Bind 8.2 8.2.1 8.2.2 8.2.2-PX remote root exploit for Slackware 4.0 and Redhat 6.2. Exploits the infoleak bug to generate a DNS tsig exploit packet. The uses an assembly routine to bypass tightly configured firewall systems (with only 53 tcp/udp port open).
3f51fe2cbc7c5d6d666808c7e189988cSendmail 8.11.5 and below local root exploit. Tested against Red Hat 7.0 and 7.1, SuSE 7.2, and Slackware 8.0.
2208cdd278d3a6de2a4cb062738312daBind v8.2, 8.2.1, 8.2.2, and 8.2.2-PX remote root exploit for Solaris 2.7 x86.
d53ed37d58ba609a3bd552ca9347b103KDE 2/3 artsd 1.0.0 local root exploit proof of concept. Artsd is not suid - exploit written for practice.
916f2ce88906e5d62424a4688a27f6f0Packet Storm new exploits for July, 2002.
e946a2e3f8758ad47c16b18cfa06296cOpenSSL v0.9.6d and below remote exploit. In Spanish and HTML.
525656635d05597960825cb10ebae0fbPHP exploit lab v1.0 - Attempts to browse, read, execute, and mysqlread.
46452334aac570201d710e1e5be71100/bin/su tru64 local root exploit. Works even with non-exec stack enabled.
cb72708fda78a3fe02884eca76a122cfIE gopher buffer overflow exploit. Tested on W2k Korean and Wme Korean.
2a09eb0b9caf8054b336df4c417a2692IPSwitch IMail Server v7.11 remote system exploit. Overflows the GET parameter in the Web Messaging daemon in all IMail versions to date. There are over 49 million users of IMail worldwide. Patch available here.
22ae348b69df28ff99a57f3426cc6dc5PHP v4.2.0 and 4.2.1 with Apache 1.3.26 POST bug proof of concept exploit for x86. Produces a segmentation violation (signal 11).
58ecc56a105c84c16cacabb2d7b4ba2cCode Blue remote exploit for OpenBSD. Code blue is a code red scanner with several vulnerabilities.
3445855247a194bb95a591505b9a0a8eMailMax Standard/Professional popmax v4.8.2.5 and below remote exploit. Sends a long USER string to the pop3 daemon. Tested against Windows 2000 Professional/Server and Windows XP Professional. Patch available here.
cf616b36eec096e8bad38f8ea2da7487Nanog traceroute format string local root exploit.
ec37176265c2d7ab43a56e64385140ccGpm v1.19.6 and below local format string exploit in perl. Note that GPM is not suid. Tested on gpm-Linux 1.19.2.
ab2062ec424cefab49197a8b0302e189Mercur mail server v4.2 remote exploit. The Mercur mail server's control service listens to tcp port 32000 and is vulnerable to a buffer overflow in the password field. Tested against Windows 2000 and XP pro. Sends a shell to port 3333.
b96fa01c77bd8705dbb5f1c4144d6daeRemote format string exploit for the nn news reader v6.6.4 and below. The vulnerability resides in the code that handles NNTP server responses.
cfa6fafc1e015c01220be42e3967e449SnmpXdmid auto rooter based on snmpXdmid exploit from http://lsd-pl.net.
e49ce9de1f361fae3fa9280c9c2dbdbbLocal buffer overflow exploit for KDE's artsd v2.x and 3.x.
28ee2d6d19ee868c1a758c0011617b4eApache remote DoS (1.3.x/2.0.x branches) based on the recent flaw met in chunked encoding.
ca292a7c969c9fe595d0b5503fb7443cKcms_configure -o -S command line local root buffer overflow for SPARC/solaris 8. More information available here.
230e21f0977e1a95ae6d4a4f6fb61b35The KF Web Server v1.0.2 shows file and directory content if %00 is appended to the URL. Patch available here.
3c3b2ab77b22fab41d763a6e86b4cf30IE'en remotely controls Internet Explorer using DCOM. Windows username and password required. This tool can capture data sent and received using Internet Explorer and more.
5e94f7b3c5390127c607d935b8aa1e592fax -bpcx option local exploit for Linux.
425a9a33690eba32fe3fcb42f4c778a6NN v6.6.3 and below remote format string exploit for FreeBSD. Malicious server owners can use this vulnerability to execute code on systems that are connected with affected clients. Fix available here.
78ff1b9819b8ec20612941f3cc93c67d
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed