Gobbles exploit for ipppd which is part of the isdn4linux-utils package and is part of the default install of many linux distributions. Under Suse 8.0, ipppd is installed suid root but can only be run by users in the group "dialout". The exploit works on a syslog(3) format string problem: syslog(LOG_NOTICE,devstr). This code is normally only reached with a valid device string but if you feed ipppd a devicename that is >= 256 bytes it will merrily proceed to log this string using the faulty syslog(3) call. Subsequently handing over root access to the machine.
e290a9d199b6083a44c4fb80139472fd60f466a8f4698bdd4662f2cdc26abbfd
Remote root exploit for Solaris Sparc 6-8 rpc.walld.
c1e410fe5ab1b188ba6d26dea7078a80e8c12c1aca5f21472f6d5a56a4dc4455
OpenSSH v2.9.9 to 3.1 remote root exploit for the default install of Openbsd 3.x. This tarball is a set of patches for the OpenSSH v3.4p1 client. Takes advantage of a bug in the challenge response handling code.
66673a2f309473738a39e0894fd315b3d7a3c3f6aaca9c1e1906fe2119ebf511
Third party Cygwin port of apache-nosejob.c, an Apache v1.3.24 remote exploit for FreeBSD, NetBSD, and OpenBSD. Includes targets for FreeBSD 4.5, OpenBSD 3.0 / 3.1, NetBSD 1.5.2, and brute force mode for several versions. Attack is usually not logged unless server is patched.
38a805dabdb402fd99b38a4ad893f01de6fd824eddaac965f0bc839fa1b5bbc0
Apache v1.3.24 remote exploit for FreeBSD, NetBSD, and OpenBSD. Includes targets for FreeBSD 4.5, OpenBSD 3.0 / 3.1, NetBSD 1.5.2, and brute force mode for several versions. Attack is usually not logged unless server is patched.
5a75ae577a5a12c9bb55acb0331e7d91c88802723564bd02fc6f7ab9ad874070
Openbsd/x86 Apache remote exploit for the chunking vulnerability. Spawns a shell. Tested on OpenBSD 3.0 and 3.1 running Apache v1.3.20, 1.3.22, 1.3.23, and 1.3.24. Brute force mode can exploit other versions without targets, including some OpenBSD 2.8 versions.
27015d30e73adc35e03cd319117cbd02bd4650cb0af6169cf8ce03433990dc20
Gobbles Security Advisory - IrcIT v3.1 and below contains remotely exploitable buffer overflows.
97ee352d2d7fd9fa4acd8cc8a695704a73bac3426eeff5e2abf032545734f145
A format string vulnerability exists in most talkd implementations. Talkd included with older linux netkits (like 0.9) and KDE 1-3 is vulnerable.
67132c71bf40f1f14f838751c0a29f131e04091274bdab696790d6a9c56fb48a
Screen v3.9.11 local root linux/x86 exploit for braille module bug.
90a3c9a09aff132ce76e2ff92bcfae748992637421e40057034ec7da4b1f6c8f
AdStreamer is a cgi package with several remote vulnerabilities, one of which allows remote command execution. Buggy open calls were found in addbanner.cgi, banner.cgi, bannereditor.cgi, and report2.cgi.
b45aa093198822646a56eced2418259c61c1cd33a6793264a56045e50d87c79a