Unichk is a tool for Linux which checks for 224 Unicode vulnerabilities in Microsoft IIS.
45a6db642a8a66e95d9334c8d29873ecda259a67fbb203d5302c66e083806f7ePacket Storm new exploits for 2001.
74dfc295acf2312c8eacf598a21c3a04546d9682ff83df4ffec02c4606fa6864WinME/XP UPNP remote dos and buffer overflow overflow exploit. Sends malformed data to TCP port 5000. Includes the option to spawn a shell on port 7788.
08fb0332ba43b8add4092a0b40ea0068c226e04b2bb2afbad053dff15f016e45Proof of concept exploit that demonstrates the xlock heap overflow bug on Solaris versions 2.6, 7, and 8 on SPARC.
bf9e2c6de61ee4d125776384364bbb6fb13b85cfc8b0fcab9e9dd5dced6364ceProof of concept exploit that demonstrates the xlock heap overflow bug on Solaris versions 8 on x86.
c6d968271ce21cace85aca6a0e811f68bd4950e9634a6aba411d4c68ad47144fSolaris x86 v2.8 /bin/login via telnet remote buffer overflow exploit. Uses fixed addresses. Executes any command as root.
8d3fd288df4995d5d3f1e2fea300e371c51d0455b03a428ac1c07e3ded29d2abPmake <= 2.1.33 local root exploit. Some distributions have pmake suid root by default.
2b080511384ae8e213adb366947433c6146e524aa2bfafbf50c32312f1454f8fNb-isakmp.pl is a proof of concept exploit for Bugtraq # 3652 - ISAKMP/IKE remote denial of service against Win2k. This code may exploit other bugs as well. Perl version.
6ef25b8d1ba114841a8d4ccc55e140f50dd17a4700763333202bc66f1293b338Nb-isakmp.c is a proof of concept exploit for Bugtraq # 3652 - ISAKMP/IKE remote denial of service against Win2k. This code may exploit other bugs as well. C version.
f5486daacf1b331ad898ccb4e9629d84abc8a606c7e8d3b2b80234edda1df027AdStreamer is a cgi package with several remote vulnerabilities, one of which allows remote command execution. Buggy open calls were found in addbanner.cgi, banner.cgi, bannereditor.cgi, and report2.cgi.
b45aa093198822646a56eced2418259c61c1cd33a6793264a56045e50d87c79aA flaw in Microsoft Internet Explorer allows an attacker to perform a SSL Man-In-The-Middle attack without the majority of users recognizing it. In fact the only way to detect the attack is to manually compare the server name with the name stored in the certificate due to a flaw in the way IE checks HTTPS objects that are embedded into normal HTTP pages.
be656d7d8e024e7317da02518924572f3527b139ee72d711816b35515804709cPlesk, a popular server administration tool used by many web hosting companies, has a bug which allows remote users to view the source of .php hosted files. All versions prior to v2.0 are affected.
086915112cab9f9dc4dd1793e8217e3b54220f795ea7084a433c309e15fa6430The script command overwrites hardlinks named typescript in the current directory.
d79023227c22e8ad95ff6441f4cb693f4c84fd87bea085fa786b664d343ebb48ATPhttpd v0.4a remote denial of service buffer overflow Tested against OpenBSD 2.9.
b926c41fa5256e3f69e7d8bdcd486888ac5ea32cb2be030fd7dddd830c91635dATPhttpd v0.4b remote buffer overflow exploit. Tested on and against OpenBSD 2.8. Binds a shell to port 6969 which has the UID of the webserver.
757c275efbea1d7b73f2905d9f4495bea18769bc447e4b0528d63eaf7503bca7A security flaw in the itransact.com credit card payment system allows users to change the price of merchandise ordered.
d2ef91a633470fc9cfb5fcddc6efc11dc6bb686462ccd29b78c18ee6d0ea5e3cSpeedXess DSL routers come with a default password of speedxess.
da62a2697de53a086c998d6c3b8938a5da5307e7e8114b9715c39b9d38d81e87Wu-Ftpd v2.6.1 and below remote root exploit which takes advantage of the SITE EXEC globbing vulnerability. Includes instructions on finding the offset with gdb.
f36854f1f5c3e1528c3b6966411d9d8995bb5081ba3c3e750ff7c8507aa3372cEttercap v0.6.2 local root format string exploit. Works if the administrator made Ettercap SUID.
4f7b696cea2b1db223e600477d54422235560202856224be55543c7f58c4a210OpenSSH v3.0.1p1 and below root exploit which only works of the administrator has turned on the UseLogin feature. Uses the libroot library. Requires an account on the remote machine.
b785235fe2fbf2c69f44d93ca622e244033585cf6ba64fbd80330fe466a5f2fcThe Kebi Webmail server allows remote users to have administrator access by going to http://site.com/a/.
5d2ff185f4844973c582f3bddcc8faef759c384b62fe1ca66d7e8a6cc8549176Jack.c is a remote exploit for the Active Perl ISAPI overflow described in Bugtraq ID 3526. Sends you a shell with SYSTEM level access.
3745d798cbfd539aa3903eced68c73268af5b0ed42cc15a37971c2d5e4a435b4Jim.c is an exploit for the remote IIS server side include buffer overflow vulnerability. Tested on Linux and Win32. To exploit this vulnerability you must have write access to the web root of the target web server. Causes the server to send you a shell with SYSTEM level access.
fc4394ea6bdefdcf93fd1062c5697de010d7b73a75a52213eedbd484a3d7bfabBadboy.c is a remote exploit for the Win32 Checkpoint Firewall-1 GUI log viewer program. Binds a shell to a port with SYSTEM level access. Must be run from a valid GUI client machine.
4cf220b4efdf8049558c14ed6efc96485034f17cf3eb5a189cb6dcffc19f652c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed