Oracle XDB FTP service UNLOCK buffer overflow exploit.
9e19613c0772392eaf9f901e50037bd1162a139d600f1e7c69b1a0f577c16ba4
Packet Storm new exploits for August, 2003.
4aacbfd2967abc295fc5665171dca4ff2c54f5b37f8ed7051ebd9d885b1f4cb4
monop local exploit that achieves privilege escalation to the second player's uid.
cf992dfea23b0560132cbee0d12b1b8ce15c6fc35a58e26d678e31f2cf9e5077
Helix Universal Server aka Real Server versions 7, 8, and 9 remote root exploit for both Windows and Linux. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".
15c91505e6cbf8608eb58beff61b02cf4d5a2601de86f3c901a8f1d588027c3a
Local exploit for ViRobot 2.0 that works against the FreeBSD edition. Tested against FreeBSD 4.8.
41059e552df59b7c97ce59335d8a8059d66eb278653f384fb513f884278d70fd
Further information and research in regards to the InterSystems Cache vulnerabilities discussed here. Two new vulnerabilities have been discovered and exploits are included.
728fbb24e98602c5fe921cab33d49eb861a834a80b0d955bc059096191267f54
DCOM remote exploit for the Win32 platform utilizing the issue discussed here. This version has 73 offsets including all of the magical offsets.
ac96ce44fd5fd3c9c11ad23c63657ff0608e54e19ae13e19e932ec358ea62a04
Scanner which utilizes the RPC DCOM vulnerability in the Windows operating system.
7f4d78105fc32e93af5fc8af6bbc147010e5a26d76e6da97e1f658a24335a14a
The Best Buy Employee Toolkit software program has a URL Parsing vulnerability in the configuration screen that could allow an attacker to hijack certain network connections or read plain-text passwords.
99a147e6df46debfd1a83e1d35b47fcb2186a94abb792619a49a528fb9f01c29
DameWare Mini Remote Control Server version 3.71.0.0 and below remote exploit that takes advantage of a shatter style attack.
5c712a4f542291267b08b72cc9926fb4e80de1975410636955d039584f5add15
IBM DB2 local root from bin exploit that makes use of the fact that /usr/IBMdb2/V7.1/lib is left world writable after a default installation.
af0f255f31a50691e25984454e0d874e5554b1017742155e36928b25e81ea632
realpath(3) lukemftpd remote exploit for FreeBSD 4.8 that makes use of the off-by-one error.
97c90d5b2ccc417562521347fcbe9c9fa3363dd44b3ea5d475b6f7b255d0c086
Half-Life client version 1.1.1.0 and below remote exploit that binds a cmd.exe on port 61200.
3f14ae28b795a3f58ee2ba95559f9d3f1d23e8d1fa3c96ba0a630644c8a96623
Atari800 Atari Emulator v1.3.0-2 local root exploit in perl which exploits the -config argument of atari800.svgalib. Tested against Debian 3.0. Exploits CVE-2003-0630. Advisory available here.
95b3400dc52a644486fbaa1214978f46ceda013db0eec9a0acd387ea91b29b11
wuftpd version 2.6.2 remote root exploit that makes use of the off-by-one vulnerability discussed here.
76fa131537012b1004aff58978340769dc77495dcc3679e28c335c7909cd545f
Remote denial of service exploit for the Cisco CSS 11000 Series.
c5ef0113e39d3c73ba4df7113af56372b1444b5439d9cdf3ae4f662aee1524da
WAM! FTP Server version 1.0.4.0 for Windows is susceptible to a directory traversal that allows a remote attacker to break out of the restricted root and download any file on the system.
2e6731198e30d3571d5619bf3047d785bb7909b2bc3946b3f18ad6bc1e61d654
Meteor FTP server version 1.5 remote exploit that causes a denial of service when large amounts of data are fed to the USER directive.
299a2dc142ced8f9ce1a0c1919e8e67e0ee89dc256aa83c9e56352763ff3d9e0
Cisco IOS 12.x/11.x remote exploit for the HTTP integer overflow using a malformed HTTP GET request and two gigabytes of data.
7f4a101d2a92a428372a4b1a01844cc8f4d4614537c428b116c224be6b8b346c
IglooFTP Pro 3.8 client side remote exploit for Windows XP Pro Build 2600.x. Included shellcode runs notepad.exe.
a1759d8d7e93d3bc684eafcaf16d26dfeb674d131ee9c65a7db0179d42c1284b
RPC DCOM remote Windows exploit. Includes 2 universal targets, 1 for win2k, and 1 for winXP. This exploit uses ExitThread in its shellcode to prevent the RPC service from crashing upon successful exploitation. It also has several other options including definable bindshell and attack ports.
51e52375501a20b7887981d8cad4867174ea62a3ed29f29ee6a2c3b1d52c5c71
wuftpd version 2.6.2 remote root exploit that makes use of the off-by-one vulnerability discussed here. Win32 version included that requires cygwin1.dll.
526db9e57fd9d03098a4ca647fd59e6961d4ccc10042d2d8bef0f4ec2b9e6426
Postfix 1.1.12 remote denial of service exploit.
b0da22d0cfbdc3497ffd67e7e35596e8ba75b9df40e447e1d99fd7e249ae92d7
Possibly one of many DCOM scanners/worms in circulation. Makes use of the 48 target exploit.
50eaf8d03dedab5be875488d96d74ce540febb02a673e0a877588e4ee2238a75
Local exploit for the atari800 Atari emulator on Linux. Makes use of the -config overflow. By default, this binary is not normally default on most Linux installations.
6aadd23c68aa03fd20777677fdf26a1f88f63806dbb1d73b2a7fe7e914ed8645