Exploit the possiblities
Showing 1 - 25 of 40 RSS Feed

Files

0304-exploits.tgz
Posted Jul 14, 2003
Authored by Todd J.

Packet Storm new exploits for April, 2003.

tags | exploit
MD5 | e7ff817b4f14361992054b05c064b6f2
poptop-sane.c
Posted Apr 30, 2003

Remote root exploit for PoPToP, the PPTP server designed for Linux, versions 1.1.4-b3 and below. Fixed by blightninjas. Original code by einstein.

tags | exploit, remote, root
systems | linux
MD5 | 2b243280f9e11f0791582194ec588922
bysin2.c
Posted Apr 30, 2003
Authored by Bysin

Remote root exploit for Sendmail 8.12.8 and below that makes use of the vulnerability in prescan(). Note: This exploit is crippled and needs to be fixed.

tags | exploit, remote, root
MD5 | 5ade4c15fee8ada5982a9cad51e3dea1
bysin.c
Posted Apr 30, 2003
Authored by Bysin

Remote root exploit for Sendmail 8.12.8 and below that uses the vulnerability in crackaddr().

tags | exploit, remote, root
MD5 | df191d0300a456e052e99130d4837115
0x82-Local.Qp0ppa55d.c
Posted Apr 30, 2003
Authored by Xpl017Elz | Site inetcop.org

Local root exploit for Qpopper v4.0.x poppassd that utilizes the ability to set the smbpasswd path.

tags | exploit, local, root
MD5 | ed3ad6341005ca980e5b240e9a2694ec
0x333hate.c
Posted Apr 30, 2003
Authored by Cowboy, 0x333 | Site 0x333.org

Samba 2.2.x Remote root exploit. Tested against RedHat 8.0.

tags | exploit, remote, root
systems | linux, redhat
MD5 | b45ad451237a0852cb806d8096116923
THCunREAL_V0.2.ZIP
Posted Apr 30, 2003
Authored by thc, Johnny Cyberpunk | Site thc.org

Updated version of the remote root exploit for Realserver 8 on several Windows platforms.

Changes: New shellcode added and the code has been condensed.
tags | exploit, remote, root
systems | windows
MD5 | e6997ae88e68cb958cb34e60f1d9e429
truegalerie.txt
Posted Apr 27, 2003
Authored by Frog Man | Site frog-man.org

A problem exists in True Galerie v1.0 that allows a remote attacker to obtain administrative access to this utility due to misuse of cookies.

tags | exploit, remote
MD5 | 31b936edf4c3057a878bbb7c8906aae4
les-exploit.c
Posted Apr 25, 2003
Authored by Angelo Rosiello, rosiello | Site dtors.net

Local root exploit for a stack overflow discovered in the linux-atm binary /usr/local/sbin/les.

tags | exploit, overflow, local, root
systems | linux
MD5 | f359e77f4c99e42da154156e7123b11d
p7snort191.sh
Posted Apr 24, 2003
Authored by truff | Site projet7.org

Snort 1.9.1 and below remote exploit. Related CERT Advisory is here. Tested on Slackware 8.0.

tags | exploit, remote
systems | linux, slackware
MD5 | 63efca99c7a60adabcf0f9933904337e
VapidSAP.txt
Posted Apr 24, 2003
Authored by Larry W. Cashdollar | Site vapid.dhs.org

SAP DB is vulnerable to a race condition during installation. The installer creates a world writable file that gets compiled and then is setuid to root. If a local attacker can overwrite the file in the alloted time-frame they will be able to escalate their privileges.

tags | exploit, local, root
MD5 | 707baa4e52349edd821816a0181694fe
sp-xeneo.pl
Posted Apr 22, 2003
Authored by Badpack3t | Site security-protocols.com

The Xeneo Web Server v2.2.9.0 is vulnerable to a Denial of Service attack when a GET request with 4096 ?'s are received. Tested against Windows XP Pro SP1 and Windows 2000 SP3.

tags | exploit, web, denial of service
systems | windows, 2k, xp
MD5 | 6005e09c96be815df9a48d1c3c802832
ANHTTPd.txt
Posted Apr 22, 2003
Authored by Matthew Murphy

AN HTTPd versions 1.42h and prior ships with a script called count.pl which allows remote attackers to use a directory traversal attack to overwrite the contents of files on the system.

tags | exploit, remote
MD5 | bb7b403dffcc890d5a26cfb87b43ff22
ptnews.txt
Posted Apr 22, 2003
Authored by Arnaud Jacques | Site securiteinfo.com

PT News v1.7.7 allows access to administrator functionality without authentication via news.inc which is included in the index.php file.

tags | exploit, php
MD5 | 87798f1e9b8b9a07ac7fd2086b0174f3
mod_ntlm.txt
Posted Apr 21, 2003
Authored by Matthew Murphy

mod_ntlm is the Apache module for versions 1.3 and 2.0 which gives Apache the ability to authenticate users via the NTLM authentication technology that is largely specific to Microsoft IIS. The log() function contains two remotely exploitable vulnerabilities. Both a heap overflow and an incorrect call to ap_log_rerror() allow for arbitrary code execution.

tags | exploit, overflow, arbitrary, vulnerability, code execution
MD5 | ad450fcef6dadc5b28ffbefe83da9432
monkeyHTTPd.txt
Posted Apr 21, 2003
Authored by Matthew Murphy

The Monkey HTTPd v0.6.1 web server is vulnerable to a remote buffer overflow in the handling of forms submitted with the POST request method. The unchecked buffer lies in the PostMethod() procedure.

