7350cowboy.c is supposedly a PHP/3.0.12, 3.0.15, and 3.0.16 with apache 1.3.12 remote format string exploit for FreeBSD 3.4, Slackware Linux 4.0, and 7.0. Very similar to http://packetstormsecurity.org/0010-exploits/phploit.c.
49cb24b3e1a3f7c0b7a27e6879c6d0a2This paper describes in detail the exploitation of the libc locale format string vulnerability on Solaris/SPARC. The full source code for the exploit is presented and some details of the implementation are discussed.
87e33640b70adf716cef2f0164b34652Mac OS X v10.1 and below contains a local root vulnerability which allows logged in users to get a root shell by running a specific series of applications. More info here.
f1aa5286914dadd7606ff1497adef729Packet Storm new exploits for October, 2000.
b4e053bd12458db048f698092bb76d9dGeorgi Guninski security advisory #26 - Using specially designed URLs, IIS 5.0 may return user specified content to the browser. This poses great security risk, especially if the browser is JavaScript enabled and the problem is greater in IE. By clicking on links, just visiting hostile web pages or opening HTML email the target IIS sever may return user defined malicous active content. This is a bug in IIS 5.0, but it affects end users and is exploited with a browser. A typical exploit scenario is stealing cookies which may contain sensitive information.
99ca5d2c719f28f27cf6a01742c1c615Mailing List & News Version 1.7 remote exploit - takes advantage of insecure mail handling to spawn a shell on tcp port 60179.
5b5c4283da989acf012bbb7886f87d6dListmail v112 remote exploit which spawns a shell on tcp port 60179. Takes advantage of an insecure open call.
767ed6a4cc996cdcbccf351a8d91e733FormNow CGI script v1.0 remote exploit - Takes advantage of an insecure sendmail call to bind a shell to tcp port 60179.
753caf5727561d3032689d3fb5274607News Update 1.1 advisory / remote exploit which allows changing the passwords for the cgi program without knowing the former password, allowing malicious users to modify your news-page.
0ef5c877b6231e014e9c01c6cbab9d52Older version of the host command contains a remotely exploitable buffer overflow. The host command is used to perform the AXFR request to obtain the zone transfer information, and can be caused to execute arbitrary code when connecting to a fake DNS server, a netcat process listening on port 53.
21f7ca8c7a3d22f7143d8b703491149eThe Half-life Dedicated Server for Linux contains remotely exploitable buffer overflow vulnerabilities. Includes remote buffer overflow exploit hl-rcon.c which has been tested against v3.1.0.x for Linux x86.
4debd0504db2a01634e63b2ab921c401This program exploits a flaw in the share level password authentication of MS windows 95/98/ME in its CIFS protocol to find the password of a given share on one of these machines, as discussed in ms00-072.
a2457813cc60ccc793bdf3c4ce1c8b87Unicodexecute2 is a simple perl script to execute commands on vulnerable IIS servers w/ Unicode, as described in this article.
89be00be29fc322dcc2642c23b1ab9deGodmessage 4 Revision 5 is an implementation of Georgi Guninski's recent ActiveX exploit for Internet Explorer which attempts to install a trojan on any machine which views the included HTML.
8e5db743f337d4d85b3f115ab59a48c5Denial of Service attack against an Intel InBusiness eMail Station. Will send a 630 char buffer to the pop server as argument of a USER command. The little box needs to be "powered off" and -on again.
f84758925a7c9c001c3b79d421dc7792Ntop -w v1.2a1 remote stack overflow exploit. Ntop in web mode (-w) contains an overflow when a long filename is requested. Fix available here.
abb80e9bb02c833b5ddf7f8b1f693065HP/UX crontab local shell script exploit.
72fe8c27cd7887d51ae52692cf76956cThis program exploits a flaw in the share level password authentication of MS windows 95/98/ME in its CIFS protocol to find the password of a given share on one of these machines, as discussed in ms00-072.
3e82bf4d07ee4d0dfa32f866dd21503fHow to read ASP source code on an IIS 5 server using the recently discovered IIS vulnerability.
4fcd9732749541f1e336ff99602d743bLpr lpr-0.50-4 and below contains vulnerabilities which allow local users to access other accounts, and sometimes root.
2352a031e9126567695f639dfe2904c8Linux /usr/games/zarch v.92 local root buffer overflow exploit.
e4b8a65eb01c952a88aa9f45824a4c9eOracle 8.1.5 local buffer overflow exploit for Linux.
d529954e32f7d3ccdfd831d3eacc8c0bWebevent v3.3.3 (webevent.pl) is an online calendar which contains a remote cgi vulnerability which allows administrative access.
4a602b2cb9647896d04f006c4a292fd7Linux space plumber (/usr/games/splumber) local buffer overflow exploit.
58f5df89319698f357778a70e2ffd86dUnicde.pl exploits vulnerable IIS servers which allow remote command execition, as described in iis-unicode.txt.
804a40c9118e14b9459ec105b11b75d8
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed