Oracle MySQL versions 5.5.19-log and below for Linux suffer from a stack-based overrun. This exploit yields a shell as the mysql uid.
5230a2630c6fb8619813731a9429b6e733b55892232e63ae4cde28452b203583By sending a specially crafted request to a vulnerable IBM System Director sever, an attacker can force it to load a DLL remotely from a WebDAV share. Versions 5.20.3 and below are vulnerable.
5b0844509e5300f20406447ea01c59ffdb5453dd39d48137328aaef28c1026afOracle MySQL versions 5.1 and 5.5 remote Windows SYSTEM level exploit.
f3023f8e5dad3f5eb619145479b0d58584e658bc580c2f13e14122becac5c7b0This is a modified version of synscan that checks credentials against MySQL instances and logs the output to mysqljack.pot.
24847c2c7a4902a7f34c01a46299bad29d65594d3c31354d49f56ff691b37f51Versions of udev < 1.4.1 do not verify that netlink messages are coming from the kernel. This allows local users to gain privileges by sending netlink messages from userland.
a339530d415e4d147ac5e6556a603790385a27c54518e11e95069181161f0615Pure-FTPd version 1.0.21 crash proof of concept exploit that leverages a NULL pointer dereference.
c2280992211c9ea41ac2e2ddf61f4ee7e7455a52f000ddfb5f9302a7a81ccbc0This is a BSD telnetd remote root exploit supposedly stolen from Kingcope and posted on mailing lists.
86d6caae381ef38095dc163860a232ba735cc819e871d06ba7f5220da75fd8fcMicrosoft IIS versions 6.0 and 7.5 suffer from various authentication bypass vulnerabilities. 7.5 also suffers from a source code disclosure flaw.
31f691d3442ef019996f5131a36d46a349b82fb445d8c3c399201566683d7edbThis is a presentation called Uncovering ZeroDays and Advanced Fuzzing. It has one PDF of the presentation and one of the full script used during the presentation. This was presented at AthCon 2012.
ed4e76db85a1968d96d0b168a230dcf62722f0fc8e23574007b3bcc95e50099cThis exploit attempts various Tomcat login access combinations and attempts to launch a reverse shell once successful.
a2e159759962b6d655826f6b3f358ab355518287e8ff7d0e4690a59f258c175fRemote Linux IGMP denial of service exploit for a vulnerability introduced in kernel 2.6.36.
3f774420cceb820eadca2d64adb8e8aef38d2ecaaf08171ea9586e48b2e73616Serv-U FTP server suffers from a remote jail breaking vulnerability.
69f0832074081c550ccae5d7f3afc1b4046cc0632090e235f13b3fc2d70e5155Remote root exploit for FreeBSD ftpd and ProFTPd on FreeBSD. It leverages the fact that /etc and /lib can be modified inside of the chroot.
f59b24d7a9bf8446fb65b25ad7046e1b91fd2198e39bf16f0a7f6d2431d9e848This is the full Daytona package that houses three remote JBoss exploits with authentication bypass. They are ported from Metasploit and beefed up with two scanners.
3a7c10344dc210d299bebed708f49b6d1eb9c05deab6be158b3a1745486177bfApache httpd remote denial of service memory exhaustion exploit.
5fdda8b150aea034561a2b99bc1c71da2c6f225ee078695da41e6e725f0e4a7dThis Metasploit module triggers a denial of service condition in the Microsoft Internet Information Services (IIS) FTP Server versions 5.0 through 7.0 via a list (ls) -R command containing a wildcard. This exploit is especially meant for the service which is configured as "manual" mode in startup type.
575fed5c9101b9e2345bf64ca7b5f2b1ca4205c300ba8af0446db71f25d0eed2OpenSSH version 3.4p1 remote root exploit for FreeBSD.
784ac2c808aee05f8e7a89a108734acf1284cde95b4a09f41ebde5b82c0728afRemote root exploit for OpenSSH version 3.5p1 on FreeBSD that affects versions 4.9 and 4.11. Other versions may also be affected. The bug appears to reside in auth2-pam-freebsd.c.
b0a72514bab1b654a9acc1539d19dc102efa3d5f89c49d95b1b5b7dae0a88734JBoss Application Server remote command execution exploit for instances running on either Windows or Linux.
9334c5c75c7639d2db62091242226924783ba61ae3fe5d5895dd5fa97e45c898Mac OS X suffers from a ftpd related information disclosure vulnerability.
c7e1f64cd4e638d0f9d91eb82e75faafba3b340b73fe38afbb8d624256f950a1ProFTPD mod_sftp integer overflow denial of service proof of concept exploit.
8be96176ffeabb738a525695e7d76457f45c838d9df2d027c6217df3d5d527c2FreeBSD versions 5.4-RELEASE and below ftpd version 6.00LS sendfile kernel mem-leak exploit.
eefed0dbbad6b3a33771d66d5982aa28599fb1b4cd1b98cee1510a3870d2da9aWhitepaper called Attacking Server Side XML Parsers.
0f965f93708f4321b9c5655c6b1dd542898ed6a87ee0ea9523d55f8980f547abFreeBSD local denial of service exploit that causes a forced reboot.
74e9ff916c830d783aa31aad9f51279b50bb6492d981404c7bf0b44fa6c5ff54Sun Microsystems SunScreen Firewall local root exploit that spawns a shell on tcp port 1524.
48b25d9b1d67e00e988fa7f1f96311c9fd7c9980d28849043cb2bb94b55c28fd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed