Proof of concept local exploit that makes use of a denial of service vulnerability in IPD (Integrity Protection Driver) versions up to 1.4.
c616f6a4ee3f92a68144069a0fadfefe7d0b92e5bb2761b380e5c0cebe792c8e
Local buffer overflow exploit that makes use of five vulnerabilities in the gv postscript viewer. Spawns a shell on port 7000.
44962067ebaac38a04a075b79a4c05cd40a1b6072e4b584506cb80e800edfd4f
Proc_kmem_dump is a local exploit for Linux kernels v2.4.0 through 2.4.26 which allows unprivileged users to read kernel memory.
4f60007e355fbef80214921ee9684ad4f948ab79890b3bf5b24770cdc6bb647e
Local proof of concept exploit for AIM 5.5.3595 that makes use of the Away Message vulnerability. Binds a shell to port 1180.
1e6d4bb64f8f6ded58619d8f030cb808e1322f3259b38f11c15015cfad30f9ba
Local buffer overflow exploit for gv postscript viewer. Spawns a shell on port 7000.
0cb7b7a6f09c3f68f36664d22f3f314d8fdbbe9e176580147a168dec28a0d898
The Netgear DG834G has a hardcoded root password of zebra and a debug mode that allows for an immediately available rootshell.
b999eb2868235898e0d8fc2929bc06e3e523cb6123740972c6f300b3c21e6831
Remote root exploit for Mac OS X versions 10.3.3, 10.3.2, and 10.2.8 that makes use of the stack buffer overflow in the Apple Filing Protocol (AFP).
9f288f0368bfa21ae4ec075d1d997e64fc2e774d97728922d146a07cfacfdd0a
Remote CVS exploit for versions 1.11.15 and below that makes use of the Argumentx error_prog_name double free heap overflow on RedHat 8.0.
1ef0f00bc5dd2efbcfedccbeaf427ca4d38d3c2fcf5a2710c02762f6489148f1
Clearswift Minesweeper versions 5.0.4 and below suffer from a directory traversal vulnerability.
a94ab822814443c73f9eed979ef7540a7bacc2ead451e62d616ba2683b8a3e6d
Exploit that makes use of the flaw in libpng versions 1.2.5 and below.
d92551c5e38a7d7aa2a60a171034e18c3846a2df2108d858e9a8bde37948e2c4
Corsaire Security Advisory - The ServerMask 2.0 product from Port80 fails to full obfuscate header fields as promoted in their functionality. Detailed exploitation given.
7c87da8d19d481cd57af93b5bfb5090c438a002b7e201a42d24b3a916a318bc3
Serv-u local exploit that achieves SYSTEM privileges using an old known buffer overflow. Tested against version 5.1.0.0. Lower versions are also susceptible.
473ef11f792615061dda874fb67854ff071fc75cf98c38a620e638cd1fd1ead6
Williams Database Page Parser version 1.0 allows for arbitrary code execution due to a lack of input validation.
cbfa8c12c73d5c756aba20353eca3e25bba564b0698a166dd0991457ad84a4a7
Xine v0.99.2 remote stack overflow exploit. A overflow in all versions of xine-lib allow the vcd:// input source to execute arbitrary code, even if the file is .mp3, .mpeg, .mpg or .avi media. Fix available (currently only in the cvs xine-lib) here.
32955c3e74badabf60efcd97d31761b9fa8bfd32d260deb331486ed610d1a87d
CVSTrac versions 1.x have an input validation flaw that allows for arbitrary command execution.
a4fbbe43075d15f6f1f2aa3f8a3d21cf99c42b351348d35ac984950bd03c8bc6
UPNP mass infector exploit.
18e0f419929aa859e5a7ec066be1b57c720c219044cd322fe7335ffc7841c819
Exploit that makes use of the buffer overflow in the Digest authentication code of Pavuk 0.x.
d434c2fc41504951b65ee3c9c5296a6c614a64b7f5a9e2960e7378c7b729981b
Some page.cgi script allows for remote arbitrary code execution.
db418121f9ed5ecd93f587d2bca8a0bf064fbff405ed25cec2150d7dfb122858
thttpd version 2.07 beta 0.4 on Windows is susceptible to a directory traversal attack.
8ce037e5fde72e96c8c9a8d297d49ac93812fff192124870c7ada125fbc0c01e
A critical security vulnerability has been found in the Linux kernel code handling 64bit file offset pointers. Successful exploitation allows local users to have access to kernel memory. Kernel series affected are 2.4.26 and below and 2.6.7 and below. Full exploit provided.
92706af943a287522ac0045554f0149a454453a2c0f2f0482f4e4f98d714283a
GoScript version 2.0 allows for remote command execution due to a lack of input validation.
a20e454e6f775142f9f45026076fa8df5eb5fb923e053a1fe8d45bb307ae6d57
Proof of concept bindshell exploit code that makes use of a buffer overflow vulnerability found in BlackJumboDog FTP servers versions 3.6.1 and below.
086e7e22e2463b7bbcc13eb02b167f80971aed861197c0f0d06aaa01a7342f14
Remote root exploit for Linux that makes use of a format string vulnerability in OpenFTPD versions up to 0.30.2.
992a2b4620c6e6d42ef0f142fa085a0d0be5f101fff990c01f51345f0c3d2e6a
Denial of service exploit that makes use of a buffer overflow in an overly long Content-Length: setting for MailEnable Professional HTTPMail version 1.19 on Windows.
44f1af32a75af37294809c7bd8390c0271bf083f43fe1bf0783dc5028e8fef27
Remote root exploit for Linux that makes use of a format string vulnerability in OpenFTPD versions up to 0.30.2.
4a813dbfde0c43338733a0d71011da4dee731192168cf758ffb58a3d80969bac