Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 06:11:08 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1315274905&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0711-exploits%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1315274905.1338185468.1338185468.1338185468.1%3B%2B__utmz%3D32867617.1338185468.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/61424/0711-exploits.tgz http://packetstormsecurity.org/files/61424/0711-exploits.tgz http://packetstormsecurity.org/files/61424/0711-exploits.tgz.html Sun, 02 Dec 2007 20:56:07 GMT Packet Storm new exploits for November, 2007. http://packetstormsecurity.org/files/61422/bcoos-sql.txt http://packetstormsecurity.org/files/61422/bcoos-sql.txt http://packetstormsecurity.org/files/61422/bcoos-sql.txt.html Sun, 02 Dec 2007 20:51:19 GMT bcoos versions 1.0.10 and below suffer from a SQL injection vulnerability in ratefile.php. http://packetstormsecurity.org/files/61420/PR07-37.txt http://packetstormsecurity.org/files/61420/PR07-37.txt http://packetstormsecurity.org/files/61420/ProCheckUp-Security-Advisory-2007.37.html Sun, 02 Dec 2007 20:43:38 GMT A cross site scripting vulnerability has been discovered in Apache versions 2.2.x and 2.0.x using a malformed HTTP request with 413 error pages. http://packetstormsecurity.org/files/61418/PR07-15.txt http://packetstormsecurity.org/files/61418/PR07-15.txt http://packetstormsecurity.org/files/61418/ProCheckUp-Security-Advisory-2007.15.html Sun, 02 Dec 2007 20:39:06 GMT The F5 FirePass 4100 SSL VPN is susceptible to cross site scripting vulnerabilities in my.logon.php3. http://packetstormsecurity.org/files/61417/PR07-14.txt http://packetstormsecurity.org/files/61417/PR07-14.txt http://packetstormsecurity.org/files/61417/ProCheckUp-Security-Advisory-2007.14.html Sun, 02 Dec 2007 20:37:49 GMT The F5 FirePass 4100 SSL VPN is susceptible to cross site scripting vulnerabilities in my.activation.php3. http://packetstormsecurity.org/files/61388/ossigeno22-rfi.txt http://packetstormsecurity.org/files/61388/ossigeno22-rfi.txt http://packetstormsecurity.org/files/61388/ossigeno22-rfi.txt.html Fri, 30 Nov 2007 06:44:02 GMT Ossigeno Suite CMS versions 2.2 and below suffer from remote file inclusion vulnerabilities. http://packetstormsecurity.org/files/61385/apc-flaw.txt http://packetstormsecurity.org/files/61385/apc-flaw.txt http://packetstormsecurity.org/files/61385/apc-flaw.txt.html Fri, 30 Nov 2007 06:06:55 GMT APC PDU products appear to be susceptible to a login bypass vulnerability. http://packetstormsecurity.org/files/61380/aquick-winosx.txt http://packetstormsecurity.org/files/61380/aquick-winosx.txt http://packetstormsecurity.org/files/61380/aquick-winosx.txt.html Fri, 30 Nov 2007 05:57:06 GMT Apple Quicktime versions 7.2 and 7.3 RTSP response Content-Type header stack buffer overflow exploit for Mac-OSX and Microsoft Windows. http://packetstormsecurity.org/files/61379/ftpadmin-multi.txt http://packetstormsecurity.org/files/61379/ftpadmin-multi.txt http://packetstormsecurity.org/files/61379/ftpadmin-multi.txt.html Fri, 30 Nov 2007 05:54:37 GMT FTP Admin version 0.1.0 suffers from bypass, local file inclusion, and cross site scripting vulnerabilities. http://packetstormsecurity.org/files/61378/seditio-sql.txt http://packetstormsecurity.org/files/61378/seditio-sql.txt http://packetstormsecurity.org/files/61378/seditio-sql.txt.html Fri, 30 Nov 2007 05:53:26 GMT Seditio CMS versions 1.21 and below remote SQL injection exploit. http://packetstormsecurity.org/files/61377/learnloop2-disclose.txt http://packetstormsecurity.org/files/61377/learnloop2-disclose.txt http://packetstormsecurity.org/files/61377/learnloop2-disclose.txt.html Fri, 30 Nov 2007 05:52:28 GMT LearnLoop version 2.0beta7 suffers from a remote file disclosure vulnerability in file_download.php. http://packetstormsecurity.org/files/61376/kml-disclose.txt http://packetstormsecurity.org/files/61376/kml-disclose.txt http://packetstormsecurity.org/files/61376/kml-disclose.txt.html Fri, 30 Nov 2007 05:51:31 GMT KML Share version 1.1 suffers from a remote file disclosure vulnerability in region.php. http://packetstormsecurity.org/files/61375/webed-disclose.txt http://packetstormsecurity.org/files/61375/webed-disclose.txt http://packetstormsecurity.org/files/61375/webed-disclose.txt.html Fri, 30 Nov 2007 05:50:35 GMT WebED version 0.0.9 suffers from a remote file disclosure vulnerability in index.php. http://packetstormsecurity.org/files/61374/webmeetme-disclose.txt http://packetstormsecurity.org/files/61374/webmeetme-disclose.txt http://packetstormsecurity.org/files/61374/webmeetme-disclose.txt.html Fri, 30 Nov 2007 05:49:55 GMT Web-MeetMe version 3.0.3 suffers from a remote file disclosure vulnerability in play.php. http://packetstormsecurity.org/files/61373/wmp-dos.txt http://packetstormsecurity.org/files/61373/wmp-dos.txt http://packetstormsecurity.org/files/61373/wmp-dos.txt.html Fri, 30 Nov 2007 05:48:42 GMT Windows Media Player AIFF divide by zero exception denial of service proof of concept exploit. http://packetstormsecurity.org/files/61344/bcoos-sqlxss.txt http://packetstormsecurity.org/files/61344/bcoos-sqlxss.txt http://packetstormsecurity.org/files/61344/bcoos-sqlxss.txt.html Thu, 29 Nov 2007 01:15:32 GMT bcoos versions 1.0.10 and below suffer from cross site scripting and SQL injection vulnerabilities. http://packetstormsecurity.org/files/61341/charrays-rfi.txt http://packetstormsecurity.org/files/61341/charrays-rfi.txt http://packetstormsecurity.org/files/61341/charrays-rfi.txt.html Thu, 29 Nov 2007 01:10:12 GMT Charrays CMS version 0.9.3 suffers from multiple remote file inclusion vulnerabilities. http://packetstormsecurity.org/files/61340/ehcp-rfi.txt http://packetstormsecurity.org/files/61340/ehcp-rfi.txt http://packetstormsecurity.org/files/61340/ehcp-rfi.txt.html Thu, 29 Nov 2007 01:09:25 GMT EHCP versions 0.22.8 and below suffer from multiple remote file inclusion vulnerabilities. http://packetstormsecurity.org/files/61339/phpcon-rfi.txt http://packetstormsecurity.org/files/61339/phpcon-rfi.txt http://packetstormsecurity.org/files/61339/phpcon-rfi.txt.html Thu, 29 Nov 2007 01:08:17 GMT PHP-CON version 1.3 suffers from a remote file inclusion vulnerability in include.php. http://packetstormsecurity.org/files/61312/pmapper-rfi.txt http://packetstormsecurity.org/files/61312/pmapper-rfi.txt http://packetstormsecurity.org/files/61312/pmapper-rfi.txt.html Wed, 28 Nov 2007 04:01:51 GMT p.mapper version 3.2.0 suffers from a remote file inclusion vulnerability. http://packetstormsecurity.org/files/61311/liferay-xss.txt http://packetstormsecurity.org/files/61311/liferay-xss.txt http://packetstormsecurity.org/files/61311/liferay-xss.txt.html Wed, 28 Nov 2007 04:00:40 GMT Liferay Enterprise Portal version 4.3.1 suffers from cross site scripting vulnerabilities. http://packetstormsecurity.org/files/61310/phpkit-rfi.txt http://packetstormsecurity.org/files/61310/phpkit-rfi.txt http://packetstormsecurity.org/files/61310/phpkit-rfi.txt.html Wed, 28 Nov 2007 03:59:52 GMT PHPkit version 1.6.1 suffers from a remote file inclusion vulnerability. http://packetstormsecurity.org/files/61308/qt_public.tar.gz http://packetstormsecurity.org/files/61308/qt_public.tar.gz http://packetstormsecurity.org/files/61308/qt_public.tar.gz.html Wed, 28 Nov 2007 03:55:52 GMT Apple QuickTime RTSP response Content-type remote stack rewrite exploit for Internet Explorer 6/7. http://packetstormsecurity.org/files/61307/bitdefenderoscan-activex.txt http://packetstormsecurity.org/files/61307/bitdefenderoscan-activex.txt http://packetstormsecurity.org/files/61307/bitdefenderoscan-activex.txt.html Wed, 28 Nov 2007 03:52:15 GMT BitDefender Online Scanner 8 ActiveX heap overflow exploit that makes use of OScan8.ocx and OScan81.ocx. http://packetstormsecurity.org/files/61306/wpquiz-sql.txt http://packetstormsecurity.org/files/61306/wpquiz-sql.txt http://packetstormsecurity.org/files/61306/wpquiz-sql.txt.html Wed, 28 Nov 2007 03:49:16 GMT wpQuiz version 2.7 suffers from multiple remote SQL injection vulnerabilities.