Packet Storm's last 100 added files.
Last Updated: Wed Dec  3 21:51:00 EST 2008


[ USN-686-1.txt ] 75c145ec64f4430ab0be1e1967985fce Ubuntu Security Notice USN-686-1 - Morgan Todd discovered that AWStats did not correctly strip quotes from certain parameters, allowing for an XSS attack when running as a CGI. If a user was tricked by a remote attacker into following a specially crafted URL, the user's authentication information could be exposed for the domain where AWStats was hosted.  
[ USN-685-1.txt ] 160150a1aec9ec4fbae385d4790925ed Ubuntu Security Notice USN-685-1 - Wes Hardaker discovered that the SNMP service did not correctly validate HMAC authentication requests. An unauthenticated remote attacker could send specially crafted SNMPv3 traffic with a valid username and gain access to the user's views without a valid authentication passphrase. John Kortink discovered that the Net-SNMP Perl module did not correctly check the size of returned values. If a user or automated system were tricked into querying a malicious SNMP server, the application using the Perl module could be made to crash, leading to a denial of service. This did not affect Ubuntu 8.10. It was discovered that the SNMP service did not correctly handle large GETBULK requests. If an unauthenticated remote attacker sent a specially crafted request, the SNMP service could be made to crash, leading to a denial of service.  
[ clamav0941-overflow.txt ] 59918e80ac659a0e378d6b403e18912a Stack overflow proof of concept exploit for ClamAV versions below 0.94.2 that relates to JPG file handling.  
[ SSRT080141.txt ] afacac6c6871fe4d9d07e866a0958539 HP Security Bulletin - A potential security vulnerability has been identified in HP-UX. The vulnerability could be exploited locally to create a denial of service (DoS).  
[ cainabel-overflow.txt ] e43b6f151b55255022c69b51d53e3cec Cain and Abel version 4.9.23 RDP file buffer overflow exploit that adds an administrator user.  
[ SVRT-06-08.txt ] 6cabe3f47c31245ee257594b7872eca0 mvnForum versions 1.2 GA and below suffer from a cross site scripting vulnerability and multiple cross site request forgery vulnerabilities.  
[ radasm-hijack.txt ] a04887449d1781da46fdc4e3e3bcf59c RadAsm versions 2.2.1.4 and below WindowCallProcA pointer hijack exploit with calc.exe shellcode.  
[ joomlajmovies-sql.txt ] 7e5beb358a1b6d65f2f8bb4027efb9f0 Joomla Jmovies component version 1.1 remote SQL injection exploit.  
[ yappang-xss.txt ] 754681a11ad41177cdc7028cd3a16e26 yappa-ng suffers from a cross site scripting vulnerability.  
[ buzzywall-xss.txt ] aedefea7ba8abaa1001fa168c40640ca BuzzyWall suffers from a cross site scripting vulnerability.  
[ freekot-sql.txt ] 42a1a9482e05b861b8661c18b28e5890 FREEKOT suffers from a remote SQL injection vulnerability that allows for authentication bypass.  
[ revsense-sqlxss.txt ] 397f01564b9170d347621c98c58e56e7 RevSense version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.  
[ sailplanner-sqlxsslfi.txt ] 5a3c34a58dbd41ea2548606aabc73eef SailPlanner suffers from cross site scripting, remote SQL injection, and local file inclusion vulnerabilities.  
[ securedownload-xsscm.txt ] 5438684e5be9427cb5d7574c897de4b3 Secure Download version Alpha 0.2.1 suffers from cross site scripting and cookie manipulation vulnerabilities.  
[ raemedia-sql.txt ] 7fbde75effdee616bbadd2f2d5b053a4 Rae Media Contact MS suffers from a SQL injection vulnerability that allows for authentication bypass.  
[ proclan-fixation.txt ] 5fe0e3950f6e545a7b6746edd8f8beca Pro Clan Manager CMS version 0.4.2 suffers from a session fixation vulnerability.  
[ checknew-sql.txt ] 35cd4306e6258d120a2723282399c07e Check New version 4.52 remote SQL injection exploit that makes use of findoffice.php.  
[ dsa-1679-1.txt ] 754fa172693331bf0ec70b06ef5713de Debian Security Advisory 1679-1 - Morgan Todd discovered a cross-site scripting vulnerability in awstats, a log file analyzer, involving the "config" request parameter (and possibly others; CVE-2008-3714).  
