Sharutils 4.2.1 local root exploit. Note: shar is NOT setuid by default, so this exploit is completely proof of concept if for some reason the binary was setuid.
edd1020fd999d8177e094173be570e3a68f63ad358f7757f48ef91abc923b842Remote test code that verifies buffer overflows in the Medal of Honor games including Allied Assault version 1.11v9 and below, Breakthrough version 2.40b and below, and Spearhead version 2.15 and below.
d9dedeac1cdba39e43966b1bd9cafc503a11804078a6604f32a375fcd32513a2Local elevation of privileges exploit for the Microsoft Windows 2000 Utility Manager vulnerability. Updated version that can be executed via simple cmd.exe shells using a normal user account. Gives a shell with SYSTEM privileges.
075b9e7810c1d745ad80808bae307f18bd645d2e8f49f32f7a9315895c6f6671Local elevation of privileges exploit for the Microsoft Windows 2000 Utility Manager vulnerability. Gives a shell with SYSTEM privileges.
6b4c09c3bcb0f4713a12fc777f2245169344041b7020220a150fb035f8202c0fWeb_Store.cgi allows for remote command execution due to a lack of variable sanitization.
a77628094a6127c5e36615486c6060183b4949cad68e0d36d30f9e53dae43249PHP Nuke versions 6.x through 7.3 suffer from cross site scripting and SQL injection flaws.
70f19d1381815ef51a0a74bdb7a4451ff7d7ed90c0e356680bec2079856ee621Remote denial of service exploit for a flaw in the Half-Life server on Linux and Windows where a write occurs to a read-only memory zone.
e7c70144dd5330c1cc7ffb608a02732ad9ec1fa4f17140d79be8c64ffa1b32d3A .diff file, applied to the MySQL 5.0.0-alpha source distribution will allow building a MySQL client that can be used to connect to a remote MySQL server with no password.
576c8349f99ca721889a85397e1a11e6091d306a88102e339b9bede903f555e3Eudora versions 5.x to 6.0.3 local exploit that makes use of the attachment buffer overflow.
b12afdc02490ee71c2c3aa96f757819e0536e0c849fc10475ea6f7c61d1b9fb2Proof of concept exploit for setterm, which is not usually suid by default.
37fc3910aea9e92bebf4de0177bdd4956c99895ef67c20698d3cab977eeefda0Exploit for a buffer overflow in drcatd 0.5.0 beta. This may allow for command execution when the system administrator has assumed that only read access to files has been granted, but as it requires a valid username and password, this is unlikely to ever be a high-risk exploit.
0155b39c65536150f635524e364054ab87c6d89aece5942882b50c8ecf65b315A lack of sanity checking in Centre version 1.0 allows unprivileged users the ability to change administrator options and create new accounts.
d807a0fae0b3b4095b2aa40f70ea4d4a25e1b17df1521ae12a2acf5f9d7e285fphpMyAdmin version 2.5.7 is susceptible to allowing remote malicious users the ability to inject PHP code. Full exploit provided.
3887a9ab442dd9cfe54535fe2c1cf53956fc6d2b0c4af5c41bb474addb3c2202
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed