Ssh client local root exploit which sets LD_PRELOAD and attempts to run /tmp/setuid. Works against old ssh clients.
6c609dea6804fb1f7818c3bca55210e1Remote root exploit for Solaris Sparc 6-8 rpc.walld.
efe4b59a4e682263de3745081e7014deMicrosoft IIS 4/5.0 remote .ida exploit. Spawns a shell on port 8008.
91fcaace681970dd3e84f036d14d35b7Badblue webserver v1.5 for Windows remote directory traversal exploit.
6611358811ea30b87156497f8bca824ePacket Storm new exploits for June, 2002.
b6025a148ccd27c70a57000c9c72f1a0Telindus router 10xx and 11xx remote exploit.
2bb0c9af0cee81710e46b6a2bfd45d5bUnreal IRCD v3.1.1 to 3.1.3 denial of service exploit.
995373cf5c62984b0c855eb4406cfd7aPerl portable Apache remote DoS v1.3.24/2.0.38 and below based on the recent flaw in chunked encoding. Causes a segmentation fault, does not rely on nc.
7f97a4ab79dbd46a1bbd26947c827758IRIX xfsmd remote root exploit. Tested against Irix v6.2, 6.3, 6.4, 6.5, and 6.5.16.
d9769aaa8cde1ae5a06b623eb7261b44Third party Cygwin port of apache-nosejob.c, an Apache v1.3.24 remote exploit for FreeBSD, NetBSD, and OpenBSD. Includes targets for FreeBSD 4.5, OpenBSD 3.0 / 3.1, NetBSD 1.5.2, and brute force mode for several versions. Attack is usually not logged unless server is patched.
8865867e7684f7440f83afd36c7140a8Microsoft IIS 4(NT4) and - IIS 5(Windows 2k) .asp buffer overflow exploit. Includes targets for IIS5 Chinese SP0, SP1, and SP2 and English SP2. Binds a shell to port 7788. Includes brute force mode.
03a1c65a246a327cf828b36ff5768131Apache v1.3.24 remote exploit for FreeBSD, NetBSD, and OpenBSD. Includes targets for FreeBSD 4.5, OpenBSD 3.0 / 3.1, NetBSD 1.5.2, and brute force mode for several versions. Attack is usually not logged unless server is patched.
92c7901b54614a0c41949143dbfe95e2Portable Apache remote DoS v1.3.24/2.0.38 and below based on the recent flaw in chunked encoding. Causes a segmentation fault.
0c49030760a07bfb7af836948809ac8eOpenbsd/x86 Apache remote exploit for the chunking vulnerability. Spawns a shell. Tested on OpenBSD 3.0 and 3.1 running Apache v1.3.20, 1.3.22, 1.3.23, and 1.3.24. Brute force mode can exploit other versions without targets, including some OpenBSD 2.8 versions.
af9127271cb03ea089da73f17ce3e16aApachefun is Spike script which exploits the new apache chunked data vulnerability. Tested on Apache-AdvancedExtranetServer/1.3.23. Causes a segmentation fault.
c8455b4e2474d49bb0701db97c11921cCisco VPN client v3.5.1rel-k9 (Linux version) buffer overflow exploit which spawns a root shell.
56d428dd63d990c68cef1a0836c1a617TrACESroute v6.0 gold local format string exploit exploit. Tested on Red Hat Linux release 7.2 (Enigma).
d3dae3563121908abae9ad79bfa3ec76Icecast v1.3.11 and below remote root exploit for linux/x86. Binds a shell to port 30464. Tested against SuSE 7.2, Debian 2.2r2, and Slackware 8.0.
799379731622113ad8524afa48eb31c5Magiccard.cgi has a directory traversal bug in the page variable that allows any file on the system to be read.
39a93c552c90538718d1332d440ad5ddMorpheus request share files denial of service exploit. Ported to Cygwin by Luigi Grandini
8d39fac6a150aae668e57f79e80d7722Execiis.c is a remote exploit for Bugtraq ID 2708 - Microsoft IIS CGI filename decode error. Ported to Cygwin by Luigi Grandini
ca96cce18a54e7e143b579e8a7eb55a5Cfingerd prior to v1.4.3 remote root exploit for linux/x86. Exploits a format string vulnerability in the syslog() call. Ported to Cygwin by Luigi Grandini
23762973b7772e35719966e9970c20f2This simple java program crashes the VM (at least 1.3.1-b24) on W2K, and is another example of Java-Frontier Bugs.
f832602e94c83b1f5af593fb621d4f03Linux/x86 remote exploit for Count.cgi. Ported to Cygwin by Luigi Grandini
e86dd6bdfc704307c388cb25dac3e3c0Plusmail remote exploit - plusmail fails to check authenticity before creating new accounts.
f939b2b08eb1b8e165dc9fba69ef3a39
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed