A remote exploitable vulnerability exists in clamav-milter when used with sendmail due to an insecure call to popen(). ClamAV versions prior to 0.91.2 are affected.
88430f439474ceb833877640e5ef738a4bb02bb470e976a6ef541d0b83c2d84c
Execiis.c is a remote exploit for Bugtraq ID 2708 - Microsoft IIS CGI filename decode error. Ported to Cygwin by Luigi Grandini
41e56d9794973e1c019e15f98d3bc785395e501be437d345c64524ff25a8d55e
Imap4 prior to v2001a remote exploit for Linux. Requires user account, includes offsets for Slackware 7.1 and Redhat 7.2.
e3d4caaea2b25eed9bb16c6915f9acac7dcca8886f577518fc678d5f31d4874a
eSO Security Advisory 5063 - The gettransbitmap CGI, which is part of the AnswerBook2 Documentation Server, contains a remote exploitable buffer overflow. This vulnerability affects Sun AnswerBook2 version 1.4, 1.4.1, 1.4.2 and 1.4.3.
f192b1acbf3f1b88a8cd9bcd90d75cfc8be19e5bdf71d9fca9e2cdcf619082b2
The Boozt! banner management software for Linux v0.9.8alpha remote exploit. Included shellcode creates a suid httpd shell in /tmp. Fix available here.
76e9febe02a80ee5b9f529526ed2bcc8ef743cd4768f9e070b7ca96214e48fe4
Jack.c is a remote exploit for the Active Perl ISAPI overflow described in Bugtraq ID 3526. Sends you a shell with SYSTEM level access.
3745d798cbfd539aa3903eced68c73268af5b0ed42cc15a37971c2d5e4a435b4
Badboy.c is a remote exploit for the Win32 Checkpoint Firewall-1 GUI log viewer program. Binds a shell to a port with SYSTEM level access. Must be run from a valid GUI client machine.
4cf220b4efdf8049558c14ed6efc96485034f17cf3eb5a189cb6dcffc19f652c
Comphack.c is a remote exploit for Compaq Insight Manager.
77ce882eebad3c846cad7406ee942408f5d27df5e3e7c6d6733ae42461dcf0d9
CgiXp.exe is a remote exploit for Webcart v8.4 (bugtraq id 3453) and several unicode vulnerabilities (bugtraq id 1806). Tested against Windows NT Server 2000 / IIS 5.0 and Linux Red Hat 7.2 / Apache 1.3.22 +webcart.cgi. Gui based, requires Visual Basic 5.0 .OCX files in your system directory (richtext ocx, msinet dll).
bfb17b9ce107c0b63e002bf9a232a47c3933a3eba05ece3d08aebbad41d5c025
Cso.c is a remote exploit for cgicso included with cgiemail 1.6. Tested on Slackware Linux 7.1 running Apache 1.3.20.
8d232fa0a2687a8c7dc294c61bb1c84b0a1be65bdeb8565fa7f6f9fa693a87cb
Tstot.c is a remote exploit for xloadimage for Red Hat 7.0. Xloadimage is a Netscape 4.77 helper application with a buffer overflow vulnerability. Binds a shell to a port. Fix available here.
7c5e9b0f582f8b9f8069d43e9559a992dd4b582e20d60a2d78d0443ffbdce520
Execiis.c is a remote exploit for Bugtraq ID 2708 - Microsoft IIS CGI filename decode error.
930daed1380743902694409c2275d36ed101487eb3dbd8df8b795068aba598ba
Jill.c (fixed version) is a remote exploit for the IIS 5.0 / Windows 2000 remote .printer overflow. Spawns a reverse cmd shell.
4eaf53b6615baedb4fac1be5c4beb5aa4c9708ae0370a0dd8b34bf8080a4ddbb
Named v8.2.x remote root exploit - Uses the tsig bug. Only includes linux shellcode.
d5e607468e5db97a21778c60ad95951a67c88c8da40feb92ff587708b01bae99
Suq Diq v1.00 is a remote exploit for IBM Net.Commerce, WebSphere and possibly other IBM and Lotus applications as well. These products use Tripple DES with a fixed key by default, allowing remote users to gain the usernames and plaintext passwords of all Net.Commerce accounts. Exploit URL's included.
456ddf7f21b031b28f2dde450649305feb794560bd860f5ff50870ac332465dc
SQLExec v1.1 is a remote exploit for Microsoft SQL server which executes remote commands as Administrator over tcp port 1433. Requires a database sa login / password. Includes binary and source written in Visual C++ 6.0 for Windows NT/2K/9X. Note: Many AV software erroriously reports this as a trojan.
e4c558f7cf992d51fa7ea68ff9978d2e8170b3783d47c6fedf307416778b0521
Whois.pl is a remote exploit for Fastgraf's whois.cgi perl script.
805a20d41225bbbbdd659b9161bb4d4a47c0dad781d97b2378c5e7f8c4611a81
Multihtml.c is a remote exploit for /cgi-bin/multihtml.pl, versions previous to 2.2 which spawns a remote shell.
1cb8b402e54df7815270db3a85536296536997d3459dfb03bc464424e639323c
Red Hat Security Advisory - The version of ntop which was included in Red Hat Powertools 6.2 has a remote exploit in which arbitrary files can be read on the host machine as root.
6bf66bc7d72b0e7c4a0cbee5777f2fa0ddd1a7e66defd6e878e4e03d69093b92
Sniffit 0.3.7Beta Remote Exploit - sniffit has to be running (-L mail) flag set for this to work. Tested on RedHat 6.0.
b573a5413280903555b0ee0798458bf852149647ac3a38ccab820bebcba4ba44
Simple module to prevent lame people from using your box as a launch base for spoofed ip packets. Intercepts the socketcall() system call looking for the IP_HDRINCL parameter passed via setsockopt().
f2a3456b36ee72088bb3f22154d0d0757742823d0a1f5aa1bbe881390873b18e
Avirt mail server 3.3a remote exploit and 3.5 DoS. Win98 executable.
35081ed3ec7bf1a53dd6cec458c72d9dad3496f1f9a9e460fcccd4cfe18d0d6b
NTISSAM COMPUSEC/1-87: Advisory Memorandum on Office Automation Security Guidelines
10e4d64cdc8babc15f060a5c090e854ad8d47ea0e4e76225f5222648e420be82
These utilities enable you to quickly view and modify NDS information.
dda7db2e50d70898ac6a44a60d5df1a7f6e046ef0c4e686328f27e3b402df448
Supplemental file to n4pa135.zip
d31323cf0939e0766ee3201665df26e69117e78fb26d08dd1451fba653d94412
This NDS utility is meant specifically for Netware 4.1x networks.
4f5af26650dde96c4a41dfba4010908c32baaa46ae2242cdead5124a8873f761