[ dsa-1678-1.txt ] 30869675c4b089500534b927d04f58c0 Debian Security Advisory 1678-1 - Paul Szabo rediscovered a vulnerability in the File::Path::rmtree function of Perl. It was possible to exploit a race condition to create setuid binaries in a directory tree or remove arbitrary files when a process is deleting this tree. This issue was originally known as CVE-2005-0448 and CVE-2004-0452, which were addressed by DSA-696-1 and DSA-620-1. Unfortunately, they were reintroduced later.  
[ aspuserengine-disclose.txt ] beb86616d262ac0c344fb4f1266a5ec4 ASP User Engine .NET suffers from a remote database disclosure vulnerability.  
[ codefixer-disclose.txt ] fbb85965facf9767a059403bd6edd8a0 Codefixer MailingListPro suffers from a remote database disclosure vulnerability.  
[ VMSA-2008-0019.txt ] bf8b9cd53f0f974f1f3e6b17c7c1826b VMware Security Advisory - VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2.  
[ calendarmx-sql.txt ] e1afb383436b4b8ea200660c49ae5dfc Calendar MX Professional version 2.0.0 suffers from a blind SQL injection vulnerability in calendar_Eventupdate.asp.  
[ gallerymx-sql.txt ] 74654e3e4613481dc6c82a3f17ae38ad Gallery MX version 2.0.0 suffers from a blind SQL injection vulnerability in pics_pre.asp.  
[ USN-684-1.txt ] a5f773b5f80db981aa46e006a4efa56c Ubuntu Security Notice USN-684-1 - Ilja van Sprundel discovered that ClamAV did not handle recursive JPEG information. If a remote attacker sent a specially crafted JPEG file, ClamAV would crash, leading to a denial of service.  
[ binsh-shellcode.txt ] 5b5c34ec04999bdaed22fee8ccfd02ab 39 bytes of Solaris/x86 shellcode that performs setuid(0), execve(/bin/sh); exit(0). NULL free.  
[ catshadow-shellcode.txt ] 43ac829213d2724175265c403f658d2e 59 bytes of Solaris/x86 shellcode that performs setuid(0), execve(/bin/cat, /etc/shadow), exit(0).  
[ fsharp-reverse.pdf ] 646434fe251aefffc57d98fa5e28037a Whitepaper entitled Reverse Engineering Microsoft F#.  
[ dsa-1677-1.txt ] 628566c9879081d980d24250a10d5438 Debian Security Advisory DSA 1677-1 - An integer overflow has been discovered in the image validation code of cupsys, the Common UNIX Printing System. An attacker could trigger this bug by supplying a malicious graphic that could lead to the execution of arbitrary code.  
[ z1exchange-sqlxss.txt ] 5b390745afcfa0684522b79dcc8767c7 z1exchange suffers from cross site scripting and remote SQL injection vulnerabilities.  
[ cmsmaxsite-exec.txt ] 857d5bb777915d414f761d3dc233247a CMS MAXSITE Guestbook component remote command execution exploit.  
[ ocean12ml-sqlxssdisclose.txt ] d9c88cc756b97b1101d9d10bdb9f2419 Ocean12 Mailing List Manager Gold suffers from a direct database download, remote SQL injection, and cross site scripting vulnerabilities.  
[ orkut-sqlxss.txt ] 23280afa08297ab8d28e3faaeea9a26a The Orkut Clone by i-netsolution suffers from cross site scripting and remote SQL injection vulnerabilities.  
[ rapid-disclose.txt ] 650e59945cc139e5465a4c3450c4fc9c Rapid Classified version 3.1 suffers from a remote database disclosure vulnerability.  
[ jbook-disclosesql.txt ] 513a95c3d30b6df14011a17c3db0a2b5 JBook suffers from a remote SQL injection vulnerability that allows for authentication bypass and also suffers from a direct database download.  
[ PLSA-2008-77.txt ] d508983edcad9ea6b153a3aa8b1a2d83 Pardus Linux Security Advisory 2008-77 - Two vulnerabilities have been fixed in ffmpeg which can cause to a DoS (Denial of Service).Versions below 0.4.9_20080909-48-16 are affected.  
[ sunbyte-sql.txt ] 3675361f3ee42f0ef8fc812564aa04fc SunByte e-Flower suffers from a remote SQL injection vulnerability.  
[ cpanel-bypass.txt ] d533ac6575da815696f196eded00e977 CPanel version 11.x privilege escalation exploit that bypasses mod_security and a php restriction.  
[ glsa-200812-07.txt ] d9317149ec967b95a726d07039d000bd Gentoo Linux Security Advisory GLSA 200812-07 - Multiple vulnerabilities have been discovered in Mantis, the most severe of which leading to the remote execution of arbitrary code. Versions less than 1.1.4-r1 are affected.  
[ glsa-200812-06.txt ] bdeaa23fcd3973885c874f66adb24c75 Gentoo Linux Security Advisory GLSA 200812-06 - Multiple vulnerabilities in libxml2 might lead to execution of arbitrary code or Denial of Service. Versions less than 2.7.2-r1 are affected.  
[ glsa-200812-05.txt ] 00b44c420510e7048d105180e9487573 Gentoo Linux Security Advisory GLSA 200812-05 - A buffer overflow vulnerability in libsamplerate might lead to the execution of arbitrary code. Russell O'Connor reported a buffer overflow in src/src_sinc.c related to low conversion ratios. Versions less than 0.1.4 are affected.  
[ glsa-200812-04.txt ] 6d61a182a5ccda6a91f6ad35af1d56b6 Gentoo Linux Security Advisory GLSA 200812-04 - Multiple vulnerabilities in lighttpd may lead to information disclosure or a Denial of Service. Versions less than 1.4.20 are affected.  
[ glsa-200812-03.txt ] c7fd15138337ac691f218c2ec559e538 Gentoo Linux Security Advisory GLSA 200812-03 - IPsec-Tools' racoon is affected by a remote Denial of Service vulnerability. Versions less than 0.7.1 are affected.  
[ glsa-200812-02.txt ] 7798691cbc8349b986a232c8549f5553 Gentoo Linux Security Advisory GLSA 200812-02 - Two buffer overflows in enscript might lead to the execution of arbitrary code. Two stack-based buffer overflows in the read_special_escape() function in src/psgen.c have been reported. Ulf Harnhammar of Secunia Research discovered a vulnerability related to the setfilename command (CVE-2008-3863), and Kees Cook of Ubuntu discovered a vulnerability related to the font escape sequence (CVE-2008-4306). Versions less than 1.6.4-r4 are affected.  
[ glsa-200812-01.txt ] 8e4c29a8a9646253000c04ae38a94b2e Gentoo Linux Security Advisory GLSA 200812-01 - A vulnerability in OptiPNG might result in user-assisted execution of arbitrary code. A buffer overflow in the BMP reader in OptiPNG has been reported. Versions less than 0.6.2 are affected.  
[ USN-683-1.txt ] 8d312ff3d894835bdc57219ce4ff40b7 Ubuntu Security Notice USN-683-1 - It was discovered that Imlib2 did not correctly handle certain malformed XPM images. If a user were tricked into opening a specially crafted image with an application that uses Imlib2, an attacker could cause a denial of service and possibly execute arbitrary code with the user's privileges.  
[ dsa-1676-1.txt ] 912bd5e15a194ab77ca1edf498845d79 Debian Security Advisory 1676-1 - Dmitry E. Oboukhov discovered that flamethrower creates predictable temporary filenames, which may lead to a local denial of service through a symlink attack.  
[ pacpoll-disclose.txt ] d99a14ceeaa24e01d9ce9805c3832314 PacPoll version 4.0 suffers from a remote database disclosure vulnerability.  
[ USN-682-1.txt ] 1560ab2afeeb34aeff6acc170b7a1d4a Ubuntu Security Notice USN-682-1 - It was discovered that libvorbis did not correctly handle certain malformed sound files. If a user were tricked into opening a specially crafted sound file with an application that uses libvorbis, an attacker could execute arbitrary code with the user's privileges.  
[ USN-681-1.txt ] ab83603b48fb33d8beb11a1c24b415c3 Ubuntu Security Notice USN-681-1 - It was discovered that ImageMagick did not correctly handle certain malformed XCF images. If a user were tricked into opening a specially crafted image with an application that uses ImageMagick, an attacker could cause a denial of service and possibly execute arbitrary code with the user's privileges.  
[ BMSA-2008-09.txt ] 509568fd9e424180b690bb987e5349ec Rumpus version 6.0 contains two buffer overflow vulnerabilities in its HTTP and FTP modules. Exploitation details provided.  
[ webhub-bypass.txt ] 10c6c9b665c6704377eeb8047448ba47 Web Hub CMS has a default administrator login/password pair left in the system.  
[ infinite-bypass.txt ] 485257bb148591199e988fc1a3b94d0a Infinite IT Solutions CMS has a default administrator login/password pair left in the system.  
[ VA_VD_87_08_XRDP.pdf ] 65d5e2f4f1dbf66e66c013e9d7dd85d8 Multiple buffer overflow vulnerabilities exist in xrdp which can be leveraged to execute arbitrary code.  
[ TKADV2008-013.txt ] 53dd0932afc1be3807df1da75a8a9fd0 VLC media players versions below 0.9.7 suffer from a RealMedia processing integer overflow vulnerability.  
[ sqlinj-insouts.txt ] c035c0f0774632e35207ea604687ee56 Whitepaper discussing the ins and outs of SQL injection vulnerabilities and exploitation.  
[ bcoos1013-sql.txt ] 8e8d99f3b5eb8254bc857c176abd665f bcoos version 1.0.13 remote SQL injection exploit that makes use of viewcat.php.  
[ preonline-cmsqlxss.txt ] d220b7f0a800b11aee1906db80f88892 Pre Online Tests Generator suffers from cookie manipulation, cross site scripting, and remote SQL injection vulnerabilities.  
[ preclass-sqlxss.txt ] 7bb1766c3df1bdeca1568590dcba35bc Pre Classifieds Listings suffers from cross site scripting and remote SQL injection vulnerabilities.  
[ aspportal-disclose.txt ] 3658ee46705e8b78b1a5c9c51861b27f ASPPortal version 3.2.5 suffers from a remote database disclosure vulnerability.  
[ preshoppingmall-cmsqlxss.txt ] d30d9596ccd72e430a3c8f145aad1edd Pre Shopping Mall suffers from cookie manipulation, cross site scripting, and remote SQL injection vulnerabilities.  
[ ezpoll-sql.txt ] de8608bfc66215dd26e56648ecaf6816 E.Z. Poll version 2 suffers from a SQL injection vulnerability that allows for authentication bypass.  
[ prejobboard-cmsqlxss.txt ] ca06654c7d884a6a743f3b301373e8f7 Pre Job Board suffers from cookie manipulation, cross site scripting, and remote SQL injection vulnerabilities.  
[ preaspjob-xsscm.txt ] 44f2098cb336a892c01df3187a98ea4a Pre ASP Job Board suffers from cookie manipulation and cross site scripting vulnerabilities.  
[ classifieds-xss.txt ] e8f7d798c7b330ddd84f2745227804ed SoftBiz Classifieds Script suffers from multiple cross site scripting vulnerabilities.  
[ phpjobwebsite-cmsqlxss.txt ] a4e54a472ead8eeb3cf3cda5135d486f PHP JobWebSite Pro suffers from cookie manipulation, cross site scripting, and remote SQL injection vulnerabilities.  
[ toast-disclose.txt ] e0f02d3f6cf8bb922d8217dc8e9d40e9 Toast Forums suffers from a database disclosure vulnerability.  
[ aspshoppingcart-xss.txt ] 27466adef74707d6ddc6d1a0729dd195 ASP Shopping Cart suffers from a cross site scripting vulnerability.  
[ aspforum-cmsqlxss.txt ] 54ab851fd69d982362168e408e3c63d5 ASP Forum Script suffers from cookie manipulation, cross site scripting, and remote SQL injection vulnerabilities.  
[ vncrush.txt ] ed58c3b9631ccc841557d59510f429b5 VNCrush is a VNC server fuzzing utility.  
[ rshatter.txt ] 057a05cbc1366b70aebb1f23a8f8c2ab RSHatter is a rsh protocol fuzzing utility.  
[ ewb-overflow.txt ] bd98a61213a2a434a4f72d7ae5fa43e1 Electronics Workbench .EWB file stack buffer overflow proof of concept exploit.  
[ debian-symlink.txt ] bdbc9435e85a7cc7a8765104b6499e9e Debian GNU/Linux symbolic link attack arbitrary file ownership proof of concept exploit.  
[ 0811-exploits.tgz ] 4c82f1f29e6626dc54ea80675384f8e2 Packet Storm new exploits for November, 2008.  
[ dsa-1675-1.txt ] a270ad8083dd0956b7681b12bb56bebb Debian Security Advisory 1675-1 - Masako Oono discovered that phpMyAdmin, a web-based administration interface for MySQL, insufficiently sanitises input allowing a remote attacker to gather sensitive data through cross site scripting, provided that the user uses the Internet Explorer web browser.  
[ andysphpkb-upload.txt ] 57f2258ea6b5bdd482a9ba5c64e16be0 Andy's PHP Knowledgebase version 0.92.9 suffers from an arbitrary file upload vulnerability.  
[ z1exchange-sql.txt ] 83a6043efa9393088dcd9a9a616db09f z1exchange versions 1.0 suffers from a remote SQL injection vulnerability in edit.php.  
[ broadcast-rfi.txt ] 8198cfbd1086bbe4e2f09a3b8a923f06 Broadcast Machine version 0.1 suffers from multiple remote file inclusion vulnerabilities.  
[ cpcommerce-bypass.txt ] 8a67c6d9744fadb9a83cc798169b41a3 cpCommerce version 1.2.6 suffers from input variable overwrite and authentication bypass vulnerabilities.  
[ minimalablog-sqlfubypass.txt ] 9ec5f0536ae171d5ba3242bf27d501f8 Minimal Ablog version 0.4 suffers from file upload, administrative bypass, and remote SQL injection vulnerabilities.  
[ ktpccd-sql.txt ] ad0a2f2f16fa3b1a3ffc081ac17ba2c3 KTP Computer Customer Database CMS suffers from a blind SQL injection vulnerability.  
[ ktpccd-lfi.txt ] 908db80332718321ad09a1a444a66cd4 KTP Computer Customer Database CMS local file inclusion exploit.  
[ activebizdir-sql.txt ] 2bc454ed304fa0e9367deb91d9af4985 Active Business Directory version 2 suffers from a remote blind SQL injection vulnerability.  
[ activetimebilling-sql.txt ] c969118f9f2d1e530e81adc693c8667f Active Time Billing version 3.2 suffers from a SQL injection vulnerability that allows for authentication bypass.  
[ activeprice-blindsql.txt ] 7e96990233ac30d798122a7bd89e8a31 Active Price Comparison version 4 suffers from a blind SQL injection vulnerability.  
[ activephotogal-sql.txt ] aa0269a9d4eefd9afa57a26c735328b5 Active Photo Gallery version 6.2 suffers from a SQL injection vulnerability that allows for authentication bypass.  
[ activewebhelpdesk-sql.txt ] e27528ffd28fca522f5a23d5206433b8 Active Web Helpdesk version 2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.  
[ activewebmail-blindsql.txt ] 9673d6c429848b0389b0267dae62b031 Active Web Mail version 4 suffers from a blind SQL injection vulnerability.  
[ dsa-1674-1.txt ] cf1c348f9336982c7bfdb41148f11a58 Debian Security Advisory 1674-1 - Javier Fernandez-Sanguino Pena discovered that updatejail, a component of the chroot maintenance tool Jailer, creates a predictable temporary file name, which may lead to local denial of service through a symlink attack.  
[ dsa-1673-1.txt ] 6b172a6ccabb4c48e19d3abb7f02dd15 Debian Security Advisory 1673-1 - Several remote vulnerabilities have been discovered network traffic analyzer Wireshark.  
[ activebids-sql.txt ] e951d6ce10698f269567ffffa5991644 Active Bids version 3.5 suffers from a blind SQL injection vulnerability.  
[ activetest21-sql.txt ] 777dc043442c70ccc8f1678ed52ef493 Active Test version 2.1 suffers from a blind SQL injection vulnerability.  
[ activewebmail4-sql.txt ] 5598c51144c84d9bb9c2904247b31dbf Active Web Mail version 4 suffers from a blind SQL injection vulnerability.  
[ activevotes22-sql.txt ] 4c15393b3f1c524c9598b5e245667ceb Active Votes version 2.2 suffers from a blind SQL injection vulnerability.  
[ oramon-disclose.txt ] 5219239d7b4f352e07fe99b998823402 OraMon version 2.0.1 suffers from a remote configuration file disclosure vulnerability.  
[ aspthai-disclose.txt ] 37cc7d80a9c3d5f89e3a4887580eb457 ASPThai.NET Forum version 8.5 suffers from a remote database disclosure vulnerability.  
[ openforum-password.txt ] f9f98107c5d6c44bd400b28443984d22 OpenForum version 0.66 Beta remote administrator password reset exploit.  
[ litolite-sql.txt ] 100fe695f03fd188610bf6dc8dad05ab Lito Lite CMS remote SQL injection exploit that makes use of cate.php.  
[ quicktree-disclose.txt ] 9419fdf8c7f31d4676dcd182d0dcfbb2 Quick Tree View .NET version 3.1 suffers from a qtv.mdg database disclosure vulnerability.  
[ cmsmadesimple-lfi.txt ] 54add7e34d48f6a0e37e638fd84fd29b CMS Made Simple version 1.4.1 suffers from a local file inclusion vulnerability.