Twenty Year Anniversary
Showing 1 - 24 of 24 RSS Feed

Files

ldap-exp2.c
Posted Jul 10, 2003
Authored by Fyodor | Site notlsd.net

Solaris 8 LDAP_OPTIONS local buffer overflow exploit which takes advantage of a bug in libsldap.so.1.

tags | exploit, overflow, local
systems | solaris
MD5 | 3e83647dbef005fee9899dffd699de24
oas408-exp.pl
Posted Jul 10, 2003
Authored by Fyodor | Site notlsd.net

Oracle application server 4.0.8.2 + Netscape Enterprise 4.0 webserver remote exploit in perl which attempts to execute commands remotely as root. Netscape Enterprise webserver must be configured as external 'web listener' for Oracle. Overflow happens when a long string requested with prefix which has been 'linked' to oas. by default it is /jsp/. Takes advantage of the Oracle Application Server shared library buffer overflow which affects Oracle application server 4.0.8.2 + iWS 4.0/4.1 webserver, running on Sparc/Solaris 2.7.

tags | exploit, remote, web, overflow, root, perl
systems | solaris
MD5 | 8b1c7454ec33bc1e3e2f9fada56b00ee
0105-exploits.tgz
Posted Jun 4, 2001
Authored by Todd J.

Packet Storm new exploits for May, 2001.

tags | exploit
MD5 | c5aff02f19eb6b0d6609b6f1a24ed2fb
gnupig.tar.gz
Posted May 31, 2001
Authored by Fish Stiqz | Site gibson.analog.org

Gnupig is an advisory and exploit for the Gnupg v1.0.5 format string vulnerability which creates an encrypted file which executes code when it is decrypted.

tags | exploit
MD5 | 4ae22f44dab20051a933aea3d72d5f12
requiem.c
Posted May 31, 2001
Authored by Sagi | Site idiotbox.co.il

HP/UX local exploit for /opt/OV/bin/ecsd.

tags | exploit, local
systems | hpux
MD5 | 8b18048ace7a6f4ea409fa5848415264
cool2
Posted May 30, 2001
Authored by Renato Turini

Cool2 is a perl script which checks a list of hosts for IIS servers which are vulnerable to the decode bug and the old unicode bug.

tags | exploit, perl
MD5 | 964b2c769f3959df27d30da320cb6260
scx-sa-20.txt
Posted May 30, 2001
Authored by Incubus | Site securax.org

Securax Security Advisory #20 - The 1st Up Mail Server version 4.1.6a and below contains a remote denial of service vulnerability. Fix available here.

tags | exploit, remote, denial of service
MD5 | 3701c3ea0da5d59d6240277e61e3cf52
omnised.pl
Posted May 30, 2001
Authored by Speedy | Site dutchriot.com

Omnised.pl is an exploit for Omnihttpd v2.08 for Windows 98/me/nt/2000 which lets you dump the source of php perl and other files to a txt file. These files may contain passwords.

tags | exploit, perl, php
systems | windows, 9x
MD5 | c7e9d7db73478899dc769bed4cf3135f
xchat.c
Posted May 25, 2001
Authored by Sector X | Site crosswinds.net

X-Chat v1.2.x format string bug exploit. Tested against x-chat v1.2.1 on Slackware 7.1.

tags | exploit
systems | linux, slackware
MD5 | 4f9aa0075b3dc87c65ead96a596e4d0f
decodecgi.pl
Posted May 24, 2001
Authored by **W**

This little piece of perl code tries to exploit the double decoding BUG on IIS 4 & 5.

tags | exploit, perl
MD5 | 2fb4ce29a3e87d13e39e916a92bc2e1c
LinkMax.txt
Posted May 23, 2001

The WebAvail LinkMax2 (ASP) allows website visitors to view the LinkMax2 admin login and password. Fix included.

tags | exploit, asp
MD5 | 5e10bd2bcfb053e79270c5e564cf78b9
dqsexp.c
Posted May 21, 2001
Authored by Dex | Site raza-mexicana.org

DQS package v3.2.7 (/usr/bin/dsh) local root exploit. Tested against SuSE 6.3, 6.4, and 7.0.

tags | exploit, local, root
systems | linux, suse
MD5 | 61b0cbcbff2ae657e2cd27c9c7e8b137
execiis.c
Posted May 17, 2001
Authored by Filip Maertens | Site vorlon.hexyn.be

Execiis.c is a remote exploit for Bugtraq ID 2708 - Microsoft IIS CGI filename decode error.

tags | exploit, remote, cgi
MD5 | fe57bb8fe16ba0322fd1c95a75df5270
sensedecode.tgz
Posted May 17, 2001
Authored by Roelof Temmingh | Site sensepost.com

Sensedecode.tgz includes 2 perl scripts which exploit the IIS url decoding bug. Decodecheck.pl checks for hosts that have the "decode" problem, and decodexecute executes code using the decoding problem, with redirection.

tags | exploit, perl
MD5 | 86d5e3c61e31daab59964869741639e5
sa2001_02.txt
Posted May 17, 2001
Site nsfocus.com

NSFOCUS Security Advisory SA2001-02 - The nsfocus team has found a vulnerability in filename processing of CGI program in MS IIS4.0/5.0, as discussed in ms01-026. CGI filename is decoded twice by error. Exploitation of this vulnerability leads to intruders being able to run arbitrary system commands with IUSER_machinename account privilege. Exploit URL's included.

tags | exploit, arbitrary, cgi
MD5 | 2a33a193bcb02b7e958beb9a0beca3d2
webcgi98.txt
Posted May 17, 2001
Authored by Xbud

Acadsoft's webcgi98.exe displays the full path to the binary in an error message.

tags | exploit
MD5 | 3d0b31a89bc866be6e1cdac15eb759db
sol8_mailx.c
Posted May 8, 2001
Authored by Nemes||y

/usr/bin/mailx local buffer overflow exploit. Gives gid=mail shell. Tested against Solaris 8.

tags | exploit, overflow, shell, local
systems | solaris
MD5 | 520e42332e0f23e523bc15a68ef0be5b
rdC-cfingerd.c
Posted May 8, 2001
Authored by venomous | Site rdcrew.com.ar

Cfingerd prior to v1.4.3 remote root exploit for linux/x86. Exploits a format string vulnerability in the syslog() call.

tags | exploit, remote, x86, root
systems | linux
MD5 | 2c8c5b4b13dedbf6ebdf17665491a0a0
jill.c
Posted May 7, 2001
Authored by Dark Spyrit

Jill.c (fixed version) is a remote exploit for the IIS 5.0 / Windows 2000 remote .printer overflow. Spawns a reverse cmd shell.

tags | exploit, remote, overflow, shell
systems | windows, 2k
MD5 | 93cdeb0e038d60f38995346576863811
fingex.pl
Posted May 3, 2001
Authored by Lez

Cfingerd prior to v1.4.2 remote root exploit - Takes advantage of the syslog format string bug. Tested on Debian 2.1 and 2.2.

tags | exploit, remote, root
systems | linux, debian
MD5 | 24019c08c3dedc1545ebecd7ef99cf5b
ronin.c
Posted May 3, 2001
Authored by Styx

Ronin.c is a FreeBSD-4.2 remote root exploit. Requires user access and a writable home directory without chroot.

tags | exploit, remote, root
systems | freebsd
MD5 | d9fb736181b3c5e40177affa5cbef7d8
g6-dos.txt
Posted May 3, 2001
Authored by G_Kos

The G6 FTP server v2.00 freezes if told to create a directory "COM1", "COM2", "COM3" or "COM4".

tags | exploit, denial of service
MD5 | d75e83b84d93a14de68bc4d6112b2c82
iishack2000.c
Posted May 3, 2001
Authored by Ryan Permeh | Site eeye.com

Windows 2000 / IIS 5.0 sp0 + sp1 remote exploit. Overflows the Host: header of the isapi .printer extension. The included shellcode creates a file in the root drive of c:\ which contains instructions on how to patch your vulnerable server. Compiles on Windows, linux, and *bsd.

tags | exploit, remote, overflow, root, shellcode
systems | linux, windows, 2k, bsd
MD5 | f0bd495ec1eb2791ff66258da26512d1
webexplt.pl
Posted May 3, 2001
Authored by Wanderley J. Abreu Jr.

Windows 2000 / IIS 5.0 + SP1 Internet Printing Protocol vulnerability test. Causes a memory leak and reports whether or not the remote site is vulnerable, but does not contain shellcode.

tags | exploit, remote, shellcode, protocol, memory leak
systems | windows, 2k
MD5 | d6ddc1ed29d70f3955e46b0fa7785df1
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
Orangeworm Malware Targets Hospitals Worldwide
Posted Apr 26, 2018

tags | headline, malware
Cyber-Attack Website Webstresser Taken Down
Posted Apr 25, 2018

tags | headline, government, denial of service
Suspicious Event Hijacks Amazon Traffic For 2 Hours, Steals Cryptocurrency
Posted Apr 25, 2018

tags | headline, hacker, amazon, fraud, cryptography
Hotel Door Locks Worldwide Were Vulnerable To Attack
Posted Apr 25, 2018

tags | headline, hacker, flaw
Yahoo! Fined $35 Million For Covering Up Security Breach
Posted Apr 25, 2018

tags | headline, hacker, government, privacy, usa, data loss, yahoo
Someone Is Trying To Extort iPhone Crackers GrayShift With Leaked Code
Posted Apr 25, 2018

tags | headline, hacker, phone, data loss, apple
1 Million US Children Affected By Identity Theft Last Year
Posted Apr 24, 2018

tags | headline, usa, cybercrime, fraud, identity theft
The Unpatchable Exploit That Makes Every Current Nintendo Switch Hackable
Posted Apr 24, 2018

tags | headline, hacker, flaw, nintendo
Atlanta Spent At Least $2.6 Million On Ransomware Recovery
Posted Apr 24, 2018

tags | headline, malware, cybercrime, data loss, fraud, cryptography
Police Visit Funeral Home To Unlock Dead Man's Phone
Posted Apr 24, 2018

tags | headline, government, privacy, usa, phone
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close