Inflex is an email scanner which encapsulates your existing sendmail server setup. It scans both incoming and outgoing email and it does not alter your current /etc/sendmail.cf file. It can scan for email viruses, unwanted file types (eg. EXE, BMP, MPEG) and file names (eg. prettypark.exe). It can also be used to scan for text snippets within emails.
7e940e81b05c21de023858e47275acab82a79a82b5826e7471c5e5b9f3eb9dd8
Ktvision v0.1.1-271 and below symlink local root exploit. Tested against SuSE 7.1.
7484393e8ed414c9a92178e33e802ebab4f5ba09c299bb89762e99c3e225abf9
Tarantella 3.01 ttawebtop.cgi "show files" exploit. '..' and '/' are not filtered while processing user input, so it is possible to enter arbitrary values to retrieve files from remote sever, which should not be accessible normally. Exploit URL included.
9d5f4ace0d04cf6c840c506cafe1e2d3223f2c0444093380f59b04e3a168c8d5
/usr/local/bin/filter local exploit. Gives GID=mail. More information available <a href="http://www.tao.ca/fire/bos/0354.html"here.</a> Tested against Slackware 3.1. Exploits the nlspath buffer overflow.
ba1c94f39c9843539d6330b83182ca2c4e79cc085b9114c402708728dea02aae
FreeBSD 3.1 - 4.3 local root exploit - Uses the signal condition vulnerability discovered by G. Guninski.
877ecb999c4cc6e021713bc69df6e18a70c93bcd73f813c5488ecc59bcd1edb6
qDefense Advisory Number QDAV-2001-7-3 - Interactive Story does not properly validate the contents of a hidden field entitled "next". Setting that field to the name of a file, and using double dots and poison nulls, an attacker can cause Interactive Story to display the contents of any file. Exploit URL included.
97e8dec2dd73cc70c28c0ffa336013bf512a8924ca83704f520ae24b059baa61
Sneaky2.sh is a swiss army knife for Hotmail/Messenger. Implements Spoofing/brute force/misconception/unexpected input Class Attacks. Will spoof Hotmail/messenger server to recover user hotmail/password, crash messenger client, remotely inject and execute malicious exe on the victim host.
a20cd1bbf47e56f622a99907ad68665a56c73da31f4c7353938fa59ca1b6d1f4
Slackware 8.0 local root exploit - Creates a suid shell when "modprobe lp" is run from the startup scripts.
b8b095012e691aba701cd6577f74f4427437ebc53c5be9b4cc9758dc3d3cfeeb
Red Hat Security Advisory RHSA-2001:091-07 - Elm had a buffer overflow when handling very long message-ids. This overwrote other header fields, and could potentially cause more damage. Red Hat Linux 5.2, 6.2, 7 and 7.1 is vulnerable.
d4b372395a2cdc3ff027c6537d7c9d02e3d327aec80692578de48c794ce48673
Checkpoint Firewall-1's SecureRemote allows any IP to connect and download sensitive network information. This perl script gives a potential attacker a wealth of information including ip addresses, network masks (and even friendly descriptions).
e3619e7d295ef6e80dc77aada9c151eaf7aeff1c25021ef117f8331019de3414
Looking for Vulnerabilities - Our approach has been to look for a few common mistakes in programs (and scripts) of interest (mainly setuid, setgid programs and network servers). This paper focuses on unsafe temp files, unsafe environment, and buffer overflows.
f66499c4db19f49b5b6f1abda1969d8574ee7a5fbe0ed73010d9c2401d1d8dac
Cfingerd v1.4.3 remote root exploit for Linux. Binds to port 113 and sends bogus ident information.
badd5107b708ecea2476eda90f2a5fe6efe2f9988539733c58710c082a2510d6
Qflood.c fills up a Quake server with spoofed "unconnected" clients, disallowing other players the ability to connect to the server since the player limit fills up quickly. Additionally, if the server does not support multiple clients from the same IP address, it will disconnect legitimate players if the spoofed connection request matches that player.
95dc326a06fe3c681ddfaa0640318f142424dde88304e2016971c379de4e6763
Slackware 8.0 and below ships with /var/man/cat* chmodded 1777, making it vulnerable to symlink attacks. This exploit creates a suid shell with the UID of the user running man.
0fb25cf68a4fba71eceef2ca23db4efbe592af7e1416b2d13051e5e4b6990a46
CERT Advisory CA-2001-18 - Several implementations of the Lightweight Directory Access Protocol (LDAP) protocol contain vulnerabilities that may allow denial-of-service attacks and unauthorized privileged access. Vulnerable services include the iPlanet directory server, IBM SecureWay running under Solaris and Windows 2000, Lotus Domino R5 Servers, Teamware Office for Windows NT and Solaris, Qualcomm Eudora WorldMail for Windows NT, Microsoft Exchange 5.5 LDAP Service, Network Associates PGP Keyserver 7.0, prior to Hotfix 2, Oracle 8i Enterprise Edition, and OpenLDAP, 1.x prior to 1.2.12 and 2.x prior to 2.0.8.
9e19cd7d66a55eef48a071019853306af25f3e45626db8738dc134913870e60f
Local root exploit for /usr/bin/ml85p, a suid binary which is vulnerable to a local symlink attack. It is included in Mandrake 8.0 by default.
7fc636ec99a7121c1576f6a3baa4cfa2f6d10bc5a5797fccdad14335a04ae46a
Xxman.sh is a local root exploit for an insecure system call in xman.
dd25b5e529ce5af581d7a7a71daf938f6d23f44ce00583eff27d6eb652b11730