Solaris 8 LDAP_OPTIONS local buffer overflow exploit which takes advantage of a bug in libsldap.so.1.
3e83647dbef005fee9899dffd699de24Oracle application server 4.0.8.2 + Netscape Enterprise 4.0 webserver remote exploit in perl which attempts to execute commands remotely as root. Netscape Enterprise webserver must be configured as external 'web listener' for Oracle. Overflow happens when a long string requested with prefix which has been 'linked' to oas. by default it is /jsp/. Takes advantage of the Oracle Application Server shared library buffer overflow which affects Oracle application server 4.0.8.2 + iWS 4.0/4.1 webserver, running on Sparc/Solaris 2.7.
8b1c7454ec33bc1e3e2f9fada56b00eePacket Storm new exploits for May, 2001.
c5aff02f19eb6b0d6609b6f1a24ed2fbGnupig is an advisory and exploit for the Gnupg v1.0.5 format string vulnerability which creates an encrypted file which executes code when it is decrypted.
4ae22f44dab20051a933aea3d72d5f12HP/UX local exploit for /opt/OV/bin/ecsd.
8b18048ace7a6f4ea409fa5848415264Cool2 is a perl script which checks a list of hosts for IIS servers which are vulnerable to the decode bug and the old unicode bug.
964b2c769f3959df27d30da320cb6260Securax Security Advisory #20 - The 1st Up Mail Server version 4.1.6a and below contains a remote denial of service vulnerability. Fix available here.
3701c3ea0da5d59d6240277e61e3cf52Omnised.pl is an exploit for Omnihttpd v2.08 for Windows 98/me/nt/2000 which lets you dump the source of php perl and other files to a txt file. These files may contain passwords.
c7e9d7db73478899dc769bed4cf3135fX-Chat v1.2.x format string bug exploit. Tested against x-chat v1.2.1 on Slackware 7.1.
4f9aa0075b3dc87c65ead96a596e4d0fThis little piece of perl code tries to exploit the double decoding BUG on IIS 4 & 5.
2fb4ce29a3e87d13e39e916a92bc2e1cThe WebAvail LinkMax2 (ASP) allows website visitors to view the LinkMax2 admin login and password. Fix included.
5e10bd2bcfb053e79270c5e564cf78b9DQS package v3.2.7 (/usr/bin/dsh) local root exploit. Tested against SuSE 6.3, 6.4, and 7.0.
61b0cbcbff2ae657e2cd27c9c7e8b137Execiis.c is a remote exploit for Bugtraq ID 2708 - Microsoft IIS CGI filename decode error.
fe57bb8fe16ba0322fd1c95a75df5270Sensedecode.tgz includes 2 perl scripts which exploit the IIS url decoding bug. Decodecheck.pl checks for hosts that have the "decode" problem, and decodexecute executes code using the decoding problem, with redirection.
86d5e3c61e31daab59964869741639e5NSFOCUS Security Advisory SA2001-02 - The nsfocus team has found a vulnerability in filename processing of CGI program in MS IIS4.0/5.0, as discussed in ms01-026. CGI filename is decoded twice by error. Exploitation of this vulnerability leads to intruders being able to run arbitrary system commands with IUSER_machinename account privilege. Exploit URL's included.
2a33a193bcb02b7e958beb9a0beca3d2Acadsoft's webcgi98.exe displays the full path to the binary in an error message.
3d0b31a89bc866be6e1cdac15eb759db/usr/bin/mailx local buffer overflow exploit. Gives gid=mail shell. Tested against Solaris 8.
520e42332e0f23e523bc15a68ef0be5bCfingerd prior to v1.4.3 remote root exploit for linux/x86. Exploits a format string vulnerability in the syslog() call.
2c8c5b4b13dedbf6ebdf17665491a0a0Jill.c (fixed version) is a remote exploit for the IIS 5.0 / Windows 2000 remote .printer overflow. Spawns a reverse cmd shell.
93cdeb0e038d60f38995346576863811Cfingerd prior to v1.4.2 remote root exploit - Takes advantage of the syslog format string bug. Tested on Debian 2.1 and 2.2.
24019c08c3dedc1545ebecd7ef99cf5bRonin.c is a FreeBSD-4.2 remote root exploit. Requires user access and a writable home directory without chroot.
d9fb736181b3c5e40177affa5cbef7d8The G6 FTP server v2.00 freezes if told to create a directory "COM1", "COM2", "COM3" or "COM4".
d75e83b84d93a14de68bc4d6112b2c82Windows 2000 / IIS 5.0 sp0 + sp1 remote exploit. Overflows the Host: header of the isapi .printer extension. The included shellcode creates a file in the root drive of c:\ which contains instructions on how to patch your vulnerable server. Compiles on Windows, linux, and *bsd.
f0bd495ec1eb2791ff66258da26512d1Windows 2000 / IIS 5.0 + SP1 Internet Printing Protocol vulnerability test. Causes a memory leak and reports whether or not the remote site is vulnerable, but does not contain shellcode.
d6ddc1ed29d70f3955e46b0fa7785df1
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed