what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 87 RSS Feed

Files

oracle8.exploit.txt
Posted Nov 22, 2001
Authored by Brock Tellier

A vulnerability exists in Oracle 8.1.5 for UN*X which may allow any user to obtain root privileges. Local root exploit shell script included.

tags | exploit, shell, local, root
SHA-256 | 17d374afd2a8378ded9bbbbbe17182f77ee586f2c4da4eb247fb052a192da311
RFPoison.exe
Posted Jan 24, 2000
Authored by rain forest puppy | Site wiretrip.net

Exploit for the new NT remote DOS and possible compromise. NT 4.0 server and workstation are vulnerable, even with SP level 1, 3, 5, or 6.

Changes: AVP no loger thinks this is a trojan, and it no longer reboots the machine it is running on.
tags | exploit, remote
SHA-256 | 2b98566441d44ba149fafd2b74a9bf4293af462f1fe5b8657c87530b1278ec22
9911-exploits.tgz
Posted Dec 2, 1999
Authored by Todd J. | Site packetstormsecurity.com

New exploits for November, 1999.

tags | exploit
SHA-256 | a9b0ae4f3aa4ff26161cef9ef046a6b1bc3c222673bf2dd033d59b249c686ab0
qpop-sk8.c
Posted Dec 2, 1999
Authored by sk8 | Site lucid-solutions.com

Qpopper 3.0b remote root exploit, tested on tested on BSDI 3.0/4.0.1, FreeBSD 2.2.8/3.3, and Linux.

tags | exploit, remote, root
systems | linux, freebsd
SHA-256 | 4838a4454622b456ed9380a043cedb9492cba751e4b9545b07c53e94f1ff6336
freebsd.seyon.txt
Posted Dec 2, 1999
Authored by Brock Tellier

Seyon, shipped with FreeBSD 3.3-RELEASE has several vulnerabilities. The problem is that seyon is still installed setgid dialer in FreeBSD, allowing a local user can grant himself priviliges which allow access to anything that requires group dialer, including modem devices.

tags | exploit, local, vulnerability
systems | freebsd
SHA-256 | a9642539381b9b2c0b68f11b82b75f51cf840c23814a843007b8cb83175e7c42
solaris.chkperm+arp.txt
Posted Dec 2, 1999
Authored by Brock Tellier

/usr/vmsys/bin/chkperm and /usr/sbin/arp can be used to read bin-owned files. Tested on Solaris 2.6 and 2.7, sparc edition.

tags | exploit
systems | solaris
SHA-256 | f90b3fcc752af63f6b5d54d3b5905eca70e3ace2ce6af776755dca4e9c75ee57
q3smash.c
Posted Dec 2, 1999
Authored by Mixter

Qpopper 3.0b remote exploit for x86 Linux (tested on RedHat/2.0.38). Exploits pop_msg buffer overflow to spawn a remote root shell. Vulnerability exists on all platforms running Qpopper 3.0 through version 3.0b20.

tags | exploit, remote, overflow, shell, x86, root
systems | linux, redhat
SHA-256 | 9476acb99667dd313da9809ad43f391db697c087b2422c7cc4869e455abf12b1
xmindx.c
Posted Dec 1, 1999
Authored by Brock Tellier

The version of xmindpath shipped with FreeBSD 3.3 has a local buffer overflow. Exploit gives euid uucp.

tags | exploit, overflow, local
systems | freebsd
SHA-256 | 5d52e1a5419ac5a1c0569f83febf0226fe7e2f7a12ae55f4a5ede2a4ea222568
angband.c
Posted Dec 1, 1999
Authored by Brock Tellier

The version angband shipped with FreeBSD 3.3-RELEASE has a buffer overflow vulnerability. Exploit yields egid of group games.

tags | exploit, overflow
systems | freebsd
SHA-256 | 44b73b99876799ae46c66c8fa966417aafad596ff1a5346c51c0eae2a3e456e5
delegate.c
Posted Dec 1, 1999
Authored by Dethy | Site synnergy.net

Delegate 5.9.0 remote exploit for FreeBSD 3.2.

tags | exploit, remote
systems | freebsd
SHA-256 | c8b15f8cc3129759828d662578ab2d94ba4d1d03a02a5fce93716cbfba60a526
gdcx.c
Posted Dec 1, 1999
Authored by Brock Tellier

gdc exploit for gated-3.5.11 included on Freebsd-3.3 instalation CD yields euid=0(root). By default, only group wheel (or whatever your trusted gated group is) and root can run gdc.

tags | exploit, root
systems | freebsd
SHA-256 | daf532f5a241b630b4257fee36d298e5ae539656328096a75c7b55b9f5f48468
netscape.4.x.java.txt
Posted Dec 1, 1999
Authored by Ahmed Ghandour

Netscape Communicator 4.x will allow javascript code in one netscape window to read data from another browser window, even if the two windows are pointed at different domains. Demonstration here.

tags | exploit, javascript
systems | windows
SHA-256 | 78532de37047a0f01fce8f4aff77ba175cc8163011408ee025f978c0e9cea369
oracle.web.listener.txt
Posted Dec 1, 1999
Authored by Mnemonix | Site infowar.co.uk

There is a vulnerability in Oracle Web Listener where a resource can be accessed when is shouldn't be able to be accessed.

tags | exploit, web
SHA-256 | edbaf44df750aefe719e9ff3f21674bad0f77af1f4d13f12053ddc777bd9e89b
smailx.sh
Posted Nov 30, 1999
Authored by Ben-z

remote root exploit for Smail-3.2 (rpmmail). A vulnerability exists in the rpmmail package distributed on the Red Hat 6.0 Extra Applications CD. The potential compromise for this bug could be remote or local root or simply remote command execution as "nobody" or similar, depending on your system configuration.

tags | exploit, remote, local, root
systems | linux, redhat
SHA-256 | 380aa4640a74c6d87378d77d01c5f3879de78c5d2ef92d148aed6914b118f849
mailgear-1.0.txt
Posted Nov 29, 1999
Authored by Underground Security Systems Research

Symantec Mail-Gear 1.0 Web interface Server Directory Traversal Vulnerability. Example included.

tags | exploit, web
SHA-256 | 166e3926f91c3a2e6ac734080f583044da08ab40996832679d1591724e4ac3d1
unixware.su.txt
Posted Nov 26, 1999
Authored by Shane A. Macaulay

The su command on SCO's UnixWare 7 has improper bounds checking on the username passed (via argv[1]), which can cause a buffer overflow when a lengthy username is passed.

tags | exploit, overflow
systems | unixware
SHA-256 | 2f370cc88cadf6efc7b1f8a55d5ae2f5c3b8ce45ae76e772bf81e939d0b03feb
unixware.Xsco.txt
Posted Nov 26, 1999
Authored by Shane A. Macaulay

[w00giving '99 #6]: UnixWare 7's Xsco. Due to improper bounds checking, an overflow occurs when a lengthy argument (argv[1]) is passed. Because Xsco runs with superuser privileges, this can be exploited for elevated privileges.

tags | exploit, overflow
systems | unixware
SHA-256 | 0710e3286329f4ec82f0b43031b6894da9140f1c90cf3c7b571b5b51ad62ad0d
unixware.xlock.txt
Posted Nov 26, 1999

[w00giving '99 #7]: UnixWare 7's xlock. The xlock command on SCO's UnixWare 7 has improper bounds checking on the username passed (via argv[1]), which can cause a buffer overflow when a lengthy username is passed. Exploit by K2

tags | exploit, overflow
systems | unixware
SHA-256 | 42dca4082a24f106af872bb2a9c3e695482d75141ae5f77e6e01c1aec727dbff
cabletron.ssr.dos.txt
Posted Nov 25, 1999
Site bindview.com

Bindview Security Advisory: Denial of Service Vulnerability in Cabletron's SmartSwitch Router (SSR). Remote users can flood the ARP table and stop the processing of packets.

tags | exploit, remote, denial of service
SHA-256 | 85b52a0144618cc558cd1f34d6755e7f885a84a66d835af7ef076846c52575a7
bisonware.ftp.3.5.txt
Posted Nov 25, 1999
Authored by Underground Security Systems Research

UssrLabs found a Local/Remote DoS Attack in BisonWare FTP Server V3.5. The buffer overflow is caused by a long user name, 2000 characters. Source / Binary for DoS attack here.

tags | exploit, remote, overflow, local
SHA-256 | b9bf2c6f03b60c09ff76b043f8b7a7aac25a8e062fe0a9217a774ed8d103ddcb
worldclient.2.0.0.0.dos.txt
Posted Nov 25, 1999
Authored by Underground Security Systems Research

UssrLabs found a buffer overflow in WorldClient Server v2.0.0.0 where they do not use proper bounds checking on WorldClient TCP Port 2000. Denial of service exploit available.

tags | exploit, denial of service, overflow, tcp
SHA-256 | 3b1c84dc9f0f7149f35a233e5703823a06da161632fee84d723e133ce1a996a5
webboard-1199.html
Posted Nov 25, 1999
Authored by pho

O'Reilly's WebBoard software has some bugs with interesting possibilities. Vulnerabilities include unauthorized paging and arbitrary content insertion.

tags | exploit, arbitrary, vulnerability
SHA-256 | f599b47fd54cd9044b14d6b79b5aec270c167886138278d2b2fbba16cbe89790
oce9400.txt
Posted Nov 24, 1999
Authored by Larry W. Cashdollar

The Oce 9400 plotter can be used as a telnet proxy in its default configuration.

tags | exploit
SHA-256 | 7dc17fea3ce18547115679dce3605f71296d6cdbc78e338c5547cbcc1a17902e
mdaemon.2.8.5.0.txt
Posted Nov 24, 1999
Authored by Underground Security Systems Research

Multiple remote DoS vulnerabilities have been found in the MDaemon 2.8.5.0 server. Binary / Source for this MDaemon Server v2.8.5.0 Denial of Service here.

tags | exploit, remote, denial of service, vulnerability
SHA-256 | 3a0ceab38aea510cb377ea41e4fb2cf7d031201d581401ef812dbd81aa89f4ca
netbeans.java.txt
Posted Nov 23, 1999
Authored by Halcyon Skinner

Sun Microsystems NetBeans (recently renamed to Forte') Java IDE includes an internal HTTP server to try Java code. When service is enabled for one machine, the HTTP server allows remote access to root and all subdirectories from any machine. Example included.

tags | exploit, java, remote, web, root
SHA-256 | 9e98d68bcd377235a72ff44e6d0f4d04526bb950706328566c2744fb4832566d
Page 1 of 4
Back1234Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close