tags | exploit, remote, web, overflow
MD5 | 5605063d4420a60aa0206189fb3365c5
badblue.txt
Posted Apr 21, 2003
Authored by Matthew Murphy

BadBlue web server versions 2.15 and below have a vulnerability that allows remote attackers to gain administrative control of a server. The ext.dll that allows pages parsing with the LoadPage command attempts to prevent remote users from accessing .hts pages by checking the 'referer' HTTP header of requests, and also verifying that all requests for .hts pages originate from 127.0.0.1 (the loopback). By appending certain illegal characters to the requested filename, it is possible to cause BadBlue to interpret .hts files from a remote system, thereby yielding administrative control of the server to the attacker.

tags | exploit, remote, web
MD5 | e98dbd9eeaba1247bc190d69fec06b8b
sp-urfuqed.pl
Posted Apr 21, 2003
Authored by Badpack3t | Site security-protocols.com

Remote exploit written in Perl for the Twilight Utilities TW-WebServer that is vulnerable to a denial of service attack by a long HTTP GET request.

tags | exploit, remote, web, denial of service, perl, file upload
MD5 | 8b752ac5486724bb9a3b4ba974aa27f7
ss-dos.c
Posted Apr 21, 2003
Authored by Shashank Pandey | Site geekgroove.8m.com

Remote exploit written in C for the Twilight Utilities TW-WebServer that is vulnerable to a denial of service attack by a long HTTP GET request.

tags | exploit, remote, web, denial of service
MD5 | 7352450188c50b46a73d0b823b566505
0x82-Remote.54AAb4.xpl.c
Posted Apr 18, 2003
Authored by Xpl017Elz | Site x82.inetcop.org

FreeBSD and OpenBSD remote Samba v2.2.x call_trans2open i386 buffer overflow exploit. Tested against OpenBSD 3.0 and FreeBSD 4.6.2-RELEASE with Samba v2.2.x. Includes support for target brute forcing. Information about the vulnerability is available here.

tags | exploit, remote, overflow
systems | freebsd, openbsd
MD5 | ec9f643cb6856a51dfa1e9fc75d70906
sormail.c
Posted Apr 18, 2003
Authored by Sorbo | Site darkircop.org

Local exploit for sendmail 8.11.6 which takes advantage of the vulnerable prescan() function which allows users to input 0xff to skip the length check of the buffer. Includes targets for Slackware 8.0, Redhat 7.2, and Redhat 7.3.

tags | exploit, local
systems | linux, redhat, slackware
MD5 | 339af799e3edcf9140fa735a802bfc8e
SFAD03-001.txt
Posted Apr 16, 2003
Authored by subversive

The iWeb Mini Web Server for Microsoft Windows NT/XP/9x fails to properly filter GET requests for ../ which inadvertently allows for directory traversal attacks.

tags | exploit, web
systems | windows, nt
MD5 | 6dce02a7c8a43ebba137e18b57323d67
myptrace.c
Posted Apr 11, 2003
Authored by snooq | Site angelfire.com

Local root exploit for the Linux 2.2 and 2.4 kernels that have a flaw in ptrace where a kernel thread is created insecurely. This version escalates user privileges to root without the necessity of needing access to /proc.

tags | exploit, kernel, local, root
systems | linux
MD5 | bf597c6b557934d445609b525bd5e82f
sambal.c
Posted Apr 10, 2003
Authored by eSDee | Site netric.org

Remote root exploit for Samba 2.2.x and prior that works against Linux (all distributions), FreeBSD (4.x, 5.x), NetBSD (1.x) and OpenBSD (2.x, 3.x and 3.2 non-executable stack). It has a scanning abilities so a range of machines can be penetration tested at once on a network.

tags | exploit, remote, root
systems | linux, netbsd, freebsd, openbsd
MD5 | 27b711137a11d23653dadbd3ab4d0ccc
HackTrack-2003-03-001.txt
Posted Apr 10, 2003
Authored by Kachlik Jan

A directory traversal bug exists in the QuickFront webserver that allows remote attackers to gain access to system files. Version affected: 1.0.0.189.

tags | exploit, remote
MD5 | 222a9abd3b16ea36884137398910fb05
Page 1 of 2
Back12Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
BIND Comes Apart Thanks To Ancient Denial Of Service Vuln
Posted Jan 17, 2018

tags | headline, dns, denial of service, flaw
Another Round Of Click-Fraud Extensions Pulled From Chrome Store
Posted Jan 17, 2018

tags | headline, malware, phone, google
Satori Botnet Successor Targets Ethereum Mining Rigs
Posted Jan 17, 2018

tags | headline, malware, bank, botnet, fraud
Flaw In VR Porn App Leaves 20,000 Names Exposed
Posted Jan 17, 2018

tags | headline, privacy, flaw
After False Hawaii Missile Notice, FCC Launches Investigation
Posted Jan 15, 2018

tags | headline, government, usa, cyberwar
MaMi Malware Targets Mac OS X DNS Settings
Posted Jan 15, 2018

tags | headline, malware, dns, fraud, apple
Meltdown-Spectre Patches Causing Issues With Industrial Companies
Posted Jan 15, 2018

tags | headline, flaw, patch, scada, intel
Oracle Still Silent On Meltdown, But Lists Patches For x86 Servers Among 233 New Fixes
Posted Jan 15, 2018

tags | headline, database, flaw, patch, oracle, intel
House Expands Warrantless Surveillance Against US Citizens
Posted Jan 12, 2018

tags | headline, government, privacy, usa, phone, spyware, nsa
Retpoline Fix Supposedly Solves Performance Hits For Spectre
Posted Jan 12, 2018

tags | headline, flaw, google, patch, intel
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close