Exim v4.10 and below local exploit for the Exim MTA which can only be successfully run by the compiled-in "admin user" of Exim. Also tested on v3.55.
bf334b2e4dbc3ee3e47ed9c0c5f9f1991546153da6018f30c21b4a56d9ad2d0b
Putty v0.52 and below remote exploit which poses as an ssh daemon and will bind cmd.exe on port 31337 of the victim sshing inbound. Tested against Windows XP and 98SE.
eafb21d90b54269b8a8b5aba1dbea160f82668e29aadfa66c25daf5443e53fc9
Solaris /bin/login remote exploit in perl. Vuln info here.
056d5cea8f5e61ee22a3485eeb81a418c321ea8feb09bfab3216b80ef927ee98
Packet Storm exploits added in the year 2002.
0617e2f7ff24aef4e0c4e755eeb45ef4355b511518c82177d4b919df913c02b4
Packet Storm new exploits for December, 2002.
1555cfd70d17661ea949de42f155f2a9ca2fa215c4751d4829806a8dbb83647d
Mdaemon v6.0.7 and below remote denial of service exploit in perl. Exploits the bug described in mdaemon-dos.txt.
d722a6f6a11389b08c0202d154193b25214a7fbaa77ae7cb01d58958651165b3
IBM Websphere 4.0.3 for Windows 2000 Server remote denial of service exploit in perl. Exploits the bug described in websphere.crash.txt.
bf898618c3bd0a71812b1c20d114644090c17ebea06aeb8f02933b56c120c1cf
/usr/sbin/rpc.mountd Local Exploit tested on Slackware 8.1. Test only - not setuid.
35bdc9b60002a0fd0830a0017a3e2e788a9a39daacef3f7529779e71f7589149
Linksys BEFSR41 EtherFast Cable/DSL Router remote denial of service exploit in perl.
5e8f1bd72dc612280a567fcb9e559a448281a2f3f131c700d421541ee404ca46
IBM Web Traffic Express Caching Proxy Server v3.6 and 4.x (bundled with IBM WebSphere Edge Server v2.0) remote denial of service exploit in perl. Exploits the bug described in R7-0007.txt.
0145ba05224abe8cd39e2bbb4563f50912ca30a674d9149f9da950d0e59bd439
DSINet Security Advisory DSINET-SA-02-01 - Web-CyrAdm v0.5.2 and below contains a remote denial of service vulnerability.
ba242380d4f682e24aac783eb1cde075f23c147ef23b9fa049411c4356f3f841
Efs_local.c is a stack based local root buffer overflow exploit for Linux/x86. Tested against Gentoo Linux 1.4-rc1, RedHat Linux 8.0, and Slackware Linux 8.0 and 8.1.
10a4e86143fae5d4e2bb104454a83029d59958991655fd1343111fd4877b96ad
Local proof of concept for non-setuid binary /bin/sfxload which overflows the $HOME environment variable. Tested on Red Hat 7.0 and 7.2. Other setuid programs may call this binary, leading to privilege escalation.
fba83a1d7358cb4bbde5773a64e9b9700c008093044e9eb8b18d983f0b18adb3
Cups-1.1.17 and below remote denial of service exploit. Tested against Red Hat Linux 7.0 and 7.3.
06b5099910189dc6cc9b50a2ea27515f24becd3bf3b677bd9981ee2dec92f31b
Putty v0.52 and below remote exploit which is a fake ssh server to exploit connecting putty clients. Downloads and executes an attacker supplied URL. Tested on linux and Cygwin against putty 0.52 running on WinXP and Win2000.
ea55431a7edf4385d9cf0057092c53eb171bc0bbe707f33ad5a241852b5dadbe
Efshit is an exploit for the efstool vulnerability. Unlike other exploits for this vulnerability, Efshit is robust, has a wide range of attack options, incorporates brute forcing, and actually works.
832cf510139b6658abbfd12c0a8fc81a46eea6532be15b619d2c7bf4e3854b9e
Remote buffer overflow exploit for the melange chat server v1.10. Tested on SuSE 8.0 and Redhat 7.3.
2ebf0d0384b1b15ad2931288e662c25760b2f664f21362f3c9bf4f12f2e1a27f
Krb 4-1.2 kadmind remote stack overflow remote root exploit for FreeBSD 4.x, BSD/OS 4.2, SUSE 8.0, OpenBSD 2.9 and 3.0, Slackware 8.0, and OpenWall 0.10.
c513133b6220f92e72287282cf3c8c7d473068419bbca7546a806fa93ef5a03d
Fake Freebsd-4.6 remote telnetd setenv() heap overflow exploit which is very similar to 7350854.c.
07e888a3c669b4d4ce129cda0e38b2aa3279b9d87a5c25033370270aadc53308
Cyrus-imap v2.1.10 remote exploit. Tested against Slackware linux v8.0 with glibc-2.2.3 and kernel 2.4.19. Localhost IP is hard coded.
d60a10d34c05222525ab5cf814c721d41fde8727027687f8348116638be581ea
Tcpdump v3.6.3 remote root exploit. Tested against FreeBSD-4.6.
c738ae09342cca2f263e6827dfaa5d34cca5a8098a2efa6c3adaa524156ad552
Local /sbin/ifenslave buffer overflow exploit tested on Redhat 8.0.
b9e0e10a7a2ea847f5bc55ae0e24a42b4e1a28d15afff1711fff91baa314f29d
WU-IMAP v2000.287 linux/x86 remote root exploit. Tested against Debian 2.2. This code is also known as 7350owex.c.
8df95acb30e9f414b6310ecf9b306c5f2adc266657fe297676044ba7ca022888
0x09wule.c is a Linux/x86 wu-ftpd v2.6.2(1) remote root exploit. Tested against RedHat 7.2 running wu-ftpd-2.6.2(1) on the default install. Note: This exploit is reported to be old and does not work.
502aea31745faeeab8856c6ce2be79e52527dc8975026f6c641587a3103b4baa
Cobalt RaQ 4 and possibly others overflow.cgi remote root exploit which takes advantage of a flaw in the Security Hardening Package.
f913bb1392a7292e21f35b8a2b2e99ad39393ff5a90efaf97daf65816f45d436