WarFTPD v1.82.0.2 and below remote denial of service exploit, win32 binary. Disables WarFTPD by making multiple connections, causing the server to stop accepting new connections, and crash after two days.
8bf7426ed1dc76d02428fbb97a2a3528d8b853a4f90f55b79a8b0ec534da0fc2
Thttpd v2.21 through 2.23b1 remote denial of service buffer overflow exploit.
dc4ab59e4569091147040021c6785d26637756f5863cd9d183215b3d2809884d
Thttpd v2.21 through 2.23b1 remote denial of service buffer overflow exploit. Tested against FreeBSD, SunOS 4, Solaris 2, BSD/OS, Linux, and OSF.
38d094daad04305c09883e203114d57290f80d0373787893a50500e94e4263e9
The FlexWATCH surveillance camera server (tested FlexWATCH-50 web ver 2.2 Build Nov 18 2003) is used by many banks and "secure" places and contains remotely exploitable vulnerabilities which allow remote attackers to view camera footage, add users, remove users, change the configuration, disable camera surveillance, cross site scripting, and more.
4934d0e7b56716500ef80132c3567024e4d6fe3186aa10eb1cec0cc51e6eb833
Dcom RPC remote win32 exploit, ported to Windows for compilation with VC++ 6. Uses "magic keys" to find the offset. Ported by Lordy
132c24caa22412268215f455fb5e2eb14b4e96dd8f2b7f5f467245ef0395479e
UW-imapd v12.261, 12.264, 2000.283, 2000.284, 2000.287 and 2001.315 remote exploit which takes advantage of a bug in the body command. Requires an IMAP username and password.
57acbd6f36f6e92260c5b0473a8510cf6873394e0cc85a088e9a5fb87f970645
Remote exploit for login/telnetd tested on Solaris Sparc v6/7/8 which uses the TTYPROMPT vulnerability. Spawns a shell.
3255dac74a5fa59f23b39f6657e3aa239963942b62faec521f3928afcbece870
/usr/sbin/grpck local buffer overflow exploit. Note that grpck is not setuid by default. Tested on Red Hat 7.3 and 8.0, Cobalt Linux 6.x and 7.x, Debian 2.1 and 2.2, and Mandrake 8.1 and 8.2.
2f0dd037d94f0621fdf5899a98d3b4876af41cefc6e9b04e0ac95bd98280d88a
Ebola v0.1.4 remote stack overflow exploit tested against Red Hat 8.0. Bug found by Secure Network Operations.
f87f77fdbe654f5c4799bc9de765897b0e95f1203c359f53800a5b8bf207f0aa
Microsoft Windows WKSSVC remote exploit written in C++. Upon successful exploitation, it downloads a binary via a remote ftp server and executes it.
caa8fbce706837771cc1e25c2c20256ebb2cb17f6eb889669a511c48e355037f
I2S LAB Security Advisory - A malicious attacker can utilize any type of media against the SHELL32.DLL library to cause a massive denial of service. Microsoft Windows 2000 versions SP4 and below are affected. Full research and exploit provided. The next service pack released will have this fixed.
cda832a63a727038ccbcd93d3c2b509947c91a0f82ff179c79054ca5a7f486b9
Remote exploit for the Microsoft Windows WKS vulnerability that allows a specially crafted network message the ability to trigger a buffer overflow.
edfa5bc92347e7ff14ee1bf67a915d2b6acf71612cf49daa393a0787dde9ba59
eZphotoshare has multiple overflow vulnerabilities that allow remote code execution from a heap corruption in ntdll.dll and the ability to overwrite important saved values via vulnerable code in mfc42.dll.
b12e004365a61fc7f59fbe522739cc9cd0248db2cc93c71f0a27f7a07e9476f2
The Surfboard webserver v1.1.8 and below contains remote directory traversal and denial of service vulnerabilities. Exploit URLs and a patch included.
3dbbe78f6853a71fc44dfdf40f5fb21a8eec9d6276975bbbeb5bd302badc590f
Linux kernel v2.4.22 and below do_brk() proof of concept exploit written in ASM which tests for the vulnerability, rebooting your system if it is found. Requires nasm greater than v0.98.36, tested with nasm 0.98.38.
3a1805e87c6665a847a70d41034ba9ce9bf3fd72bd1dea9674ecaa0b343b4333
Remote exploit for Eudora 6.0.1's (on Windows) LaunchProtect feature, which warns the user before running executable attachments. Unfortunately this only works in the attach folder; using spoofed attachments, executables stored elsewhere may run without warning.
b80328406863d0be504957a92ac97cabca2db4fc69884a48e398d8e55f0a64d3
F.c is a local root exploit for the the SuSEconfig.vmware symbolic link vulnerability. Tested on SuSE 8.2. More information available here.
910390576a341a3905d6fb899498dc660058263cd7ee85e87f7fbf811ff29096