Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Sun, 27 May 2012 22:40:51 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1442382148&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0808-exploits%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1442382148.1338158451.1338158451.1338158451.1%3B%2B__utmz%3D32867617.1338158451.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/69545/0808-exploits.tgz http://packetstormsecurity.org/files/69545/0808-exploits.tgz http://packetstormsecurity.org/files/69545/0808-exploits.tgz.html Wed, 03 Sep 2008 01:12:13 GMT Packet Storm new exploits for August, 2008. http://packetstormsecurity.org/files/69543/mimocms-sql.txt http://packetstormsecurity.org/files/69543/mimocms-sql.txt http://packetstormsecurity.org/files/69543/mimocms-sql.txt.html Mon, 01 Sep 2008 00:05:00 GMT Mimo Multimedia CMS suffers from a remote SQL injection vulnerability. http://packetstormsecurity.org/files/69542/rs_pocfix.txt http://packetstormsecurity.org/files/69542/rs_pocfix.txt http://packetstormsecurity.org/files/69542/rs_pocfix.txt.html Sun, 31 Aug 2008 23:59:00 GMT Proof of concept exploit for the local root vulnerability in Postfix. Original discovery by Sebastian Krahmer. http://packetstormsecurity.org/files/69540/atmail542-xss.txt http://packetstormsecurity.org/files/69540/atmail542-xss.txt http://packetstormsecurity.org/files/69540/atmail542-xss.txt.html Sun, 31 Aug 2008 23:52:00 GMT @mail version 5.42 suffers from multiple cross site scripting vulnerabilities. http://packetstormsecurity.org/files/69535/osp-sqlxssxsrf.txt http://packetstormsecurity.org/files/69535/osp-sqlxssxsrf.txt http://packetstormsecurity.org/files/69535/osp-sqlxssxsrf.txt.html Sun, 31 Aug 2008 23:30:00 GMT OpenSharePoint version 0.4.0 RC3 suffers from remote SQL injection, cross site scripting, and cross site request forgery vulnerabilities. http://packetstormsecurity.org/files/69534/omcd-xssxsrf.txt http://packetstormsecurity.org/files/69534/omcd-xssxsrf.txt http://packetstormsecurity.org/files/69534/omcd-xssxsrf.txt.html Sun, 31 Aug 2008 23:02:00 GMT Open Media Collectors Database version 1.0.6 suffers from cross site scripting and cross site request forgery vulnerabilities. http://packetstormsecurity.org/files/69532/webid-sql.txt http://packetstormsecurity.org/files/69532/webid-sql.txt http://packetstormsecurity.org/files/69532/webid-sql.txt.html Sat, 30 Aug 2008 16:33:00 GMT WeBid version 0.5.4 suffers from SQL injection and cascading style sheet editing vulnerabilities. http://packetstormsecurity.org/files/69531/myphpnuke-sqlxss.txt http://packetstormsecurity.org/files/69531/myphpnuke-sqlxss.txt http://packetstormsecurity.org/files/69531/myphpnuke-sqlxss.txt.html Sat, 30 Aug 2008 16:29:00 GMT myPHPNuke versions below 1.8.8_8rc2 suffer from cross site scripting and remote SQL injection vulnerabilities. http://packetstormsecurity.org/files/69530/wordstag-sql.txt http://packetstormsecurity.org/files/69530/wordstag-sql.txt http://packetstormsecurity.org/files/69530/wordstag-sql.txt.html Sat, 30 Aug 2008 16:10:00 GMT Words Tag Script version 1.2 suffers from a SQL injection vulnerability. http://packetstormsecurity.org/files/69529/webdirscript-sql.txt http://packetstormsecurity.org/files/69529/webdirscript-sql.txt http://packetstormsecurity.org/files/69529/webdirscript-sql.txt.html Sat, 30 Aug 2008 16:09:00 GMT Web Directory Script version 1.5.3 suffers from a SQL injection vulnerability. http://packetstormsecurity.org/files/69528/brim-sqlxss.txt http://packetstormsecurity.org/files/69528/brim-sqlxss.txt http://packetstormsecurity.org/files/69528/brim-sqlxss.txt.html Sat, 30 Aug 2008 16:04:00 GMT Brim version 2.0.0 suffers from remote SQL injection and cross site scripting vulnerabilities. http://packetstormsecurity.org/files/69527/friendly-readwrite.txt http://packetstormsecurity.org/files/69527/friendly-readwrite.txt http://packetstormsecurity.org/files/69527/friendly-readwrite.txt.html Sat, 30 Aug 2008 16:01:00 GMT Friendly Technologies read/write register/read files