Local exploit for the setgid game toppler. There is a stack overflow vulnerability with how toppler makes use of the HOME environment variable. Successful exploitation escalates user privileges to the group for games.
b929d57b7291105dabeaf26fc57dd8cfe25c295a669f60710c9a3723bbf60bf8
Fport v2.0 is powerful windows tool which reports all open TCP/IP and UDP ports and maps them to the owning application. This is the same information you would see using the 'netstat -an' command, but it also maps those ports to running processes with the PID, process name and path. Fport can be used to quickly identify unknown open ports and their associated applications. Supports Windows NT4, Windows 2000 and Windows XP.
a279608c63ed6d10fe9b87e1e2f80d6d98e87abd33df72324dd3cb7bccb75064
ipv6fuck is a IPv6 flooder inside of an IPv4 tunnel for testing IPv6 routers and tunneling. Supports ICMP6 and UDP, with further support due out in future releases.
86f76be1c5e89a788d30de7216c0a60484ff860dbc8e9aad9da67832b8b94806
The ProductCart ASP shopping cart is vulnerable to a SQL injection attack which allows administrative access to the control panel.
4f9ef8763b86d76d3f50234d4399dd48e218739d71bee1deacdd0f9c58129c81
VP-ASP suffers from a SQL injection attack in shopexd.asp. The vulnerability allows a remote attacker to gain full administrative control of the web based interface.
acef5d0430f484356d4bafe6d6bb7a863035055ef4891db178a00a0e6eee8b36
RpcScan enumerates the RPC endpoint-map elements for port 135. You may differentiate between, for example, Windows NT 4.0 SP3 or before and Windows NT 4.0 SP4 or later, Windows 2000 SP2 or before and Windows 2000 SP3, default Windows XP and Windows XP SP1, Windows XP Home Edition and Windows XP Professional.
39f3c9fae88adafc7e22aee6d9e87422027eba1e5dd428d810798bd972ea488d
Internet Explorer 6 has a bug that will lock up the browser if C:\aux is entered. It is similar to the C:\con\con problem where it is trying to access a hardware device. Microsoft claims this bug does not exist.
c943ab7331e279cda3e4a0ab88bd027093b18ebd6e03f5545fc94ff1f60f415b
This script runs in place of ftpd to exploit the moxftp/mftp 2.2, cftp 0.12, and Iglooftp 0.6.1 clients. Written to exploit these clients on FreeBSD.
67e0e9f6bca8ed6e1bd88ca18e787b3b189c8c1e1e8366b20442d23f28fc63c1
isdnrep has a buffer overflow in the -t switch that allows a local attacker to escalate privileges if the binary is setuid/setgid (which it normally is not).
804a0aa86f8c6966d0e86f4ab5f2b34ec46a14840d4114f214eb1acd1eb8c7bf
gnuan, the utility that produces an analysis of a chess game, has a buffer overflow that allows a local attacker to escalate privileges if the binary is setuid (which it normally is not).
5efd55881268d90b3371e25863f4b6f910273e7430b5838fb9ad464171b0a76c
gnuchess, if setuid, is vulnerable to a buffer overflow using the -s switch that will allow an attacker to escalate their privileges. Vulnerable versions are 5.0.6 and below.
59abda22ffeddcfb2e70bd71e9bc5a5f442fac07ea31a04cd258e4ffe1a47a60
Proof of concept exploit for IglooFTP PRO 3.8 and possibly earlier versions. This package suffers from multiple client side vulnerabilities including the banner, username, password, and account SMTP parameters.
012f188e05c0cd48ca2d55347c1fef1243732b738b287ec3f6b9007ffa7a13f5
IglooFTP PRO 3.8 and possibly earlier versions suffers from multiple client side vulnerabilities including the banner, username, password, and account SMTP parameters. Related proof of concept exploit here.
be6ba59a065b4bbfe9a8f5feb2cda1345218b4d6b7fbaca76ce60f31f06aaf3d
Linux eXtremail versions 1.5-8 and below remote root exploit that makes use of a format string vulnerability in its logging mechanism.
f73f3161c91641b7b5567b990f13c9d5b919ba33786bbedc6f63f3cc2fb52d54
Linux eXtremail versions 1.5-8 and below hold a format string vulnerability in its logging mechanism. Exploiting this can allow for arbitrary code execution or a denial of service on the server.
9f300aec91de3f79ec8ad7dea040e62aded97cd4340b3ea05a7067bc03e93163