Twenty Year Anniversary
Showing 1 - 25 of 40 RSS Feed


Posted Aug 2, 2001
Authored by Todd J.

Packet Storm new exploits for July, 2001.

tags | exploit
MD5 | da3cb1438250539d8be8380e15486d7d
Posted Jul 30, 2001
Authored by SecPoint | Site

The Windows 2000 telnetd service is vulnerable to a remote denial of service attack. The service crashes when scanned for the recent AYT telnetd vulnerability discovered by Scut. Includes SPtelnetAYT.c, a scanner for the AYT vulnerability in telnet daemons build upon the BSD source.

tags | exploit, remote, denial of service
systems | windows, 2k, bsd
MD5 | 34db49ab75ca4fc3edbb7aa09d278554
Posted Jul 29, 2001
Authored by Charles Stevenson

/usr/bin/pileup local root exploit. Tested against Debian 2.2.

tags | exploit, local, root
systems | linux, debian
MD5 | 7db2fa47bb548a4281aad6708c157b54
Posted Jul 29, 2001
Authored by Paul Nasrat

Squid can be used to port scan if set up as a httpd accelerator (reverse proxy). Tested on Redhat 7.0.

tags | exploit
systems | linux, redhat
MD5 | 3072c26d039e563fde8246ed1e61f590
Posted Jul 29, 2001
Authored by Honoriak

IBM DB2 (which works under W98/NT/2000) Proof of concept Denial of Service. Sending 1 byte to port 6789 or 6790 IBM DB2 crashes, as described in ibm.db2.dos.txt.

tags | exploit, denial of service, proof of concept
MD5 | 3de9be6028bd648021d753ebaaf12c72
Posted Jul 27, 2001
Authored by Zen-Parse

Pic / LPRng format string remote exploit. Pic is part of the groff package. It is used by troff-to-ps.fpi as uid lp when perl, troff and LPRng are installed. Tested against Redhat 7.0 (groff-1.16-7).

tags | exploit, remote, perl
systems | linux, redhat
MD5 | b872ac8b739399184c12ab501762793c
Posted Jul 26, 2001

The Mambo Site Server v3.0.0 - 3.0.5 contains a vulnerability which allows users to gain administrative privileges by changing global variables via URL parsing.

tags | exploit
MD5 | 407a1020f4107e848ced585227bc294c
Posted Jul 24, 2001
Authored by JW Oh | Site

Windows 2000 remote IIS .ida exploit - Spawns a shell on port 8008. Tested on Win2k with no service pack and SP2. Includes instructions on finding the offset.

tags | exploit, remote, shell
systems | windows, 2k
MD5 | 00e34a156bbe3fe1825c7cec62b3b266
Posted Jul 23, 2001
Authored by Aidan is a tool for sending banned attachments through SMTP gateways by adding an invalid character to the filename. This is known to work on MailMarshall and TrendMicro Scanmail, others are probably vulnerable.

tags | exploit
MD5 | 3215b593ce0c0f6a1dfd711c637436be
Posted Jul 20, 2001
Authored by Ian Vitek is a unicode / decode IIS attack tool which includes SSL support under Linux. Features many checks for CMD.EXE, Caches the found directory, SSL support with SSLeay (Unix), Easy to use text file upload, Easy to use / encoding option, Relative path name program execution, and Virtual host support. More info available here.

tags | exploit, file upload
systems | linux, unix
MD5 | 612717b92fc58a8c3aa69e838872170e
Posted Jul 18, 2001
Authored by IhaQueR

Ktvision v0.1.1-271 and below symlink local root exploit. Tested against SuSE 7.1.

tags | exploit, local, root
systems | linux, suse
MD5 | e7386b4de150129eee315ee540b989bc
Posted Jul 18, 2001
Authored by Kevin Finisterre

Tarantella 3.01 ttawebtop.cgi "show files" exploit. '..' and '/' are not filtered while processing user input, so it is possible to enter arbitrary values to retrieve files from remote sever, which should not be accessible normally. Exploit URL included.

tags | exploit, remote, arbitrary, cgi
MD5 | 3c05d637d7955fb852fe1c1ec31d1681
Posted Jul 18, 2001
Authored by _Phantom_

/usr/local/bin/filter local exploit. Gives GID=mail. More information available <a href=""here.</a> Tested against Slackware 3.1. Exploits the nlspath buffer overflow.

tags | exploit, web, overflow, local
systems | linux, slackware
MD5 | ac0593f66f87f941019423787bd8fce7
Posted Jul 18, 2001
Authored by Lamerboy

FreeBSD 3.1 - 4.3 local root exploit - Uses the signal condition vulnerability discovered by G. Guninski.

tags | exploit, local, root
systems | freebsd
MD5 | e9b50e27f1042cfbac603ed819ac6420
Posted Jul 18, 2001

qDefense Advisory Number QDAV-2001-7-3 - Interactive Story does not properly validate the contents of a hidden field entitled "next". Setting that field to the name of a file, and using double dots and poison nulls, an attacker can cause Interactive Story to display the contents of any file. Exploit URL included.

tags | exploit
MD5 | ccfd18fc1da76e132dea511b4220808d
Posted Jul 18, 2001
Authored by Gregory Duchemin | Site is a swiss army knife for Hotmail/Messenger. Implements Spoofing/brute force/misconception/unexpected input Class Attacks. Will spoof Hotmail/messenger server to recover user hotmail/password, crash messenger client, remotely inject and execute malicious exe on the victim host.

tags | exploit, spoof
MD5 | 25055226b0a890073e135c5b546d136f
Posted Jul 18, 2001
Authored by Josh

Slackware 8.0 local root exploit - Creates a suid shell when "modprobe lp" is run from the startup scripts.

tags | exploit, shell, local, root
systems | linux, slackware
MD5 | da683d52f3f0072dc6963928eed7696f
Posted Jul 18, 2001
Authored by Roelof Temmingh, Haroon Meer | Site

Checkpoint Firewall-1's SecureRemote allows any IP to connect and download sensitive network information. This perl script gives a potential attacker a wealth of information including ip addresses, network masks (and even friendly descriptions).

tags | exploit, perl
MD5 | 64a69339c5b64edbad5cc889a991464a
Posted Jul 18, 2001
Authored by DiGiT | Site

Cfingerd v1.4.3 remote root exploit for Linux. Binds to port 113 and sends bogus ident information.

tags | exploit, remote, root
systems | linux
MD5 | d764f4c05c80af0f321c878876a84804
Posted Jul 18, 2001
Authored by Andy Gavin

Qflood.c fills up a Quake server with spoofed "unconnected" clients, disallowing other players the ability to connect to the server since the player limit fills up quickly. Additionally, if the server does not support multiple clients from the same IP address, it will disconnect legitimate players if the spoofed connection request matches that player.

tags | exploit, spoof
MD5 | 7588a0c0ef179e78557b962a95c75291
Posted Jul 18, 2001
Authored by Zen-Parse, Josh, Lockdown

Slackware 8.0 and below ships with /var/man/cat* chmodded 1777, making it vulnerable to symlink attacks. This exploit creates a suid shell with the UID of the user running man.

tags | exploit, shell
systems | linux, slackware
MD5 | c1c8ef9823405a020ea2cc19d098e213
Posted Jul 18, 2001
Authored by Suid

Local root exploit for /usr/bin/ml85p, a suid binary which is vulnerable to a local symlink attack. It is included in Mandrake 8.0 by default.

tags | exploit, local, root
systems | linux, mandrake
MD5 | 27106ddc98e2b944324483817b655184
Posted Jul 18, 2001
Authored by vade79 | Site is a local root exploit for an insecure system call in xman.

tags | exploit, local, root
MD5 | 631ac7297588dc7496aa411184167887
Posted Jul 12, 2001
Authored by Ntf, Sky

Current versions of xdm are sensitive to trivial brute force attack if it is compiled with bad options, mainly HasXdmXauth. Without this option, cookie is generated from gettimeofday(2). If you know starting time of xdm login session, computation of the cookie just takes a few seconds.

tags | exploit
MD5 | cb62c9d2e6db81932cda010ba727d2a0
Posted Jul 12, 2001
Authored by Buggzy | Site

Nerf Group Security Advisory #4 - Microsoft IIS 4 and 5 can be crashed remotely by reading device files (com1, com2, etc). Exploit URL included.

tags | exploit
MD5 | 86ac77030b990207e5472ee62b0bd790
Page 1 of 2

Top Authors In Last 30 Days

Recent News

News RSS Feed
Equifax Fined By ICO Over Data Breach That Hit Britons
Posted Sep 20, 2018

tags | headline, privacy, britain, data loss, fraud, identity theft
Hackers Steal Credit Cards From Newegg, Researchers Say
Posted Sep 19, 2018

tags | headline, hacker, cybercrime, data loss, fraud
Mirai Botnet Creators Praised For Helping FBI, Won't Serve Prison Time
Posted Sep 19, 2018

tags | headline, hacker, government, malware, usa, botnet, fbi
US State Department Confirms Staff Email Hack
Posted Sep 19, 2018

tags | headline, hacker, government, privacy, email, usa, data loss, cyberwar
Hackers Peddle Thousands Of Air Miles On The Dark Web For Pocket Money
Posted Sep 19, 2018

tags | headline, hacker, cybercrime, fraud
US Judge Allows E-Voting Despite Hack Fears
Posted Sep 19, 2018

tags | headline, government, usa, fraud, flaw
Facebook Now Offers Bounties For Access Token Exposure
Posted Sep 19, 2018

tags | headline, hacker, data loss, facebook, social
A History Of Badgelife, Def Con's Unlikely Obsession With Artistic Circuit Boards
Posted Sep 19, 2018

tags | headline, hacker, conference
14 Million Records Exposed In GovPayNow Leak
Posted Sep 18, 2018

tags | headline, government, privacy, usa, data loss
"Lawful Intercept" Pegasus Spyware Found Deployed In 45 Countries
Posted Sep 18, 2018

tags | headline, government, phone, google, spyware, apple
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By