exploit. http://packetstormsecurity.org/files/69481/phpemlak-sql.txt http://packetstormsecurity.org/files/69481/phpemlak-sql.txt http://packetstormsecurity.org/files/69481/phpemlak-sql.txt.html Fri, 29 Aug 2008 16:08:02 GMT Full PHP Emlak Script suffers from a remote SQL injection vulnerability in landsee.php. http://packetstormsecurity.org/files/69479/logmein-activex.txt http://packetstormsecurity.org/files/69479/logmein-activex.txt http://packetstormsecurity.org/files/69479/logmein-activex.txt.html Fri, 29 Aug 2008 15:54:48 GMT LogMeIn remote access utility Active-X memory consumption denial of service exploit. http://packetstormsecurity.org/files/69478/najdisi-overflow.txt http://packetstormsecurity.org/files/69478/najdisi-overflow.txt http://packetstormsecurity.org/files/69478/najdisi-overflow.txt.html Fri, 29 Aug 2008 15:52:26 GMT Najdi.si Toolbar Active-X remote buffer overflow proof of concept exploit. http://packetstormsecurity.org/files/69477/ipb235-multi.txt http://packetstormsecurity.org/files/69477/ipb235-multi.txt http://packetstormsecurity.org/files/69477/ipb235-multi.txt.html Fri, 29 Aug 2008 15:51:33 GMT Invision Power Board versions 2.3.5 and below remote exploit that brute forces, attempts IDS evasion, and more. http://packetstormsecurity.org/files/69476/hoagie_snoop.c http://packetstormsecurity.org/files/69476/hoagie_snoop.c http://packetstormsecurity.org/files/69476/hoagie_snoop.c.html Fri, 29 Aug 2008 15:47:06 GMT Sun Solaris 8/9/10 and OpenSolaris versions below snv_96 snoop utility remote exploit. http://packetstormsecurity.org/files/69468/dotproject-sqlxss.txt http://packetstormsecurity.org/files/69468/dotproject-sqlxss.txt http://packetstormsecurity.org/files/69468/dotproject-sqlxss.txt.html Fri, 29 Aug 2008 05:40:44 GMT dotProject version 2.1.2 suffers from cross site scripting and SQL injection vulnerabilities. http://packetstormsecurity.org/files/69464/mercadolibre-xssrfi.txt http://packetstormsecurity.org/files/69464/mercadolibre-xssrfi.txt http://packetstormsecurity.org/files/69464/mercadolibre-xssrfi.txt.html Fri, 29 Aug 2008 05:11:59 GMT Mercadolibre.com suffers from cross site scripting and remote javascript insertion vulnerabilities. http://packetstormsecurity.org/files/69462/friendly-exec.txt http://packetstormsecurity.org/files/69462/friendly-exec.txt http://packetstormsecurity.org/files/69462/friendly-exec.txt.html Fri, 29 Aug 2008 05:07:36 GMT Friendly Technologies Active-X related remote command execution exploit that leverages fwRemoteCfg.dll. http://packetstormsecurity.org/files/69461/friendly-fwremotecfg.txt http://packetstormsecurity.org/files/69461/friendly-fwremotecfg.txt http://packetstormsecurity.org/files/69461/friendly-fwremotecfg.txt.html Fri, 29 Aug 2008 05:02:00 GMT Friendly Technologies Active-X remote buffer overflow exploit that leverages fwRemoteCfg.dll. http://packetstormsecurity.org/files/69460/acoustica-overflow.txt http://packetstormsecurity.org/files/69460/acoustica-overflow.txt http://packetstormsecurity.org/files/69460/acoustica-overflow.txt.html Fri, 29 Aug 2008 04:51:25 GMT Acoustica Mixcraft versions 4.2 Build 98 and below mx4 file local buffer overflow exploit. http://packetstormsecurity.org/files/69458/kyocera-traversal.txt http://packetstormsecurity.org/files/69458/kyocera-traversal.txt http://packetstormsecurity.org/files/69458/kyocera-traversal.txt.html Wed, 27 Aug 2008 22:02:09 GMT Kyocera Command Center suffers from a directory traversal vulnerability. http://packetstormsecurity.org/files/69457/searchengine-sql.txt http://packetstormsecurity.org/files/69457/searchengine-sql.txt http://packetstormsecurity.org/files/69457/searchengine-sql.txt.html Wed, 27 Aug 2008 22:00:32 GMT Search Engine suffers from a remote SQL injection vulnerability in viewcat.php. http://packetstormsecurity.org/files/69456/igshopdisp-sql.txt http://packetstormsecurity.org/files/69456/igshopdisp-sql.txt http://packetstormsecurity.org/files/69456/igshopdisp-sql.txt.html Wed, 27 Aug 2008 21:59:19 GMT iG Shop suffers from a remote SQL injection vulnerability in display_review.php.