adstreamer.txt
AdStreamer is a cgi package with several remote vulnerabilities, one of which allows remote command execution. Buggy open calls were found in addbanner.cgi, banner.cgi, bannereditor.cgi, and report2.cgi.
View Articletalkd.format.txt
A format string vulnerability exists in most talkd implementations. Talkd included with older linux netkits (like 0.9) and KDE 1-3 is vulnerable.
View Articleircit-3.1.txt
Gobbles Security Advisory - IrcIT v3.1 and below contains remotely exploitable buffer overflows.
View Articleapache-scalp.c
Openbsd/x86 Apache remote exploit for the chunking vulnerability. Spawns a shell. Tested on OpenBSD 3.0 and 3.1 running Apache v1.3.20, 1.3.22, 1.3.23, and 1.3.24. Brute force mode can exploit other...
View Articleapache-nosejob.c
Apache v1.3.24 remote exploit for FreeBSD, NetBSD, and OpenBSD. Includes targets for FreeBSD 4.5, OpenBSD 3.0 / 3.1, NetBSD 1.5.2, and brute force mode for several versions. Attack is usually not...
View Articleapache-nosejob.zip
Third party Cygwin port of apache-nosejob.c, an Apache v1.3.24 remote exploit for FreeBSD, NetBSD, and OpenBSD. Includes targets for FreeBSD 4.5, OpenBSD 3.0 / 3.1, NetBSD 1.5.2, and brute force mode...
View Articlesshutup-theo.tar.gz
OpenSSH v2.9.9 to 3.1 remote root exploit for the default install of Openbsd 3.x. This tarball is a set of patches for the OpenSSH v3.4p1 client. Takes advantage of a bug in the challenge response...
View ArticleGOBBLES-own-ipppd.c
Gobbles exploit for ipppd which is part of the isdn4linux-utils package and is part of the default install of many linux distributions. Under Suse 8.0, ipppd is installed suid root but can only be run...
View Article