Remote denial of service exploit for wzdftpd FTP server version 0.1rc5 that sends a single CRLF sequence at login causing an Unhandled exception.
f2896721af926160d8173493b6d6e99ed3ec897555ba5231b65e528c5b8cfbbe
Packet Storm new exploits for September, 2003.
777533173a1e875b0f3899021f5256be41b44e4972f147d6735dafebae7722c3
GuppY versions 2.4p1 and below are susceptible to cross site scripting attacks.
2f0514a9a3fa459e3558f6b788b7b89322133fbab342c2b85cfd06203c1aac33
Version three of this paper discussing more shatter attacks that are possible using progress bars. Related information available here.
787e917da3242f5237e198f43f899c54f8b8719ed978cf8961d1090447b3c4c9
Geeklog versions 2.x and below are susceptible to cross site scripting vulnerabilities and various SQL injection attacks.
00084a1aaef68a8f9088d25e72f314aded4e7fda302ffd1525cd89404e07df72
Remote exploit for Cfengine versions 2.-2.0.3 that makes use of a stack overflow discussed here. Binds a shell to port 26112. Tested against RedHat.
3d6399d602afc8e1234d04097ff5ebf01664d6980f11dcdde0306ddfc376b787
Local root exploit for IBM DB2 Universal Database version 7.2 for Linux/s390 which makes use of the db2licm binary that is setuid by default.
ccb20c18f85e2c98e30d47ca465bac0c1611eb9129899f18dfd2745dcb29c56e
Exploit that causes a denial of service against the SMC2404WBR BarricadeT Turbo 11/22 Mbps wireless cable/dsl broadband router by sending random UDP packets to multiple ports.
90a530b5dfa8a1cfd55a585196bee3b8a7fcb9d85ee26a46d30fb0ccb6f67ca1
Remote exploit for Cfengine versions 2.-2.0.3 that makes use of a stack overflow discussed here. Tested against FreeBSD 4.8-RELEASE. Binds a shell to port 45295.
e3e547732748f7447108587f2723bccdb4db27e138cffb4956e21946879efff3
Remote exploit for atphttpd version 0.4b and below on Linux x86 that binds a shell to port 65535. Tested against Debian 3.0 and RedHat 8.0.
88c26342e5f68deb853d183ed815a06e8979d2f24a421572d430729ffa44b177
MyServer 0.4.3 is susceptible to a directory traversal attack that allows access to files and directories outside of the web root.
68bb16515c9ee3c7c84f0f2841e61a967e5f41bddba16ef2109fdc524f55d956
Remote MIRC proof of concept exploit that makes use of an overflow in the USERHOST reply to the mirc-client.
3774e02cc6ee4c5aca911c9c7b205bbe05c9bb15c2744e361b6003cd73bb6347
Proof of concept exploit for /usr/sbin/chat on RedHat Linux 7.3. Note: chat is not setuid by default on most installations.
c9a281b9044a9467791c8614d54bcf288295b2f5098c342bdf3f19623a7da630
WebWeaver version 1.06 and below allows for anonymous surfing of the server if the Host field is set excessively long. It is also susceptible to various denial of services attacks.
d379db7c0aee30b485cfe256c1ea095e1ecc0ca84aa0b246acdf7e56cbf677dc
602PRO LanSuite 2003 for Windows is vulnerable to sensitive information disclosure, logs freely being accessible to any remote attacker, the ability to read any file on the server, and directory traversal attacks.
9f04a1d343d4cc73ccc8d7925f80792502dfe9ae066749060a5a410c141bac4b
The Savant Web Server version 3.1 for Windows 95, 98, ME, NT, and 2000 is remotely vulnerable to a denial of service condition when various malformed GET requests are passed to the server.
2bd87abf901a44d0071f6039019aec576f2bf17865434df7b85c0d48b661fdc7
mpg123 v0.59r and 0.59s remote client-side heap corruption exploit that makes use of the overflow found in the readstring() function of httpget.c which does not limit the amount of data written to a buffer.
b966ec4b297ac556e11aa1acbd8b25b092385a2aa517c52977bb4f02b7484849
Remote exploit for lsh 1.4.x that makes use of a boundary error in read_line.c when checking for errors. Spawns a bindshell on port 45295.
e168f8955d32dfb71b3687b375f1e860d3b0793aad3026a1c30016d53a3c21eb
A detailed analysis and exploitation of the RPC Long Filename heap overflow found in the CoGetInstanceFromFile API that was originally discovered by NSFOCUS.
4620d24fc5b0277f481e241862c7c21d92522cc493f4613d81f9170a54cff666
Remote exploit for netris version 0.5 on RedHat 8.0 that makes use of a buffer overflow vulnerability where a client connecting to an untrusted netris server could be sent an unusually long data packet, which would be copied into a fixed-length buffer without bounds checking.
f8edfa8276857fffd804744d1421a08844b4eda9116d04980bca6788d879b5db
Local root exploit for hztty 2.0 that makes use of the buffer overflows discovered by Jens Steube.
e360b247ce91f66c52b245f714c8b4264ad70b33de8167e86466a0d04336a40e
Remote exploit for Solaris that only requires a single UDP packet to the sadmind service to execute commands.
df93ce9efbde4852942b9d78c95fe371ef525a0f31005c84b1acee1eeed53a35
The Plug and Play Web Server version 1.0002c is susceptible to multiple buffer overflow attacks that cause the server to crash.
2b68d648120147ab8417ee871e9d52d166dd19a55bd2cd64fc864ba5ce18e676
The Plug and Play Web Server version 1.0002c is susceptible to multiple directory traversal attacks allowing a remote attacker to gain access to internal system files.
08a1508555f21666773d5967a389f637ade7bd17986669a075b9984c763bda51
Remote Pine exploit for versions 4.56 and below. Makes use of a vulnerability discussed here. Binds a shell to port 10000. Tested against RedHat Linux 7.0.
902cb346d20aea5cb1ef62db8c36a27a7f7588fb1b62a8d42cc9f4c7751ba3f6