Redhat 7.0 remote buffer overflow exploit for IMAP4rev1 prior to v10.234.
75b065b2f0858851cd62bf6a2ee0bbb4ec171f8df9222e0aabcb9ca33987966d
Packet Storm new exploits for August, 2002.
f582d5c73e523f8fd1c9a3f9b945267a0ebf141ad9fc9d97d3331ea3c92527ec
Denial of service exploit for Core ST's recently discovered Windows SMB vulnerability which works against Windows NT/2k/XP.
e15996cb0517207f90b82190146c6c98da17a98d4c7fcd481f0f963988811a36
Many scripts installed in mIRC below version 6.03 allow remote compromise if they use the $asctime identifier, which is used to format unix time stamps. Includes proof of concept code which causes mIRC to execute a command line on any supported OS. Most users have not yet upgraded.
7bbc56e28d283a43eccbc8e827589188437b85d0ee6f7ebe44afd3e5cf94b646
This Proof of Concept exploit for the current directory traversal design flaw in apache 2.0.x - 2.0.39 allows any attacker to view any file on the target machine. Original vulnerability found by Luigi Auriemma. Affected Systems: Windows [win32], Netware, OS2, Cygwin.
6aceadaa5b57140304df3527499731b71b0374b1690f5244471132425d9e168d
Proof of concept local exploit for the Caldera Linux X11 server. The Xserver calls xkbcomp in an insecure manner while not dropping privileges.
63e311dfa1eaf7b6836e69f9c5ed6134e5e229baf79f58c276d954ff32d2d618
mIRC, the popular chat client for the IRC has support for a scripting language that has been found to be vulnerable. A buffer overflow exists in the $asctime identifier where an error lies in the handling of oversized format specifier strings.
bad0f9793175f781bb0c8b0c508f6029e42a8d916ebd132418062048d3fa75bd
OLE controls or OCX controls, are components (or objects) you can insert into a Web page or other application to reuse packaged functionality someone else programmed. An unchecked buffer exists in the ActiveX control used to display specially formatted text. This could be executed by encouraging an unsuspecting user to visit a malicious web page.
7c6b577c63be58c08729f85ca1894a7f7b06ba1e0c5bfe3bcc43ca20f299264a
A flaw in the Ultimate PHP Board (UPB) software allows standard users to create an admin accounts with lower case letters that has standard user privileges but that may cause confusion to other users. Fix included.
cc32e63f249c90e0c02670919dd271f2bc8690b8e1f6890f2355f243376c356d
iDEFENSE Security Advisory 08.28.2002 - Webmin v0.92 and below contains remote vulnerabilities which allow any file to be read from or written to as root. Perl exploit code included.
af31beb487c3d22656202899a2265acf6154205773815b6ae81b751d5177ca36
SMBdie is a proof of concept tool which crashes Windows machines with Netbios enabled by sending a specially crafted SMB request. Tested against Windows NT/2k/XP/.NET RC1.
5b21793e665c14f40e6ca342af31b249f2d4e215b15cdc697564836471942749
Local proof of concept exploit for the gdam123 software package. Exploits an unchecked buffer in filename option.
79b4ed49fba81c1e9bbe29fb3aacdd661eeb60bcd533162c9e334f350afee027
Holygrail.c is a remote root exploit for telnetd under Solaris Sparc 2.5.1, 2.6, 2.7, and 8. Verified to work against Solaris 7 and 8 sparc - spawns a root shell.
db9942f1b9b94f9665e2d1ea631b7cd99d363ce639e4f91ab79966997e37ceaa
IMAP4rev1 remote exploit written for RedHat and Slackware Linux.
2c63190c95346036004d1bdcbbad7a402887fbc9ffaf0b93ecabd53a5ce269c6
Phenoelit Ultima Ratio - a Cisco IOS exploitation of a heap overflow and using actual shell code to upload a new config; all in one UDP packet. Exploits an issue in the 11.x IOS TFTP server. Works against Cisco 1600 and 1000 series routers, but is designed as PoC.
92eb69ddc50d86688f9ebbb871a850bff12e6f794515a11f2eee91463a3708c2
MyWebServer v1.0.2 remote buffer overflow exploit in perl. Included shellcode opens a shell on port 7788.
8c2cbfbfd316cc19961269f859f90381c0f9e3ebd64bda72f95f110da0564451
Exploit code for Winhlp32.exe remote buffer overflow vulnerability. Calls WinExec SW_HIDE and executes supplied command. Tested against Windows 2000 Professional SP2. Written for Kernel32.dll version 5.0.2195.2778.
adce750ea8ea7636a6d8425b52fcab60b5dd38ae71c75e61d280d5b11e225141
Exploit code for Winhlp32.exe remote buffer overflow vulnerability. Calls WinExec SW_HIDE and executes supplied command. Tested against Windows 2000 Professional SP2. Written for Kernel32.dll version 5.0.2195.4272.
d51b5844b984733f335e621404e81da9ba3972f55afab24141b4eeba7aef7f17
SQL Server 2000 remote buffer overflow exploit. Uses tcp port 1433. More information here.
3a6d1455f5516c79193ad22a34830d280df3ae4df2cafbc718ee266e6dbf3dca
SQL Server 2000 remote buffer overflow exploit. Tested against Win2ksp2. Included shellcode creates the file \scan_sql2k_bo. Fix available here.
d75a40dd02e1ffd0eb5451b02a8c960e2713292b3890483438f4aacc31d79964
This exploit works against a recent bug found in RedHat's Interchange commerce system that allows for the typical directory traversal attack.
cae98e6dba628c388417c537483021da06e3b2e787e407c76f59d8135f23ef5e
Gobbles exploit for ipppd which is part of the isdn4linux-utils package and is part of the default install of many linux distributions. Under Suse 8.0, ipppd is installed suid root but can only be run by users in the group "dialout". The exploit works on a syslog(3) format string problem: syslog(LOG_NOTICE,devstr). This code is normally only reached with a valid device string but if you feed ipppd a devicename that is >= 256 bytes it will merrily proceed to log this string using the faulty syslog(3) call. Subsequently handing over root access to the machine.
e290a9d199b6083a44c4fb80139472fd60f466a8f4698bdd4662f2cdc26abbfd
This exploit was designed as a proof-of-concept application to show how the vulnerable Win32 Messaging System fails to authenticate a source of a message. This particular application was designed to be used against Network Associates VirusScan v4.5.1 running on Win2k Professional. Microsoft VP Jim Allchin stated under oath that there were flaws in Windows so great that they would threaten national security if the Windows source code were to be disclosed. This is the exploitation that was being referenced. Please reference the white paper for more information.
ef99e3104bee25d285a528f0ce8d190cfd20db1a833fe71d8fe25edaea3d71d3
Mozilla FTP View Cross-Site Scripting Vulnerability - Mozilla allows the running Malicious Scripts due to a bug in 'FTP view' feature. If you click on a malicious link, the script embedded in URL will run. This problem is in 'FTP view' feature. The 'URL' is not escaped. Fixed in Mozilla 1.0.1.
0c46a0bf30f0f31bf2f056f0da0c0c250611bfd73ec5f19f137c39328c6d0189
Opera FTP View Cross-Site Scripting Vulnerability - Opera allows running Malicious Scripts due to a bug in 'FTP view' feature. If you click on a malicious link, the script embedded in URL will run. This problem is in 'FTP view' feature. The 'URL' is not escaped. Vulnerable: Windows2000 SP2 Opera 6.03 and Windows2000 SP2 Opera 6.04
029e61a6f99887883599a606e4f90ec32fa6a841cb0ae72c171bc511fda8b805