Files ≈ Packet Storm

Files ≈ Packet Storm Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 05:56:53 GMT Packet Storm 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1868630217&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0904-exploits%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1868630217.1338184613.1338184613.1338184613.1%3B%2B__utmz%3D32867617.1338184613.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) Packet Storm New Exploits For April, 2009 http://packetstormsecurity.org/files/77193/0904-exploits.tgz http://packetstormsecurity.org/files/77193/0904-exploits.tgz http://packetstormsecurity.org/files/77193/Packet-Storm-New-Exploits-For-April-2009.html Sun, 03 May 2009 01:31:46 GMT Packet Storm new exploits for April, 2009. Packet Filter Null Pointer Dereference http://packetstormsecurity.org/files/77172/pf-nullpointer.txt http://packetstormsecurity.org/files/77172/pf-nullpointer.txt http://packetstormsecurity.org/files/77172/Packet-Filter-Null-Pointer-Dereference.html Fri, 01 May 2009 03:15:21 GMT PF in OpenBSD, NetBSD, and various other Unix variants suffer from a null pointer dereference vulnerability. Mercury Audio Player 1.21 Stack Overflow http://packetstormsecurity.org/files/77168/map121meu-overflow.txt http://packetstormsecurity.org/files/77168/map121meu-overflow.txt http://packetstormsecurity.org/files/77168/Mercury-Audio-Player-1.21-Stack-Overflow.html Fri, 01 May 2009 01:38:00 GMT Mercury Audio Player version 1.21 local stack overflow proof of concept exploit that creates a malicious .m3u file. Mercury Audio Player 1.21 SEH Overwrite http://packetstormsecurity.org/files/77167/map121-overwrite.txt http://packetstormsecurity.org/files/77167/map121-overwrite.txt http://packetstormsecurity.org/files/77167/Mercury-Audio-Player-1.21-SEH-Overwrite.html Fri, 01 May 2009 01:31:46 GMT Mercury Audio Player version 1.21 local SEH overwrite exploit that creates a malicious .pls file. Mercury Audio Player 1.21 Stack Overflow http://packetstormsecurity.org/files/77166/map121-overflow.txt http://packetstormsecurity.org/files/77166/map121-overflow.txt http://packetstormsecurity.org/files/77166/Mercury-Audio-Player-1.21-Stack-Overflow.html Fri, 01 May 2009 01:29:52 GMT Mercury Audio Player version 1.21 local stack overflow exploit that creates a malicious .b4s file. Linux Kernel 2.6 UDEV Privilege Escalation http://packetstormsecurity.org/files/77165/cve-2009-1185.c http://packetstormsecurity.org/files/77165/cve-2009-1185.c http://packetstormsecurity.org/files/77165/Linux-Kernel-2.6-UDEV-Privilege-Escalation.html Fri, 01 May 2009 01:27:18 GMT Linux 2.6 kernel udev versions below 1.4.1 local privilege escalation exploit. Leap CMS 0.1.4 XSS / SQL Injection http://packetstormsecurity.org/files/77164/leapcms-sqlxss.txt http://packetstormsecurity.org/files/77164/leapcms-sqlxss.txt http://packetstormsecurity.org/files/77164/Leap-CMS-0.1.4-XSS-SQL-Injection.html Fri, 01 May 2009 01:18:48 GMT Leap CMS version 0.1.4 suffers from cross site scripting, shell upload, and remote SQL injection vulnerabilities. Leap CMS 0.1.4 SQL Injection http://packetstormsecurity.org/files/77163/leapcms-sql.txt http://packetstormsecurity.org/files/77163/leapcms-sql.txt http://packetstormsecurity.org/files/77163/Leap-CMS-0.1.4-SQL-Injection.html Fri, 01 May 2009 01:16:59 GMT Leap CMS version 0.1.4 remote blind SQL injection exploit. BaoFeng Buffer Overflow http://packetstormsecurity.org/files/77162/baofeng-overflow.txt http://packetstormsecurity.org/files/77162/baofeng-overflow.txt http://packetstormsecurity.org/files/77162/BaoFeng-Buffer-Overflow.html Fri, 01 May 2009 01:15:10 GMT BaoFeng OnBeforeVideoDownload() remote buffer overflow exploit that leverages mps.dll. S-CMS 1.1 Local File Inclusion http://packetstormsecurity.org/files/77122/scms11-lfi.txt http://packetstormsecurity.org/files/77122/scms11-lfi.txt http://packetstormsecurity.org/files/77122/S-CMS-1.1-Local-File-Inclusion.html Wed, 29 Apr 2009 21:49:06 GMT S-CMS version 1.1 suffers from a local file inclusion vulnerability in plugin.php. Tiger DMS SQL Injection http://packetstormsecurity.org/files/77121/tigerdms-sql.txt http://packetstormsecurity.org/files/77121/tigerdms-sql.txt http://packetstormsecurity.org/files/77121/Tiger-DMS-SQL-Injection.html Wed, 29 Apr 2009 21:47:58 GMT Tiger DMS suffers from a remote SQL injection vulnerability that allows for authentication bypass. Zubrag Smart File Download 1.3 File Download http://packetstormsecurity.org/files/77114/zubrag-download.txt http://packetstormsecurity.org/files/77114/zubrag-download.txt http://packetstormsecurity.org/files/77114/Zubrag-Smart-File-Download-1.3-File-Download.html Wed, 29 Apr 2009 21:41:33 GMT Zubrag Smart File Download version 1.3 suffers from an arbitrary