Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 05:21:35 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1821843502&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0607-exploits%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1821843502.1338182495.1338182495.1338182495.1%3B%2B__utmz%3D32867617.1338182495.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/47955/0607-exploits.tgz http://packetstormsecurity.org/files/47955/0607-exploits.tgz http://packetstormsecurity.org/files/47955/0607-exploits.tgz.html Thu, 17 Aug 2006 07:15:18 GMT Packet Storm new exploits for July, 2006. http://packetstormsecurity.org/files/48782/mambatstaff.txt http://packetstormsecurity.org/files/48782/mambatstaff.txt http://packetstormsecurity.org/files/48782/mambatstaff.txt.html Thu, 03 Aug 2006 06:50:14 GMT The mambatstaff Mambo component is susceptible to a remote file inclusion flaw. http://packetstormsecurity.org/files/48780/colophon.txt http://packetstormsecurity.org/files/48780/colophon.txt http://packetstormsecurity.org/files/48780/colophon.txt.html Thu, 03 Aug 2006 05:39:56 GMT Colophon versions 1.2 and below suffer from a remote file inclusion vulnerability. http://packetstormsecurity.org/files/48779/coppermine122.txt http://packetstormsecurity.org/files/48779/coppermine122.txt http://packetstormsecurity.org/files/48779/coppermine122.txt.html Thu, 03 Aug 2006 05:38:47 GMT Coppermine Photo Gallery version 1.2.2b-Nuke suffers from remote file inclusion vulnerabilities. http://packetstormsecurity.org/files/48778/mgm095.txt http://packetstormsecurity.org/files/48778/mgm095.txt http://packetstormsecurity.org/files/48778/mgm095.txt.html Thu, 03 Aug 2006 05:37:49 GMT Mambo Gallery Manager version 095.r3 suffers from remote file inclusion vulnerabilities. http://packetstormsecurity.org/files/48774/gdiplus.pl.txt http://packetstormsecurity.org/files/48774/gdiplus.pl.txt http://packetstormsecurity.org/files/48774/gdiplus.pl.txt.html Thu, 03 Aug 2006 05:19:26 GMT Gidplus.dll division by 0 proof of concept exploit. http://packetstormsecurity.org/files/48773/mobb.tgz http://packetstormsecurity.org/files/48773/mobb.tgz http://packetstormsecurity.org/files/48773/mobb.tgz.html Thu, 03 Aug 2006 05:18:08 GMT Exploit for Mozilla Firefox versions 1.5.0.4 and below. The demonstration exploit below will attempt to launch "calc.exe" on Windows systems, execute "touch /tmp/METASPLOIT" on Linux systems, and bind a command shell to port 4444 for Mac OS X Intel and PowerPC systems. An anonymous researcher for TippingPoint and the Zero Day Initiative showed that when used in a web page Java would reference properties of the window.navigator object as it started up. If the page replaced the navigator object before starting Java then the browser would crash in a way that could be exploited to run native code supplied by the attacker. http://packetstormsecurity.org/files/48764/drjr7.txt http://packetstormsecurity.org/files/48764/drjr7.txt http://packetstormsecurity.org/files/48764/drjr7.txt.html Thu, 03 Aug 2006 04:51:44 GMT Dr.Jr7 Gallery version 3.2 RC1 suffers from a remote file inclusion flaw. http://packetstormsecurity.org/files/48760/portailphp17.txt http://packetstormsecurity.org/files/48760/portailphp17.txt http://packetstormsecurity.org/files/48760/portailphp17.txt.html Thu, 03 Aug 2006 04:43:50 GMT Portail PHP version 1.7 suffers from a remote file inclusion vulnerability. http://packetstormsecurity.org/files/48755/guestbook130.txt http://packetstormsecurity.org/files/48755/guestbook130.txt http://packetstormsecurity.org/files/48755/guestbook130.txt.html Thu, 03 Aug 2006 04:36:03 GMT Guestbook Mambo Module versions 1.3.0 and below suffer from a remote file inclusion vulnerability. http://packetstormsecurity.org/files/48754/phpnukeXSSaria.txt http://packetstormsecurity.org/files/48754/phpnukeXSSaria.txt http://packetstormsecurity.org/files/48754/phpnukeXSSaria.txt.html Thu, 03 Aug 2006 04:34:41 GMT PHP-Nuke INP is susceptible to cross site scripting. http://packetstormsecurity.org/files/48753/chessInclude.txt http://packetstormsecurity.org/files/48753/chessInclude.txt http://packetstormsecurity.org/files/48753/chessInclude.txt.html Thu, 03 Aug 2006 04:02:00 GMT PrinceClan Chess Mambo Com versions 0.8 and below suffer from a remote file inclusion flaw. http://packetstormsecurity.org/files/48664/JD-WordPress.txt http://packetstormsecurity.org/files/48664/JD-WordPress.txt http://packetstormsecurity.org/files/48664/JD-WordPress.txt.html Fri, 28 Jul 2006 03:39:41 GMT JD-WordPress suffers from a remote file inclusion vulnerability. http://packetstormsecurity.org/files/48663/itts_sharedex2.c http://packetstormsecurity.org/files/48663/itts_sharedex2.c http://packetstormsecurity.org/files/48663/itts_sharedex2.c.html Fri, 28 Jul 2006 03:37:02 GMT Heartbeat versions below 2.0.6 insecure shared memory local denial of service exploit. http://packetstormsecurity.org/files/48655/phorum5114local.txt http://packetstormsecurity.org/files/48655/phorum5114local.txt http://packetstormsecurity.org/files/48655/phorum5114local.txt.html Fri, 28 Jul 2006 03:22:20 GMT Phorum version 5.1.14 is susceptible to cross site scripting and local file inclusion attacks. http://packetstormsecurity.org/files/48653/geoClassifieds.txt http://packetstormsecurity.org/files/48653/geoClassifieds.txt http://packetstormsecurity.org/files/48653/geoClassifieds.txt.html Fri, 28 Jul 2006 03:19:52 GMT GeoClassifieds Enterprise version 2.0.5.2 is susceptible to cross site scripting attacks. http://packetstormsecurity.org/files/48651/eIQ-ESA.txt http://packetstormsecurity.org/files/48651/eIQ-ESA.txt http://packetstormsecurity.org/files/48651/eIQ-ESA.txt.html Fri, 28 Jul 2006 03:14:54 GMT Remote exploit for the Syslog server by eIQnetworks that has a vulnerability when processing long strings transmitted to its TCP port. http://packetstormsecurity.org/files/48650/eIQ-LM-3.txt http://packetstormsecurity.org/files/48650/eIQ-LM-3.txt http://packetstormsecurity.org/files/48650/eIQ-LM-3.txt.html Fri, 28 Jul 2006 03:12:03 GMT Remote exploit for the buffer overflow found in the LICMGR_ADDLICENSE Field of EIQ networks network analyzer. http://packetstormsecurity.org/files/48649/eIQ-LM-2.txt http://packetstormsecurity.org/files/48649/eIQ-LM-2.txt http://packetstormsecurity.org/files/48649/eIQ-LM-2.txt.html Fri, 28 Jul 2006 03:09:34 GMT This Metasploit module exploits the buffer overflow found in the LICMGR_ADDLICENSE Field of EIQ networks network analyzer. This module exploits buffers of 1262 bytes in size. This module should work on all rebranded eiq analyzers. Exploitation assistance from KF of digital munition. http://packetstormsecurity.org/files/48648/eIQ-LM-1.txt http://packetstormsecurity.org/files/48648/eIQ-LM-1.txt http://packetstormsecurity.org/files/48648/eIQ-LM-1.txt.html Fri, 28 Jul 2006 03:08:16 GMT This Metasploit module exploits the buffer overflow found in the LICMGR_ADDLICENSE Field of EIQ networks network analyzer. This module exploits buffers of 494 bytes in size. This module should work on all EIQ branded analyzers. Exploitation assistance from KF. http://packetstormsecurity.org/files/48647/etomiteCMS-061-SQL.txt http://packetstormsecurity.org/files/48647/etomiteCMS-061-SQL.txt http://packetstormsecurity.org/files/48647/etomiteCMS-061-SQL.txt.html Fri, 28 Jul 2006 03:04:25 GMT Etomite CMS versions 0.6.1 and below 'username' SQL injection and administrative credential disclosure exploit. http://packetstormsecurity.org/files/48646/WMNewsInclude.txt http://packetstormsecurity.org/files/48646/WMNewsInclude.txt http://packetstormsecurity.org/files/48646/WMNewsInclude.txt.html Fri, 28 Jul 2006 03:02:24 GMT WMNews suffers from a remote file inclusion vulnerability. http://packetstormsecurity.org/files/48645/a6mambohelp.txt http://packetstormsecurity.org/files/48645/a6mambohelp.txt http://packetstormsecurity.org/files/48645/a6mambohelp.txt.html Fri, 28 Jul 2006 03:01:13 GMT A remote file inclusion flaw exists in the a6mambohelpdesk Mambo component versions 18RC1 and below. http://packetstormsecurity.org/files/48644/trionPWN.pl.txt http://packetstormsecurity.org/files/48644/trionPWN.pl.txt http://packetstormsecurity.org/files/48644/trionPWN.pl.txt.html Fri, 28 Jul 2006 02:55:30 GMT Triton version 1.0.4 remote exploit for the sipxtapi vulnerability. http://packetstormsecurity.org/files/48642/MttKe-php.txt http://packetstormsecurity.org/files/48642/MttKe-php.txt http://packetstormsecurity.org/files/48642/MttKe-php.txt.html Fri, 28 Jul 2006 02:51:52 GMT MttKe-php version 2.6 suffers from a cross site scripting flaw.