Files ≈ Packet Storm

Files ≈ Packet Storm Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 06:15:49 GMT Packet Storm 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1812340682&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0802-exploits%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1812340682.1338185749.1338185749.1338185749.1%3B%2B__utmz%3D32867617.1338185749.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) 0802-exploits.tgz http://packetstormsecurity.org/files/64199/0802-exploits.tgz http://packetstormsecurity.org/files/64199/0802-exploits.tgz http://packetstormsecurity.org/files/64199/0802-exploits.tgz.html Mon, 03 Mar 2008 19:40:53 GMT Packet Storm new exploits for February, 2008. Bypass-Myspace-Phisher-Block.txt http://packetstormsecurity.org/files/64195/Bypass-Myspace-Phisher-Block.txt http://packetstormsecurity.org/files/64195/Bypass-Myspace-Phisher-Block.txt http://packetstormsecurity.org/files/64195/Bypass-Myspace-Phisher-Block.txt.html Mon, 03 Mar 2008 19:31:38 GMT A brief example describing a method of bypassing the Myspace.com Phishing blocker. centreon1423-disclose.txt http://packetstormsecurity.org/files/64193/centreon1423-disclose.txt http://packetstormsecurity.org/files/64193/centreon1423-disclose.txt http://packetstormsecurity.org/files/64193/centreon1423-disclose.txt.html Mon, 03 Mar 2008 19:26:29 GMT Centreon versions 1.4.2.3 and below suffer from multiple remote file disclosure vulnerabilities. netoffice-exec.txt http://packetstormsecurity.org/files/64191/netoffice-exec.txt http://packetstormsecurity.org/files/64191/netoffice-exec.txt http://packetstormsecurity.org/files/64191/netoffice-exec.txt.html Mon, 03 Mar 2008 19:23:18 GMT netOffice Dwins versions 1.3 suffers from remote code execution vulnerabilities. phpmyt-rfi.txt http://packetstormsecurity.org/files/64190/phpmyt-rfi.txt http://packetstormsecurity.org/files/64190/phpmyt-rfi.txt http://packetstormsecurity.org/files/64190/phpmyt-rfi.txt.html Mon, 03 Mar 2008 19:22:12 GMT PHPMyTourney suffers from a remote file inclusion vulnerability in index.php. ghostscript-poc.txt http://packetstormsecurity.org/files/64187/ghostscript-poc.txt http://packetstormsecurity.org/files/64187/ghostscript-poc.txt http://packetstormsecurity.org/files/64187/ghostscript-poc.txt.html Mon, 03 Mar 2008 19:16:56 GMT Proof of concept exploit that demonstrates a buffer overflow vulnerability in Ghostscript versions 8.61 and below. symantecback-overflow.txt http://packetstormsecurity.org/files/64184/symantecback-overflow.txt http://packetstormsecurity.org/files/64184/symantecback-overflow.txt http://packetstormsecurity.org/files/64184/symantecback-overflow.txt.html Mon, 03 Mar 2008 19:11:23 GMT Symantec BackupExec Calendar Control (PVCalendar.ocx) buffer overflow exploit. and spawns calc.exe or a shell on tcp/4444. koobicms-sql.txt http://packetstormsecurity.org/files/64183/koobicms-sql.txt http://packetstormsecurity.org/files/64183/koobicms-sql.txt http://packetstormsecurity.org/files/64183/koobicms-sql.txt.html Mon, 03 Mar 2008 19:09:21 GMT Koobi CMS versions 4.3.0 through 4.2.3 suffer from a remote SQL injection vulnerability in index.php. ProCheckUp Security Advisory 2007.41 http://packetstormsecurity.org/files/64133/PR07-41.txt http://packetstormsecurity.org/files/64133/PR07-41.txt http://packetstormsecurity.org/files/64133/ProCheckUp-Security-Advisory-2007.41.html Thu, 28 Feb 2008 20:51:02 GMT Juniper Networks Secure Access 2000 versions prior to 5.5R3 are vulnerable to a cross site scripting vulnerability. Full details provided. 123flash-rfi.txt http://packetstormsecurity.org/files/64131/123flash-rfi.txt http://packetstormsecurity.org/files/64131/123flash-rfi.txt http://packetstormsecurity.org/files/64131/123flash-rfi.txt.html Thu, 28 Feb 2008 20:43:21 GMT The 123 Flash Chat module for phpBB suffers from a remote file inclusion vulnerability. centreon-disclose.txt http://packetstormsecurity.org/files/64126/centreon-disclose.txt http://packetstormsecurity.org/files/64126/centreon-disclose.txt http://packetstormsecurity.org/files/64126/centreon-disclose.txt.html Thu, 28 Feb 2008 20:41:51 GMT Centreon versions 1.4.2.3 and below suffer from a remote file disclosure vulnerability in get_image.php. phpnukemye-sql.txt http://packetstormsecurity.org/files/64125/phpnukemye-sql.txt http://packetstormsecurity.org/files/64125/phpnukemye-sql.txt http://packetstormsecurity.org/files/64125/phpnukemye-sql.txt.html Thu, 28 Feb 2008 20:41:01 GMT The PHP-Nuke module My_eGallery versions 2.7.9 and below suffer from a remote SQL injection vulnerability. barry-rfi.txt http://packetstormsecurity.org/files/64124/barry-rfi.txt http://packetstormsecurity.org/files/64124/barry-rfi.txt http://packetstormsecurity.org/files/64124/barry-rfi.txt.html Thu, 28 Feb 2008 20:40:04 GMT Barryvan Compo Manager version 0.3 suffers from a remote file inclusion vulnerability. podcast-rfidisclose.txt http://packetstormsecurity.org/files/64123/podcast-rfidisclose.txt http://packetstormsecurity.org/files/64123/podcast-rfidisclose.txt http://packetstormsecurity.org/files/64123/podcast-rfidisclose.txt.html Thu, 28 Feb 2008 20:39:12 GMT The Podcast Generator versions 1.0 BETA 2 and below suffer from remote file inclusion and file disclosure vulnerabilities. sbe-rfi.txt http://packetstormsecurity.org/files/64122/sbe-rfi.txt http://packetstormsecurity.org/files/64122/sbe-rfi.txt http://packetstormsecurity.org/files/64122/sbe-rfi.txt.html Thu, 28 Feb 2008 20:37:52 GMT SiteBuilderElite version 1.2 suffers from multiple remote file inclusion vulnerabilities. koobipro-sql.txt http://packetstormsecurity.org/files/64121/koobipro-sql.txt http://packetstormsecurity.org/files/64121/koobipro-sql.txt http://packetstormsecurity.org/files/64121/koobipro-sql.txt.html Thu, 28 Feb 2008 20:37:05 GMT Koobi Pro version 5.7 suffers from a remote SQL injection vulnerability in index.php. crysis-format.txt http://packetstormsecurity.org/files/64120/crysis-format.txt http://packetstormsecurity.org/files/64120/crysis-format.txt http://packetstormsecurity.org/files/64120/crysis-format.txt.html Thu, 28 Feb 2008 20:36:01 GMT Crysis versions 1.1.1.5879 and below suffer from a remote format string denial of service vulnerability. groupe-rfi.txt http://packetstormsecurity.org/files/64119/groupe-rfi.txt http://packetstormsecurity.org/files/64119/groupe-rfi.txt http://packetstormsecurity.org/files/64119/groupe-rfi.txt.html Thu, 28 Feb 2008 02:37:44 GMT GROUP-E version 1.6.41 suffers from a remote file inclusion vulnerability. Core Security Technologies Advisory 2008.0130 http://packetstormsecurity.org/files/64099/CORE-2008-0130.txt http://packetstormsecurity.org/files/64099/CORE-2008-0130.txt http://packetstormsecurity.org/files/64099/Core-Security-Technologies-Advisory-2008.0130.html Wed, 27 Feb 2008 20:02:21 GMT Core Security Technologies Advisory - The VideoLAN (VLC) media player package is vulnerable to an arbitrary memory corruption vulnerability, which can be exploited by malicious remote attackers to compromise a user's system. VLC versions 0.8.6d and below and Miro Player versions 1.1 and below are vulnerable. Proof of concept code included. officescaz.zip http://packetstormsecurity.org/files/64098/officescaz.zip http://packetstormsecurity.org/files/64098/officescaz.zip http://packetstormsecurity.org/files/64098/officescaz.zip.html Wed, 27 Feb 2008 19:58:55 GMT Proof of concept exploits for Trend Micro OfficeScan Corporate Edition versions 8.0 Patch 2 and below and versions 7.3 Patch 3 and below which suffer from buffer overflow and dead process vulnerabilities. To use the exploits, nc SERVER 8080 -v -v here. authentix-xss.txt http://packetstormsecurity.org/files/64092/authentix-xss.txt http://packetstormsecurity.org/files/64092/authentix-xss.txt http://packetstormsecurity.org/files/64092/authentix-xss.txt.html Wed, 27 Feb 2008 18:32:49 GMT The AuthentiX administration page suffers from cross site scripting vulnerabilities. eazyportal-sql.txt http://packetstormsecurity.org/files/64090/eazyportal-sql.txt http://packetstormsecurity.org/files/64090/eazyportal-sql.txt http://packetstormsecurity.org/files/64090/eazyportal-sql.txt.html Wed, 27 Feb 2008 18:27:38 GMT EazyPortal versions 1.0 and below cookie-related remote SQL injection exploit. mambosimple-sql.txt http://packetstormsecurity.org/files/64089/mambosimple-sql.txt http://packetstormsecurity.org/files/64089/mambosimple-sql.txt http://packetstormsecurity.org/files/64089/mambosimple-sql.txt.html Wed, 27 Feb 2008 18:26:28 GMT Mambo Simpleboard Forum component version 1.0.3 Stable suffers from a remote SQL injection vulnerability. ezyedit-xss.txt http://packetstormsecurity.org/files/64069/ezyedit-xss.txt http://packetstormsecurity.org/files/64069/ezyedit-xss.txt http://packetstormsecurity.org/files/64069/ezyedit-xss.txt.html Tue, 26 Feb 2008 23:57:01 GMT ezyEdit 2007 is susceptible to cross site scripting vulnerabilities. nukeditadmin-sql.txt http://packetstormsecurity.org/files/64067/nukeditadmin-sql.txt http://packetstormsecurity.org/files/64067/nukeditadmin-sql.txt http://packetstormsecurity.org/files/64067/nukeditadmin-sql.txt.html Tue, 26 Feb 2008 23:53:41 GMT Nukedit version 4.9.x remote create admin SQL injection exploit.