Exploit the possiblities
Showing 1 - 19 of 19 RSS Feed

Files

0103-exploits.tgz
Posted Apr 10, 2001
Authored by Todd J.

Packet Storm new exploits for March, 2001.

tags | exploit
MD5 | dc41d0896e54183fb228e0b24db8af30
iemsdaipp.txt
Posted Mar 30, 2001
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #40 - Security bugs in interactions between IE 5.x, IIS 5.0 and Exchange 2000. If a malicious web page is browsed with IE it is possible to list the directories of arbitrary IIS 5.0 servers to which the browsing user has access. Under certain circumstances it is also possible to read the user's email or folders if it is stored on an Exchange 2000 server with web storage (it uses IIS 5.0). It is also possible to create (or probably modify) files on the Exchange 2000 server with web storage. Example exploit included.

tags | exploit, web, arbitrary
MD5 | 85beec7e8445644e67cb4fa185ca6a0c
ASPSeek.txt
Posted Mar 27, 2001
Authored by Tack

ASPSeek by SWSoft allows remote users to view any file on the webserver via a /../ bug.

tags | exploit, remote
MD5 | 46cec92ad366b836aa5f1751d55f8f0b
ASPSeek-exploit.pl
Posted Mar 26, 2001
Authored by Telehor | Site teleh0r.cjb.net

Remote buffer overflow exploit for ASPSeek by SWSoft. Tested against Aspseek v1.0.3 running on Red Hat 6.2.

tags | exploit, remote, overflow
systems | linux, redhat
MD5 | 15c85aa9f9e12cb5b98990e84cd5315c
manhole.c
Posted Mar 26, 2001
Authored by Fish Stiqz

Manhole.c is a local exploit for man. Bypasses non-executable stack patches. Tested against Slackware 7.1, Debian 2.2, SuSE Linux 6.3, 6.4, and 7.0.

tags | exploit, local
systems | linux, suse, slackware, debian
MD5 | 8b78e5731e6124a250d964d2c2e26d0d
vv5.pl
Posted Mar 19, 2001
Authored by Georgi Guninski | Site guninski.com

IIS 5.0 / Windows 2000 WebDAV remote denial of service exploit - Sends a specially crafted request, as described in MS01-016.

tags | exploit, remote, denial of service
systems | windows, 2k
MD5 | a2cab69356c0b04e87dc3307f26a0c1c
n82x.c
Posted Mar 19, 2001
Authored by Ix, Lucysoft

Named v8.2.x remote root exploit - Uses the tsig bug. Only includes linux shellcode.

tags | exploit, remote, root, shellcode
systems | linux
MD5 | 572799a470381b834d7cc0e07e523894
glob-abuse.c
Posted Mar 19, 2001
Authored by R00T-dude

This code exploits a bug in the glob() function used in some ftpd's (like proftpd, netbsd ftpd, iis ftpd). It sends a 'ls' command for which will take up about 100% of a systems memory, creating a very effective dos.

tags | exploit
systems | netbsd
MD5 | df4760b5d6daa9e70c4e505232f87908
ftpsed.pl
Posted Mar 19, 2001
Authored by Speedy | Site dutchriot.com

ftpsed.pl is a perl script which exploits a denial of service vulnerability in Proftpd v1.2 and below. Requires a username and password.

tags | exploit, denial of service, perl
MD5 | cf4a3464c6ceaaa5e194728e22f67628
joe28.c
Posted Mar 19, 2001
Authored by Fides

Joe 2.8 local exploit - Requires sysadmin intervention. Tested on FreeBSD 4.2-Release.

tags | exploit, local
systems | freebsd
MD5 | 530287f848a25dff1eb7741d70ba2035
suq_diq.zip
Posted Mar 16, 2001
Authored by Xor37h, Darkman

Suq Diq v1.00 is a remote exploit for IBM Net.Commerce, WebSphere and possibly other IBM and Lotus applications as well. These products use Tripple DES with a fixed key by default, allowing remote users to gain the usernames and plaintext passwords of all Net.Commerce accounts. Exploit URL's included.

tags | exploit, remote
MD5 | b23af7e5a65ee8fcd01f9846db2e10a6
openssh-2.2.0-exp.tgz
Posted Mar 16, 2001
Authored by Nemes||y

OpenSSH-2.2.0 remote exploit - Includes a wrapper to brute force the offset.

tags | exploit, remote
MD5 | a975d944823b58f0e067a2c6cca0ae53
ascdcx.c
Posted Mar 16, 2001
Authored by The Itch | Site bse.die.ms

Local exploit for /usr/X11R6/bin/ascdc v0.3-2-i386 which overflows the -c switch.

tags | exploit, overflow, local
MD5 | 9e219e72bf260f2bb0957bf175ab7dc1
ssh-brute.sh
Posted Mar 9, 2001
Site crimelabs.net

Ssh-brute.sh brute force guesses root's password without being logged. See CLABS200101 for more information.

tags | exploit, root, cracker
MD5 | 986fe09b26708b20752e93a261f6b8b9
imapd_lsub.c
Posted Mar 4, 2001
Authored by Narrow | Site zone.ee

Imapd v12.264 remote exploit for Red Hat - Exploits an overflow in the LSUB command, which requires an account. Tested on Red Hat 5.1, 5.2, 6.0, 6.1, and 6.2 with IMAP4rev1 v10.223, v11.241, v12.250, and v12.264.

tags | exploit, remote, overflow
systems | linux, redhat
MD5 | 2943c1787b72ce3bf2bfe737ce29b72e
sfgate-info.txt
Posted Mar 3, 2001
Authored by Krfinisterre

SFGate v5.1 p11 gives sensitive information by allowing one to view a few lines of text from a file via an error message. Exploit URL included.

tags | exploit
MD5 | f9ed84c3893940a2fda06ebdbbea9de5
rdC270201.adv.en
Posted Mar 3, 2001
Authored by venomous | Site rdcrew.com.ar

PHP-Nuke v4.4.1a contains remote vulnerabilities because arbitrary information can be passed to MySQL via the saveuser() function and several others. It's possible for the attacker to change the e-mail address of one of the users and ask for the password to be sent to the e-mail address that the attacker have provided. Exploit URL included.

tags | exploit, remote, arbitrary, php, vulnerability
MD5 | 678f89d8935aa6ca1cad7f09eab50496
elvwreck.c
Posted Mar 2, 2001
Authored by Dethy | Site synnergy.net

FreeBSD 3.5.1 and 4.2 ja-elvis and ko-helvis (ports packages) local root exploit. Both come with a utility called elvrec that is installed suid root by default.

tags | exploit, local, root
systems | freebsd
MD5 | 4ca21b5b596030f13a6882a0b80a67f3
SA2K01.txt
Posted Mar 2, 2001
Authored by Max | Site SecurityApex.com

A quick fix against RFP2101 - PHP-Nuke v4.4 and below allows users to steal accounts via sql hacking.

tags | exploit, php
MD5 | 8037a25480af2b21fdd09bcb932d4a38
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
NYPD Cops Need A Warrant To Snoop On Your Phone
Posted Nov 17, 2017

tags | headline, government, privacy, usa, phone
Oracle Scrambles To Fix Security Flaws In Tuxedo
Posted Nov 17, 2017

tags | headline, database, flaw, oracle
Github To Devs: Now You'll Get Security Alerts On Flaws In Popular Software Libraries
Posted Nov 17, 2017

tags | headline, flaw
Keystone Pipeline Leaked 210,000 Gallons Of Oil In South Dakota
Posted Nov 17, 2017

tags | headline, flaw
Cash Converters Reveals Data Breach
Posted Nov 16, 2017

tags | headline, hacker, cybercrime, data loss, fraud, identity theft
Kaspersky Defends Its Role In NSA Breach
Posted Nov 16, 2017

tags | headline, government, malware, usa, russia, data loss, spyware, nsa
McAfee Anti-Hacking Service Exposed Users To Banking Malware
Posted Nov 16, 2017

tags | headline, malware, bank, cybercrime, fraud, flaw, identity theft, mcafee
DJI Bug Bounty NDA Is 'Not Signable', Say Irate Infosec Researchers
Posted Nov 16, 2017

tags | headline, hacker, flaw
Government Just Figures Out You Can Hack Planes Remotely Due To Poor Design
Posted Nov 15, 2017

tags | headline, government, usa, flaw, terror
UK Security Chief Blames Russia For Hacks
Posted Nov 15, 2017

tags | headline, hacker, government, britain, russia, cyberwar
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close