file download vulnerability. ProjectCMS 0.1b SQL Injection http://packetstormsecurity.org/files/77113/projectcms-sql.txt http://packetstormsecurity.org/files/77113/projectcms-sql.txt http://packetstormsecurity.org/files/77113/ProjectCMS-0.1b-SQL-Injection.html Wed, 29 Apr 2009 21:40:21 GMT ProjectCMS version 1.0b suffers from a remote SQL injection vulnerability in index.php. eLitius 1.0 SQL Injection http://packetstormsecurity.org/files/77112/elitius-sql.txt http://packetstormsecurity.org/files/77112/elitius-sql.txt http://packetstormsecurity.org/files/77112/eLitius-1.0-SQL-Injection.html Wed, 29 Apr 2009 21:39:18 GMT eLitius version 1.0 suffers from a remote SQL injection vulnerability in banner-details.php. mpegable Player 2.12 Stack Overflow http://packetstormsecurity.org/files/77111/mpegable-overflow.txt http://packetstormsecurity.org/files/77111/mpegable-overflow.txt http://packetstormsecurity.org/files/77111/mpegable-Player-2.12-Stack-Overflow.html Wed, 29 Apr 2009 21:37:53 GMT mpegable Player version 2.12 local stack overflow proof of concept exploit that creates a malicious .yuv file. Baby Web Server 2.7.2.0 File Disclosure http://packetstormsecurity.org/files/77110/bws-disclose.txt http://packetstormsecurity.org/files/77110/bws-disclose.txt http://packetstormsecurity.org/files/77110/Baby-Web-Server-2.7.2.0-File-Disclosure.html Wed, 29 Apr 2009 21:36:26 GMT Baby Web Server version 2.7.2.0 arbitrary file disclosure exploit. LevelOne AMG-2000 Wireless AP Proxy Bypass http://packetstormsecurity.org/files/77109/SA-20090429-0.txt http://packetstormsecurity.org/files/77109/SA-20090429-0.txt http://packetstormsecurity.org/files/77109/LevelOne-AMG-2000-Wireless-AP-Proxy-Bypass.html Wed, 29 Apr 2009 19:19:00 GMT SEC Consult Security Advisory 20090429-0 - LevelOne AMG-2000 Wireless AP Management Gateway suffers from proxy bypass and plain text vulnerabilities. Symantec WinFax Pro 10.03 Buffer Overflow http://packetstormsecurity.org/files/77108/faxviewer-overflow.txt http://packetstormsecurity.org/files/77108/faxviewer-overflow.txt http://packetstormsecurity.org/files/77108/Symantec-WinFax-Pro-10.03-Buffer-Overflow.html Wed, 29 Apr 2009 19:16:19 GMT Symantec Fax Viewer Control in WinFax Pro version 10.03 (DCCFAXVW.DLL) remote buffer overflow exploit. Autodesk IDrop ActiveX Code Execution http://packetstormsecurity.org/files/77102/autodeskidrop-activex.txt http://packetstormsecurity.org/files/77102/autodeskidrop-activex.txt http://packetstormsecurity.org/files/77102/Autodesk-IDrop-ActiveX-Code-Execution.html Wed, 29 Apr 2009 19:02:42 GMT Autodesk IDrop remote code execution Active-X related exploit. Quick N Easy 3.3.5 File Disclosure http://packetstormsecurity.org/files/77101/quickeasy-disclose.txt http://packetstormsecurity.org/files/77101/quickeasy-disclose.txt http://packetstormsecurity.org/files/77101/Quick-N-Easy-3.3.5-File-Disclosure.html Wed, 29 Apr 2009 19:01:41 GMT Quick 'N Easy Web Server version 3.3.5 arbitrary file disclosure exploit. Google Chrome 1.0.154.53 Denial Of Service http://packetstormsecurity.org/files/77080/gcthrow-dos.tgz http://packetstormsecurity.org/files/77080/gcthrow-dos.tgz http://packetstormsecurity.org/files/77080/Google-Chrome-1.0.154.53-Denial-Of-Service.html Tue, 28 Apr 2009 22:31:48 GMT Google Chrome version 1.0.154.53 "throw exception" remote crash and denial of service exploit. MIM:InfiniX 1.2.003 SQL Injection http://packetstormsecurity.org/files/77079/miminfinix-sql.txt http://packetstormsecurity.org/files/77079/miminfinix-sql.txt http://packetstormsecurity.org/files/77079/MIM-InfiniX-1.2.003-SQL-Injection.html Tue, 28 Apr 2009 22:27:11 GMT MIM:InfiniX version 1.2.003 suffers from multiple remote SQL injection vulnerabilities. webSPELL 4.2.0d Local File Disclosure http://packetstormsecurity.org/files/77077/webspell420d-disclose.txt http://packetstormsecurity.org/files/77077/webspell420d-disclose.txt http://packetstormsecurity.org/files/77077/webSPELL-4.2.0d-Local-File-Disclosure.html Tue, 28 Apr 2009 21:44:33 GMT webSPELL versions 4.2.0d and below local file disclosure exploit. VisionLMS 1.0 Password Changer http://packetstormsecurity.org/files/77072/visionlms-passwd.txt http://packetstormsecurity.org/files/77072/visionlms-passwd.txt http://packetstormsecurity.org/files/77072/VisionLMS-1.0-Password-Changer.html Tue, 28 Apr 2009 21:39:37 GMT VisionLMS version 1.0 remote password changing exploit that leverages changePW.php. Linux 2.6 Kernel SCTP Memory Corruption http://packetstormsecurity.org/files/77064/sctp_houdini.c http://packetstormsecurity.org/files/77064/sctp_houdini.c http://packetstormsecurity.org/files/77064/Linux-2.6-Kernel-SCTP-Memory-Corruption.html Tue, 28 Apr 2009 15:29:05 GMT Linux 2.6 kernel SCTP FWD memory corruption remote exploit.