5niffi7.c - Remote root exploit for sniffit (-L mail) 0.3.7.beta on Debian 2.2. Includes a detailed explanation of how the exploit works.
024ddcc5e92f17b5a21a0b1e29b8e09fbda58d5ab78d29e5646d0557c2a197ffGauntlet firewall remote proof of concept code, tested against BSDI.
e083c880ad28d303ffd72c300afb16fe308a4792b9bb9ff3042cfa2e79c3b4d2/usr/bin/xaos local root buffer overflow exploit. Works on suse 6.1, and could be modified for 6.2.
41063c66d14d76b252432334dc2031dd8d874cf94f253caf555c2a55974289a0The thttpd web server comes with a CGI script called /cgi-bin/ssi which allows any file on the system to be read. Exploit URL included.
25679f8183d70073b7bf52ab21666b2b31569ed14056ca67fae4e26e726dd272elm_again.c exploits another buffer overflow in elm v2.5 giving a gid=12 shell if /usr/bin/elm is SGID. Tested on Slackware 3.6 and RedHat on elm2.5PL3.
a63af30bfc97eb80e07b9f38915a5c778463721196ce3c7f4a6bf9172b6729c7Cerberus Information Security Advisory (CISADV000524a) - The Cerberus Security Team has discovered a serious security flaw with Rockliffe's MailSite Management Agent for Windows (version 4.2.1.0). This server allows remote users to access their POP3 accounts and read their mail over HTTP. The service usually listens on TCP port 90. Unfortunately there exists a buffer overrun vulnerability that allows attackers to execute arbitrary code. As this service runs as system, by default, any code executed will run with system privileges - meaning any server running this agent could be fully compromised.
201140e806c2e3d3ec0bd2fb4cfda30b1743e7b0fd7054bcce93c848c6ca1a7a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed