![[www.hack.co.za]](../images/logo.jpg){kind=logo}
| [txt | archive] | |
[archive | gui] |
| -[[ 23 march ]]- | ||||
| [-name-] | [-platform/daemon-] | [-description-] | [-type-] | [-author-] |
| squash.c | dg-ux 4.0x - x86 | lpsched command line parsing buffer overflow | local | luciano rocha |
| ftpsed.pl | ftpd | proftpd dos vulnerability | dos | speedy |
| shelldbsd.c | openbsd | port binding shellcode (port 6969) | shellcode | noir |
| aspseek-xpl.pl | cgi | env buffer overflow | remote | teleh0r |
| -[[ 22 march ]]- | ||||
| [-name-] | [-platform/daemon-] | [-description-] | [-type-] | [-author-] |
| layers.c | sco unixware 5.0.5 | command line parsing buffer overflow | local | k2 |
| ikonboard | cgi | "show files" vulnerability | remote | martin j muench |
| manhole.c | debian 2.2 | command line format strings vulnerability | local | fish stiqz |
| overflows.txt | basic overflow tutorial | a guide to writing simple buffer-overflow exploits for x86 *nix | papers | fides |
| -[[ 21 march ]]- | ||||
| [-name-] | [-platform/daemon-] | [-description-] | [-type-] | [-author-] |
| s | cgi | "show files" vulnerability | remote | tack |
| kermit.c | hp-ux 11.00 | command line parsing buffer overflow | local | k2 |
| aspseek.c | cgi | env buffer overflow | remote | neilk |
| webspirs.pl | cgi | users can read any file | remote | crono |
| -[[ 20 march ]]- | ||||
| [-name-] | [-platform/daemon-] | [-description-] | [-type-] | [-author-] |
| pqx.c | cgi | post-query buffer overflow | remote | proton |
| joe28.c | freebsd 4.2 | tmp race condition | local | fides |
| bs-ssh.tar.gz | mandrake 7.2 | sshd crc32 remote root exploit | remote | mods by nemes||y |
| reverse-shell.c | openbsd | reverse portshell shellcode | shellcode | noir |
| -[[ 11 march ]]- | ||||
| [-name-] | [-platform/daemon-] | [-description-] | [-type-] | [-author-] |
| vv5.pl | iis | users can shutdown iis through propfind bug | dos | georgi guninski |
| n82x.c | named | bind 8.2.x tsig off-by-one stack overflow | remote | ix & lucysoft |
| execve_binsh.c | freebsd | 23 byte execve() of /bin/sh | shellcode | marcetam |
| -[[ 10 march ]]- | ||||
| [-name-] | [-platform/daemon-] | [-description-] | [-type-] | [-author-] |
| webspirs | cgi | users can read any file | remote | ukr-xblp |
| dc20exp.c | freebsd 3.5 | poor bounds checking performed | local | mray |
| commerce | cgi | users can read any file | remote | slipy |
|
added descriptions for
irix.
|
||||
| -[[ 7 march ]]- | ||||
| [-name-] | [-platform/daemon-] | [-description-] | [-type-] | [-author-] |
| pals | cgi | users can execute commands | remote | ukr-xblp |
| auktion | cgi | users can execute commands | remote | ukr-xblp |
| mini-sh.c | linux-x86 | execve() of /bin/sh | shellcode | raise |
| iis-shellcode.zip | win32 | iis shellcode | shellcode | f.v.leitner & o.kesim |
|
added descriptions for
hardware and hpux.
|
||||
| -[[ 6 march ]]- | ||||
| [-name-] | [-platform/daemon-] | [-description-] | [-type-] | [-author-] |
| store | cgi | remote users can read any file | remote | slipy |
| ntping.c | bsdi 4.1 | enviroment overflow | local | loophole |
| way-board | cgi | remote users can read any file | remote | ukr-xblp |
| ssh-crc.tar.gz | sshd | sshd crc32 remote root exploit | remote | blacksphere |
| -[[ 5 march ]]- | ||||
| [-name-] | [-platform/daemon-] | [-description-] | [-type-] | [-author-] |
| rts.c | linux-x86 | reverse telnet shellcode | shellcode | hts |
| gdc.c | bsdi 4.1 | -t arg overflow | local | loophole |
| p-smash.c | win98/95 | dos attack from icmp packet type 9 and code 0 | dos | paulo ribeiro |
| execve-binsh.c | freebsd | execve() of /bin/sh | shellcode | preedator |
| -[[ 4 march ]]- | ||||
| [-name-] | [-platform/daemon-] | [-description-] | [-type-] | [-author-] |
| ospf | bsdi 4.1 | enviroment overflow | local | loophole |
| prodbx.c | sco openserver 3.2 | arg overflow | local | the itch |
| sendtemp-exp.pl | cgi | users can view files | remote | tom parker |
| glibc-preload.csh | redhat 6.0 | glibc 2.1.3 ld_preload bug | local | shadow |
| -[[ 3 march ]]- | ||||
| [-name-] | [-platform/daemon-] | [-description-] | [-type-] | [-author-] |
| lsub.c | slackware 7.1/7.0 | imapd remote lsub vulnerability | remote | skylazart |
| xmail.c | slackware 7.1 | argument overflow | local | kengz |
| exklock.c | freebsd 4.2/3.5.1 | xklock arg overflow | local | dethy |
| elvwreck.c | freebsd 4.2/3.5.1 | elvrec stack overflow | local | dethy |
| -[[ 2 march ]]- | ||||
| [-name-] | [-platform/daemon-] | [-description-] | [-type-] | [-author-] |
| at.c | tru64 unix 4.0g | (/usr/bin/at) local root exploit | local | loophole |
| tsig.c | named | bind 8.2.x tsig off-by-one stack overflow | remote | [multiple] |
| ssh-brute.sh | sshd | brute force root's password without detection | remote | jose |
| sshd-xpl.tar.gz | sshd | sshd crc32 remote root exploit | remote | paul starzetz |
| -[[ 1 march ]]- | ||||
| [-name-] | [-platform/daemon-] | [-description-] | [-type-] | [-author-] |
| bugtraq.c | slackware 7.0 | bind 8.2.x tsig off-by-one stack overflow | remote | gneisenau |
| tsl_bind.c | named | bind 8.2.x tsig off-by-one stack overflow | remote | axur.org |
| linx86_bind.c | slackware 4.0 / redhat 6.2 | bind 8.2.x tsig off-by-one stack overflow | remote | lsd |
| solx86_bind.c | solaris 2.7 x86 | bind 8.2.x tsig off-by-one stack overflow | remote | lsd |
| [comments? gov-boi@hack.co.za] |
EOF
|
|||