SUID Advisory #11 - Matt Kruse Calandar Script. Remote users can execute arbitrary commands on the web server with the priviledge level of the httpd process.
2102559bca4495f792b2ed6f732d45e082c0bb8bbe38bb9c97587966db74cc1c
SUID Advisory #10 - EZ Shopper 3.0 remote exploit. Anyone can execute any command on the remote system with the priveleges of the web server, and read any file on the remote system.
34f25822d0c29daeab945d4bb6017e10d3264a9d52550b4c41969e9cf382fd0d
SUID Advisory #8 - Corel Linux 1.0 dosemu distribution configuration. Local users can take advantage of a packaging and configuration error (which has been known and documented for a long time) to execute arbitrary commands as root. Exploit description included.
96c2147114c2083d447c403b05ebe76f0fce1a1dd0a956feda12721668e91518
SUID Advisory #7 - Corel xconf utils local root (among others) vulnerability - Local users can take advantage of lack of input validation and the lack of privilege dropping to gain root access, read any file, or perform a denial of service attack on Corel Linux systems.
e0779a0f39462f1e76553c9a16bd665c4bd32dbc04921ce7b2363ed40212fb1b
SUID Advisory #6 - form.cgi and message.cgi. Anyone can execute any command on the remote system with the priveleges of the web server.
7218fd9d54aa6eeff4bbbbe4da3df325b9a0677e5cf227fce0be65494e9e7c7f
SUID Advisory #5 - DCFORMS98.CGI Advisory - Anyone can create / truncate any file owned by the web server user.
622d24605c915932cd5a7cb660b480ecd49f2adef13453625c046a4da0b01370
SUID Advisory #4 - BNBFORM.CGI. Any local user can create / append to / truncate any file owned by the web server user (nobody/apache/whatever).
c9aa67b4cd9ecd4e946053852b20e67d6099e04bc39c55ffe31b694f332a9f8e
Example attack transcript against glftpd. This attack was performed against a default install with a single user account added.
70d7d889b43a2d66d151613a1294339e52ec80d676fc66dba686150ebe3bc64f
SUID Advisory #3 - multiple vulnerabilities with glftpd 1.17.2 and below. glFtpD has several problems which can lead to a remote attacker attaining root on your machine.
a272432d911a54e3fb99833860deb64b564e9d6e701995805392d9edc3b36531
SUID Advisory #1 Addendum - Insecure FTP server conventions can lead to remote binary execution on a remote ftp server. Anonymous users or users with valid ftp access only accounts may also execute arbitrary code. Exploit information included.
6085619944c5f878275760fe08277ed6862efad582615db209b144b5776e9d0b
SUID Advisory #2 - Exploit for ascend router bugs as per NAI advisory.
8205e35efb8995ce9612e8285e123dadb6501023b4f5997f06706dd7fd8610a9
Classic bindshell. Used for SUID ftp exploit.
c40be6745115ca2908b272e55fc7e0bc73dd1a60843c8958e369f89e8c815b24
suid_small.jpg
069725f9c2fe7abd094735bb71ce9fce843da37f82c9c469a6e2d2534c5aac8f