| -[[ 30 november ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| inc.c |
bsdi 3.0 |
-file stack overflow |
local |
v9 |
| inn-nnrp.c |
nntp |
innd nnrp overflow |
remote |
babcia |
| su-dtors.c |
suse 6.2 |
glibc format strings su exploit |
local |
localcore |
| local_nonexec_sun.c |
solaris 2.7/7.0 |
locale format strings exploit |
local |
warning3 |
| |
| -[[ 29 november ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| bftpexp.c |
ftpd |
format strings bug |
remote |
digit |
| rcpsploit.pl |
redhat 6.2 |
users can spawn a suid shell |
local |
tlabs |
| dump-0.4b15x.c |
redhat 6.2 |
external program call with suid priv |
local |
mat |
| |
| -[[ 21 november ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| sperl.c |
bsdi 3.0 |
stack buffer overflow |
local |
v9 |
| bobek.c |
ftpd |
format strings exploit (update) |
remote |
venglin |
| xrcvtty.c |
bsdi 4.0/3.0 |
stack buffer overflow |
local |
v9 |
| vixie-cron.sh |
debian 2.2 |
insecure umask() and fopen() calls |
local |
michal zalewski |
| |
| -[[ 20 november ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| locale.c |
solaris sparc 7.0/2.6 |
format string exploit |
local |
solar eclipse |
| xlockfmt.c |
slackware 7.1 |
format string exploit |
local |
ben williams |
| hp-pppd.c |
hp-ux 11.0 |
stack buffer overflow |
local |
k2 |
| ypbind.tgz |
redhat 7.0/debian 2.2 |
format string exploit |
remote |
digit |
| |
| -[[ 19 november ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| dump.sh |
redhat 6.2 |
external program call with suid priv |
local |
mat |
| portbind.c |
solaris sparc |
portbinding shellcode |
shellcode |
dopesquad.net |
| crontab.sh |
hp-ux 10.20 |
users can overwrite files |
dos |
dubhe |
| passive connect.c |
freebsd |
connect back shellcode |
shellcode |
scrippie |
| |
| -[[ 18 november ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| iisex.c |
win2k/nt/iis |
unicode transversal bug |
remote |
incubus |
| iis-zang.c |
win2k/nt/iis |
unicode transversal bug |
remote |
optyx & t12 |
| unicode.pl |
win2k/nt/iis |
unicode transversal bug |
remote |
steeLe |
| unicodexecute.pl |
win2k/nt/iis |
unicode transversal bug |
remote |
roelof temmingh |
| |
| -[[ 17 november ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| ppp-off.sh |
slackware 7.1 |
insecure /tmp call |
dos |
sinfony |
| xsplumber.c |
games |
strcpy() buffer overflow |
local |
v9 |
| listmail-exploit.pl |
cgi |
users can execute commands |
remote |
teleh0r |
| utilmind-maillist-exploit.pl |
cgi |
users can execute commands |
remote |
teleh0r |
| |
| -[[ 16 november ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| hl-rcon.c |
games |
rcon exploit |
remote |
condor & csh |
| restore.sh |
redhat 6.2 |
external program call with suid priv |
local |
nawok |
| oidldapd.c |
redhat 6.2/6.1 |
home enviroment overflow |
local |
unknown |
| resdump.pl |
redhat 6.2 |
external program call with suid priv |
local |
tlabs |
| |
| -[[ 15 november ]]- |
|
| [-name-] |
[-platform/daemon-] |
[-description-] |
[-type-] |
[-author-] |
| pollex.pl |
cgi |
users can control poll cgi |
remote |
keelis |
| openwall.c |
debian 2.2 |
heap mismanagement bug |
local |
mastersecurity |
| news_exp.c |
cgi |
users can change cgi admin password |
remote |
morpheusbd |
| gnomehack.c |
debian 2.2 |
home enviroment overflow |
local |
v9 |
| |
| [comments? gov-boi@hack.co.za] |
EOF
|
![[www.hack.co.za]](../images/logo.jpg){kind=logo}