Exploit the possiblities
Showing 1 - 24 of 24 RSS Feed


Posted Jul 10, 2003
Authored by Fyodor | Site notlsd.net

Solaris 8 LDAP_OPTIONS local buffer overflow exploit which takes advantage of a bug in libsldap.so.1.

tags | exploit, overflow, local
systems | solaris
MD5 | 3e83647dbef005fee9899dffd699de24
Posted Jul 10, 2003
Authored by Fyodor | Site notlsd.net

Oracle application server + Netscape Enterprise 4.0 webserver remote exploit in perl which attempts to execute commands remotely as root. Netscape Enterprise webserver must be configured as external 'web listener' for Oracle. Overflow happens when a long string requested with prefix which has been 'linked' to oas. by default it is /jsp/. Takes advantage of the Oracle Application Server shared library buffer overflow which affects Oracle application server + iWS 4.0/4.1 webserver, running on Sparc/Solaris 2.7.

tags | exploit, remote, web, overflow, root, perl
systems | solaris
MD5 | 8b1c7454ec33bc1e3e2f9fada56b00ee
Posted Jun 4, 2001
Authored by Todd J.

Packet Storm new exploits for May, 2001.

tags | exploit
MD5 | c5aff02f19eb6b0d6609b6f1a24ed2fb
Posted May 31, 2001
Authored by Fish Stiqz | Site gibson.analog.org

Gnupig is an advisory and exploit for the Gnupg v1.0.5 format string vulnerability which creates an encrypted file which executes code when it is decrypted.

tags | exploit
MD5 | 4ae22f44dab20051a933aea3d72d5f12
Posted May 31, 2001
Authored by Sagi | Site idiotbox.co.il

HP/UX local exploit for /opt/OV/bin/ecsd.

tags | exploit, local
systems | hpux
MD5 | 8b18048ace7a6f4ea409fa5848415264
Posted May 30, 2001
Authored by Renato Turini

Cool2 is a perl script which checks a list of hosts for IIS servers which are vulnerable to the decode bug and the old unicode bug.

tags | exploit, perl
MD5 | 964b2c769f3959df27d30da320cb6260
Posted May 30, 2001
Authored by Incubus | Site securax.org

Securax Security Advisory #20 - The 1st Up Mail Server version 4.1.6a and below contains a remote denial of service vulnerability. Fix available here.

tags | exploit, remote, denial of service
MD5 | 3701c3ea0da5d59d6240277e61e3cf52
Posted May 30, 2001
Authored by Speedy | Site dutchriot.com

Omnised.pl is an exploit for Omnihttpd v2.08 for Windows 98/me/nt/2000 which lets you dump the source of php perl and other files to a txt file. These files may contain passwords.

tags | exploit, perl, php
systems | windows, 9x
MD5 | c7e9d7db73478899dc769bed4cf3135f
Posted May 25, 2001
Authored by Sector X | Site crosswinds.net

X-Chat v1.2.x format string bug exploit. Tested against x-chat v1.2.1 on Slackware 7.1.

tags | exploit
systems | linux, slackware
MD5 | 4f9aa0075b3dc87c65ead96a596e4d0f
Posted May 24, 2001
Authored by **W**

This little piece of perl code tries to exploit the double decoding BUG on IIS 4 & 5.

tags | exploit, perl
MD5 | 2fb4ce29a3e87d13e39e916a92bc2e1c
Posted May 23, 2001

The WebAvail LinkMax2 (ASP) allows website visitors to view the LinkMax2 admin login and password. Fix included.

tags | exploit, asp
MD5 | 5e10bd2bcfb053e79270c5e564cf78b9
Posted May 21, 2001
Authored by Dex | Site raza-mexicana.org

DQS package v3.2.7 (/usr/bin/dsh) local root exploit. Tested against SuSE 6.3, 6.4, and 7.0.

tags | exploit, local, root
systems | linux, suse
MD5 | 61b0cbcbff2ae657e2cd27c9c7e8b137
Posted May 17, 2001
Authored by Filip Maertens | Site vorlon.hexyn.be

Execiis.c is a remote exploit for Bugtraq ID 2708 - Microsoft IIS CGI filename decode error.

tags | exploit, remote, cgi
MD5 | fe57bb8fe16ba0322fd1c95a75df5270
Posted May 17, 2001
Authored by Roelof Temmingh | Site sensepost.com

Sensedecode.tgz includes 2 perl scripts which exploit the IIS url decoding bug. Decodecheck.pl checks for hosts that have the "decode" problem, and decodexecute executes code using the decoding problem, with redirection.

tags | exploit, perl
MD5 | 86d5e3c61e31daab59964869741639e5
Posted May 17, 2001
Site nsfocus.com

NSFOCUS Security Advisory SA2001-02 - The nsfocus team has found a vulnerability in filename processing of CGI program in MS IIS4.0/5.0, as discussed in ms01-026. CGI filename is decoded twice by error. Exploitation of this vulnerability leads to intruders being able to run arbitrary system commands with IUSER_machinename account privilege. Exploit URL's included.

tags | exploit, arbitrary, cgi
MD5 | 2a33a193bcb02b7e958beb9a0beca3d2
Posted May 17, 2001
Authored by Xbud

Acadsoft's webcgi98.exe displays the full path to the binary in an error message.

tags | exploit
MD5 | 3d0b31a89bc866be6e1cdac15eb759db
Posted May 8, 2001
Authored by Nemes||y

/usr/bin/mailx local buffer overflow exploit. Gives gid=mail shell. Tested against Solaris 8.

tags | exploit, overflow, shell, local
systems | solaris
MD5 | 520e42332e0f23e523bc15a68ef0be5b
Posted May 8, 2001
Authored by venomous | Site rdcrew.com.ar

Cfingerd prior to v1.4.3 remote root exploit for linux/x86. Exploits a format string vulnerability in the syslog() call.

tags | exploit, remote, x86, root
systems | linux
MD5 | 2c8c5b4b13dedbf6ebdf17665491a0a0
Posted May 7, 2001
Authored by Dark Spyrit

Jill.c (fixed version) is a remote exploit for the IIS 5.0 / Windows 2000 remote .printer overflow. Spawns a reverse cmd shell.

tags | exploit, remote, overflow, shell
systems | windows, 2k
MD5 | 93cdeb0e038d60f38995346576863811
Posted May 3, 2001
Authored by Lez

Cfingerd prior to v1.4.2 remote root exploit - Takes advantage of the syslog format string bug. Tested on Debian 2.1 and 2.2.

tags | exploit, remote, root
systems | linux, debian
MD5 | 24019c08c3dedc1545ebecd7ef99cf5b
Posted May 3, 2001
Authored by Styx

Ronin.c is a FreeBSD-4.2 remote root exploit. Requires user access and a writable home directory without chroot.

tags | exploit, remote, root
systems | freebsd
MD5 | d9fb736181b3c5e40177affa5cbef7d8
Posted May 3, 2001
Authored by G_Kos

The G6 FTP server v2.00 freezes if told to create a directory "COM1", "COM2", "COM3" or "COM4".

tags | exploit, denial of service
MD5 | d75e83b84d93a14de68bc4d6112b2c82
Posted May 3, 2001
Authored by Ryan Permeh | Site eeye.com

Windows 2000 / IIS 5.0 sp0 + sp1 remote exploit. Overflows the Host: header of the isapi .printer extension. The included shellcode creates a file in the root drive of c:\ which contains instructions on how to patch your vulnerable server. Compiles on Windows, linux, and *bsd.

tags | exploit, remote, overflow, root, shellcode
systems | linux, windows, 2k, bsd
MD5 | f0bd495ec1eb2791ff66258da26512d1
Posted May 3, 2001
Authored by Wanderley J. Abreu Jr.

Windows 2000 / IIS 5.0 + SP1 Internet Printing Protocol vulnerability test. Causes a memory leak and reports whether or not the remote site is vulnerable, but does not contain shellcode.

tags | exploit, remote, shellcode, protocol, memory leak
systems | windows, 2k
MD5 | d6ddc1ed29d70f3955e46b0fa7785df1
Page 1 of 1

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
Intel Fix Causes Reboots And Slowdowns
Posted Jan 18, 2018

tags | headline, flaw, intel
Text Bomb Is Latest Apple Bug
Posted Jan 18, 2018

tags | headline, phone, denial of service, flaw, apple
Industrial Systems Scrambling To Catch Up With Meltdown, Spectre
Posted Jan 18, 2018

tags | headline, flaw, scada, intel
German Hacker Offers Rare Look Inside Secretive World Of Julian Assange, WikiLeaks
Posted Jan 18, 2018

tags | headline, hacker, government, britain, data loss, germany
Google Intros Security Center Tool For G Suite
Posted Jan 18, 2018

tags | headline, google
Hackers Can't Dig Into Latest Xiaomi Phone Due To GPL Violations
Posted Jan 18, 2018

tags | headline, hacker, phone, google
Ex-Santander Bank Manager Pleads Guilty To Computer Misuse Crimes
Posted Jan 18, 2018

tags | headline, privacy, bank, data loss, fraud
BIND Comes Apart Thanks To Ancient Denial Of Service Vuln
Posted Jan 17, 2018

tags | headline, dns, denial of service, flaw
Another Round Of Click-Fraud Extensions Pulled From Chrome Store
Posted Jan 17, 2018

tags | headline, malware, phone, google
Satori Botnet Successor Targets Ethereum Mining Rigs
Posted Jan 17, 2018

tags | headline, malware, bank, botnet, fraud
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By