Section: .. / 0008-exploits /
/// File Name: |
irix-xlock.c |
Description:
|
Irix 6.3/6.2 /usr/bin/X11/xlock local buffer overflow exploit.
| Homepage: | http://lsd-pl.net | File Size: | 1744 | Last Modified: | Sep 8 00:21:02 2000 |
MD5 Checksum: | 19d26832ec333919d795f33bfc09de1f |
|
/// File Name: |
lpstat.c |
Description:
|
/usr/bin/lpstat local root exploit for solaris 2.7 sparc.
| Homepage: | http://lsd-pl.net | File Size: | 1732 | Last Modified: | Sep 7 22:15:46 2000 |
MD5 Checksum: | ee19326f19a0946f63799d3a1ae97dca |
|
/// File Name: |
eject3.c |
Description:
|
/usr/sbin/eject local exploit for Irix 6.2.
| Homepage: | http://lsd-pl.net | File Size: | 1692 | Last Modified: | Sep 8 00:30:10 2000 |
MD5 Checksum: | b4d3a80494b3fd6e91498e0cc48548be |
|
/// File Name: |
xsun.c |
Description:
|
/usr/openwin/bin/xsun local root exploit for solaris 2.6 2.7 sparc.
| Homepage: | http://lsd-pl.net | File Size: | 1683 | Last Modified: | Sep 7 22:09:30 2000 |
MD5 Checksum: | 50ff4d41f3cdbc4729c6a103a1fe385c |
|
/// File Name: |
eject.c |
Description:
|
/bin/eject local root exploit for solaris 2.5 2.5.1 sparc.
| Homepage: | http://lsd-pl.net | File Size: | 1650 | Last Modified: | Sep 7 22:21:45 2000 |
MD5 Checksum: | 12d8a70763042b720188a420ee7c86a6 |
|
/// File Name: |
passwd.c |
Description:
|
/bin/passwd local root exploit for Solaris 2.5 / 2.5.1.
| Homepage: | http://lsd-pl.net | File Size: | 1642 | Last Modified: | Sep 7 22:05:25 2000 |
MD5 Checksum: | 11c04649d2a1778c8af9806c351cb269 |
|
/// File Name: |
libnsl.c |
Description:
|
libnsl.so gethostbyname() local root exploit for solaris 2.5 2.5.1 sparc.
| Homepage: | http://lsd-pl.net | File Size: | 1619 | Last Modified: | Sep 7 22:25:26 2000 |
MD5 Checksum: | 064f697ca3ea6bf043fe1e8d54a3415d |
|
/// File Name: |
servu25e.txt |
Description:
|
FTP Serv-U 2.5e for Windows will stack fault if sent a string containing a large number of null bytes. The system Serv-U is running on may become sluggish/unstable and eventually bluescreen. A valid user/pass combination is not required to take advantage of this vulnerability. Perl proof of exploit code included.
| Author: | Blue Panda | Homepage: | http://bluepanda.box.sk | File Size: | 1600 | Last Modified: | Aug 4 02:30:36 2000 |
MD5 Checksum: | d0aa2f692d58312439eab78bc2008a5c |
|
/// File Name: |
login2.c |
Description:
|
/usr/lib/iaf/scheme (login) local exploit for Irix 5.3.
| Homepage: | http://lsd-pl.net | File Size: | 1594 | Last Modified: | Sep 8 00:24:02 2000 |
MD5 Checksum: | ccb17fe3c022a4e18e6bdbfe5af14102 |
|
/// File Name: |
WDK_v1.0.vuln.txt |
Description:
|
The Javaserver Webserver Development Kit (WDK) v1.0 contains a .. vulnerability allowing remote attackers to read any file on the system with the permissions of the webserver. The server typically resides on TCP port 8080 and instructions for identifying this server are given.
| Author: | Kevin Finisterre | File Size: | 1517 | Last Modified: | Aug 29 05:34:19 2000 |
MD5 Checksum: | 942419ad40c9d395eabf61da00278016 |
|
/// File Name: |
AccountManSploit.zip |
Description:
|
Product: Account Manager, Versions: ALL including LITE and PRO haven't been able to test ENTERPRISE, OS: Unix and Winnt, Vendor: Notified, http://www.cgiscriptcenter.com/, The Problem: The Script allows any remote user access to the Administration Control Panel through overwriting the Admin Password with one of their own making.
| Author: | n30 | File Size: | 1412 | Last Modified: | Aug 31 02:36:50 2000 |
MD5 Checksum: | d688ddb050336bd0b13139337235f9c8 |
|
/// File Name: |
bohttpd.vulnerability.txt |
Description:
|
A vulnerability has been found in Dan Brumleve's Brown Orifice HTTPD (BOHTTPD) which is a web server and file sharing tool that runs as a Java Applet in Netscape Navigator.
| Author: | specifying "\.." in HTTP requests to the server, an attacker can navigate the server's file system and view/download any files. ;Homepage: http://www.etl.go.jp/~takagi. | File Size: | 1344 | Last Modified: | Aug 9 05:18:35 2000 |
MD5 Checksum: | 965d8c14308ad6d17d82ad5910f37ecc |
|
/// File Name: |
inpview.c |
Description:
|
/usr/lib/InPerson/inpview local exploit for irix 6.5 and 6.5.8.
| Homepage: | http://lsd-pl.net | File Size: | 1265 | Last Modified: | Sep 8 00:30:59 2000 |
MD5 Checksum: | e451bb3c91d58f58a0be7cf74296cba9 |
|
/// File Name: |
trans.pl |
Description:
|
Win2k IIS remote exploit - Retrieves files using the Translate: f bug.
| Author: | Roelof Temmingh | File Size: | 1154 | Last Modified: | Sep 8 00:34:23 2000 |
MD5 Checksum: | ca39fae3ccf6cef0b09f5c8b1e171366 |
|
/// File Name: |
pgxconfig.sh |
Description:
|
TechSource Raptor GFX configurator (pgxconfig) local root exploit.
| Author: | Suid | File Size: | 1093 | Last Modified: | Sep 7 22:45:13 2000 |
MD5 Checksum: | b0f8b95c36241643788291ade89bb457 |
|
/// File Name: |
hpux.ftpd.txt |
Description:
|
HPUX's ftpd contains a remotely exploitable format string vulnerability in the PASS command.
| Author: | Venglin | Homepage: | http://www.freebsd.lublin.pl | File Size: | 1080 | Last Modified: | Aug 11 00:59:15 2000 |
MD5 Checksum: | 52757625c75bb68c6c403710d078bc99 |
|
/// File Name: |
dievqs.pl |
Description:
|
DoS exploit vulnerability test script. Affected: vqServer 1.4.49. There is a DoS possible in vqServer 1.4.49 if the remote host gets a GET command with approx 65000 chars in it.
| Author: | sinfony | Homepage: | http://www.ro0t.nu/csl | File Size: | 744 | Last Modified: | Sep 1 03:50:41 2000 |
MD5 Checksum: | bb949ae32c09a9e570ec0f702ea86813 |
|
/// File Name: |
lyris.3-4.txt |
Description:
|
Versions 3 and 4 of the Lyris List Manager allow any mailing list subscriber to gain access to the administrative interface of that list by changing a form before submitting it. Fix available here.
| Author: | Adam Hupp courtesy of Bugtraq. | File Size: | 721 | Last Modified: | Aug 15 07:22:23 2000 |
MD5 Checksum: | a9644285ccce803fd21a6ecad931c843 |
|
/// File Name: |
cmctl_exp |
Description:
|
This script is an exploit that is an addendum to ID 170 in the Bugtraq database. ID 170 lists several Oracle setuid executables but does not offer any exploit information. This code exploits the cmctl command by violating its trust in the integrity of the ORACLE_HOME and ORA_HOME environment variables. When the command "cmctl start cmadmin" is executed, it looks under the ORACLE_HOME\bin directory and attempts to execute cmadmin. The ORACLE_HOME variable can be modified to create a change in the path of execution.
| Author: | Kevin Wenchel | File Size: | 587 | Last Modified: | Sep 1 04:01:46 2000 |
MD5 Checksum: | bebfde5e1ca0a8b7b5a0798e710c7231 |
|
|
|
|
|