| [txt | archive] |
![[www.hack.co.za]](../images/logo.jpg) |
[archive | gui] |
|
| -[[ 29 april ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| ronin.c |
freebsd 4.2 |
glob() ftpd remote root exploit |
remote |
styx |
| fingex.pl |
debian 2.2/2.1/fingerd |
cfingerd <= 1.4.2 format strings vulnerbility |
remote |
lez |
| xnetprint.c |
irix 6.2 |
command line parsing vulnerability |
local |
v9 |
| execve-binsh.c |
openbsd |
23 byte execve() of /bin/sh |
shellcode |
marcetam |
if anyone is interested in writing exploit code for already found vulnerabilities/advisories, mail me.
|
| -[[ 28 april ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| perlcal |
cgi |
"show files" vulnerability |
remote |
stan |
| iis-stm.c |
iis |
iis 4.0 stm dos |
dos |
styx |
| hfaxd-fs-xpl.pl |
redhat 6.0 |
hylafax-4.0pl2-2 format strings vulnerability |
local |
teleh0r |
| execve-binsh.c |
linux-x86 |
23 byte execve() of /bin/sh |
shellcode |
marcetam |
| |
| -[[ 23 april ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| x-innfeed.c |
slackware 7.1/ redhat 7.0 |
buffer overflow which yields uid news |
local |
e.a.s montellano |
| kick_orcl.pl |
winnt |
users can crash oracle 8.0 remotely |
dos |
r0ot |
| snmpxdmid.c |
solaris 8.0 / 7.0 |
buffer overflow vulnerability |
remote |
lsd |
| imapd_lsub.c |
redhat 6.2/ 6.1/ 6.0/ 5.2/ 5.1 |
list/lsub vulnerability |
remote |
narrow |
|
48 broken links fixed
58 orphaned pieces of code made accessible
|
| -[[ 22 april ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| turkey2.c |
openbsd 2.8/ freebsd 4[0-2] |
glob() ftpd remote root exploit |
remote |
fish stiqz |
| imap-lsub.pl |
redhat 6.2 |
list/lsub vulnerability |
remote |
zucco |
| nph-maillist.pl |
cgi |
users can execute commands |
remote |
kanedaaa |
| 7350cfingerd-0.0.4.tar.gz |
debian 2.2/2.1 |
cfingerd <= 1.4.2 format strings vulnerbility |
remote |
scut |
| |
| -[[ 19 april ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| fng.sh |
solaris 8.0/7.0 |
information leak vulnerability |
remote |
warning3 |
| vim-xpl.c |
redhat 7.0 |
environment / path vulnerbility |
local |
styx |
| openbsd.glob.c |
openbsd 2.8 |
glob() ftpd remote root exploit |
remote |
stok |
| mailnews-ogorek.pl |
cgi |
users can execute commands |
remote |
kanedaaa |
|
added a lot of cgi exploits.
split up the cgi category in 5 subsections as it is growing rather large:
showfiles, php, password, execute and dos categories
|
| -[[ 18 april ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| turkey.c |
freebsd 4.0 |
glob() ftpd remote root exploit |
remote |
fish stiqz |
| impalla.c |
win98 |
fragmented igmp type 8 packets crash host |
dos |
auriemma luigi |
| globulka.pl |
freebsd 4.2 |
glob() ftpd remote root exploit |
remote |
venglin |
| fbsdftp-ex.c |
freebsd 4.2 |
glob() ftpd remote root exploit |
remote |
noah williamsson |
| |
| -[[ 17 april ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| tip.c |
solaris 8.0/7.0 (x86) |
home environment buffer overflow vulnerability |
local |
pablo sor |
| ftpd-grab |
solaris 7.0/2.6 |
remote users can scan for valid usernames |
remote |
unknown |
| kmailbug.c |
redhat 6.2/6.0 |
kmail content disposition bug |
remote |
crashkiller |
| kcms_configure.c |
solaris 8/7 (sparc) |
commandline parsing overflow |
local |
riley |
| |
| -[[ 15 april ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| clipper |
cgi |
'arbitrary file retreival' vulnerability |
remote |
ukr xblp |
| xsun2.c |
solaris 2.7 (x86) |
'home' environment overflow |
local |
riley |
| kcssunwiosolf.c |
solaris 2.7/2.6 (x86) |
kcms_profiles environment variable buffer overflow |
local |
lsd |
| kcssunwiosolf.c |
solaris 2.8/2.7/2.6 (x86) |
kcms_profiles environment variable buffer overflow |
local |
lsd |
|
completed descriptions for: sco unixware
solaris (x86)
and win95
|
| -[[ 14 april ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| ntpdx.c |
freebsd 4.2 / redhat 7 |
readvar argument buffer overflow |
remote |
venglin |
| imaper.c |
freebsd 4.0 |
list/lsub vulnerability |
remote |
p0kem0n |
| talkback |
cgi |
"show files" vulnurability |
remote |
thepike |
| dtsession.c |
solaris 2.7/2.6 (x86) |
"lang" environment buffer overflow vulnerability |
local |
lsd |
| |
| -[[ 09 april ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| epcs2.c |
all linux distributions |
execve/ptrace race condition |
local |
liquid / wp |
| mysql.sh |
sql |
exploit for mysql-3.20.32 |
local |
amorphis |
| crazyboard.pl |
cgi |
crazywwboard.cgi overflow |
remote |
teleh0r |
|
removed links/greets/contact sections.
removed all those annoying blue border frames.
removed 'rare', 'elm' & 'ultrix' sections, no point in keeping waste is there?
completed descriptions for: win2k, turbolinux, suse, mandrake and openlinux.
|
|
EOF
|