | exploit, remote, local, perl
SHA-256 | 8cbd330a7967aec426b0384fc3164e9e13b747e02aa4999c841e1b6a29574a7a
PhoneBook.c
Posted Dec 8, 2000
Authored by David Litchfield

Microsoft Phonebook Server Remote Exploit - Tests for the pbserver.dll buffer overflow.

tags | exploit, remote, overflow
SHA-256 | 03ee0782ae94986d7ad6091fa2a68ecd086f76e481828a70e1bbf11319bdf425
CSA-200012.txt
Posted Dec 7, 2000
Site chinansl.com

CHINANSL Security Advisory(CSA-200012) - Ultraseek Server 3.0 Vulnerability allows malicious users to see the full pathnames of server addons.

tags | exploit
SHA-256 | a93ef1f7c85039e6f7a88a25020b181c801b9ea32a699a2b5f122ec16a96ce51
bf-code.c
Posted Dec 7, 2000
Authored by Asynchro | Site pkcrew.org

Bftpd 1.0.12 contains a remote buffer overflow. Denial of service exploit included.

tags | exploit, remote, denial of service, overflow
SHA-256 | b53b1d6e97dd2c13613462f15448517d0b51dbb7d806ce05e13b0e2e9494dbfc
SRADV00007.txt
Posted Dec 7, 2000
Authored by Secure Reality | Site securereality.com.au

Secure Reality Pty Ltd. Security Advisory #7 - MarkVision is a printer administration package from Lexmark. Versions previous to v4.4 contain local root buffer overflow vulnerabilities. Fix available here.

tags | exploit, overflow, local, root, vulnerability
SHA-256 | 3e763f2a074ead41c407459903496036ba90d70aba5782927022137c103963ec
SRADV00006.txt
Posted Dec 7, 2000
Authored by Secure Reality | Site securereality.com.au

Secure Reality Pty Ltd. Security Advisory #6 - phpGroupWare is a multi-user web based groupware suite written in PHP. Versions below 0.9.7 under Unix make insecure calls to the include() function of PHP which can allow the inclusion of remote files, and thereby the execution of arbitrary commands on the remote web server with the permissions of the web server user, usually 'nobody'. Fix available here.

tags | exploit, remote, web, arbitrary, php
systems | unix
SHA-256 | 6726f2b4b34f81a4e34dba7e545c1d74926ef384ea62801eb1b9a0aae10a731a
SRADV00005.txt
Posted Dec 7, 2000
Authored by Secure Reality | Site securereality.com.au

Secure Reality Pty Ltd. Security Advisory #5 - All 3.x versions of MailMan Webmail below v3.0.26 contain remote command execution vulnerabilities. The code contains several insecure calls to open() containing user specified data. These calls can be used to execute commands on the remote server with the permissions of the user that runs CGI scripts, usually the web server user which is in most cases 'nobody'. Fix available here.

tags | exploit, remote, web, cgi, vulnerability
SHA-256 | b4dcc0b0843d1cb7fc27df32abe4794efcdd89522f9d488aea343af2e5078e74
xlockfmt.c
Posted Dec 6, 2000
Authored by Ben Williams

Xlock local format string exploit for Linux/x86. Tested on Slackware 7.1 and Redhat 6.2.

tags | exploit, x86, local
systems | linux, redhat, slackware
SHA-256 | 4d145844ebe8a37d22c403be58bb4a6d5b30eb6341926262952994da081a236f
hp-pppd.c
Posted Dec 6, 2000
Authored by Shane A. Macaulay

HP/UX v11.0 /usr/bin/pppd local root buffer overflow exploit.

tags | exploit, overflow, local, root
systems | hpux
SHA-256 | fe3f5dd4d79deb81bc655988c0acc2f21da6e77fad6cfac1b4dcdac71dd5c744
ypbind.tgz
Posted Dec 6, 2000
Authored by DiGiT

Linux/x86 remote root exploit for ypbind (ypbind-mt). Tested against Red Hat 7, SuSe 6.x, and Debian.

tags | exploit, remote, x86, root
systems | linux, redhat, suse, debian
SHA-256 | 2b24fda89ac2d6cab494fa7e7579f14e73b189f6e164ba521552fab98bd40eb6
phpxpl.c
Posted Dec 6, 2000
Authored by Count Neithardt von Gneisenau

PHP 3.0.16/4.0.2 remote root format string overflow exploit for Linux/x86. Tested against Slackware 7.0 and Red Hat 6.0.

tags | exploit, remote, overflow, x86, root, php
systems | linux, redhat, slackware
SHA-256 | 4f73e668ad771ff15e243d28868f71c32cd935cf7d2e79ab10e3af4c19ab5ca3
Securax-SA-09.serv-u
Posted Dec 5, 2000
Authored by Zoa_Chien | Site securax.org

Securax Security Advisory Securax-SA-09 - The Serv-U FTP server for Windows v 2.4a, 2.5h, and 3.0b (all versions tested) have vulnerabilities stemming from improper handling of hex encoded characters in ftp commands. The server will reveal the full path to the ftproot, allow read/write/execute/list access to any other file on the partition, and allow listing of all hidden files. Fix available here.

tags | exploit, vulnerability
systems | windows
SHA-256 | e6a9f7a08b79162569e6194cad0956887de19d672150ee61fc642ddb1f1d8c63
Page 2 of 2
Back12Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close