Files ≈ Packet Storm

Files ≈ Packet Storm Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 05:57:22 GMT Packet Storm 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1151579748&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0905-exploits%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1151579748.1338184642.1338184642.1338184642.1%3B%2B__utmz%3D32867617.1338184642.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) Packet Storm New Exploits For May, 2009 http://packetstormsecurity.org/files/77982/0905-exploits.tgz http://packetstormsecurity.org/files/77982/0905-exploits.tgz http://packetstormsecurity.org/files/77982/Packet-Storm-New-Exploits-For-May-2009.html Tue, 02 Jun 2009 23:04:44 GMT Packet Storm new exploits for May, 2009. ICQ 6.5 File Processing http://packetstormsecurity.org/files/77951/9sg_icq_dos.txt http://packetstormsecurity.org/files/77951/9sg_icq_dos.txt http://packetstormsecurity.org/files/77951/ICQ-6.5-File-Processing.html Sat, 30 May 2009 18:07:32 GMT ICQ 6.5 URL Search Hook / ICQToolBar.dll .URL file processing Windows Explorer remote buffer overflow proof of concept exploit. Traidnt Up 2.0 SQL Injection http://packetstormsecurity.org/files/77948/traidntup-sql.txt http://packetstormsecurity.org/files/77948/traidntup-sql.txt http://packetstormsecurity.org/files/77948/Traidnt-Up-2.0-SQL-Injection.html Sat, 30 May 2009 17:53:50 GMT Traidnt Up version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Million Dollar Text Links 1.0 SQL Injection http://packetstormsecurity.org/files/77947/mdtl-sql.txt http://packetstormsecurity.org/files/77947/mdtl-sql.txt http://packetstormsecurity.org/files/77947/Million-Dollar-Text-Links-1.0-SQL-Injection.html Sat, 30 May 2009 17:52:37 GMT Million Dollar Text Links versions 1.0 and below suffer from a remote SQL injection vulnerability. ZeusCart 2.3 SQL Injection http://packetstormsecurity.org/files/77945/zeuscart23-sql.txt http://packetstormsecurity.org/files/77945/zeuscart23-sql.txt http://packetstormsecurity.org/files/77945/ZeusCart-2.3-SQL-Injection.html Sat, 30 May 2009 14:29:10 GMT ZeusCart versions 2.3 and be low suffer from a remote SQL injection vulnerability. Adobe Acrobat 9.1.1 Stack Overflow http://packetstormsecurity.org/files/77944/crashy_the_clown.tgz http://packetstormsecurity.org/files/77944/crashy_the_clown.tgz http://packetstormsecurity.org/files/77944/Adobe-Acrobat-9.1.1-Stack-Overflow.html Sat, 30 May 2009 14:23:31 GMT This is a pdf proof of concept exploit that demonstrates a stack overflow crash in Adobe Acrobat versions 9.1.1 and below. Written to work on Mac OS X and Microsoft Windows. Arab Portal 2.2 SQL Injection http://packetstormsecurity.org/files/77943/arabportal-sql.txt http://packetstormsecurity.org/files/77943/arabportal-sql.txt http://packetstormsecurity.org/files/77943/Arab-Portal-2.2-SQL-Injection.html Sat, 30 May 2009 14:18:22 GMT Arab Portal version 2.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass. SonicWALL Format String Vulnerability http://packetstormsecurity.org/files/77942/200905-sonicwall.txt http://packetstormsecurity.org/files/77942/200905-sonicwall.txt http://packetstormsecurity.org/files/77942/SonicWALL-Format-String-Vulnerability.html Sat, 30 May 2009 14:15:11 GMT The SonicWALL SSL-VPN suffers from a format string vulnerability. Zen Help Desk 2.1 SQL Injection http://packetstormsecurity.org/files/77941/zenhelpdesk-sql.txt http://packetstormsecurity.org/files/77941/zenhelpdesk-sql.txt http://packetstormsecurity.org/files/77941/Zen-Help-Desk-2.1-SQL-Injection.html Sat, 30 May 2009 14:11:23 GMT Zen Help Desk version 2.1 suffers from a remote SQL injection that allows for authentication bypass. Webboard 2.90 Beta File Disclosure http://packetstormsecurity.org/files/77940/webboard-disclose.txt http://packetstormsecurity.org/files/77940/webboard-disclose.txt http://packetstormsecurity.org/files/77940/Webboard-2.90-Beta-File-Disclosure.html Sat, 30 May 2009 14:10:04 GMT Webboard versions 2.90 Beta and below suffer from a remote file disclosure vulnerability. Joomla JVideo 0.3.x SQL Injection http://packetstormsecurity.org/files/77939/joomlajvideo-sql.txt http://packetstormsecurity.org/files/77939/joomlajvideo-sql.txt http://packetstormsecurity.org/files/77939/Joomla-JVideo-0.3.x-SQL-Injection.html Sat, 30 May 2009 14:08:45 GMT The Joomla JVideo component version 0.3.x suffers from a remote SQL injection vulnerability. Roxio CinePlayer 3.2 Buffer Overflow http://packetstormsecurity.org/files/77938/roxiocineplayer-overflow.txt http://packetstormsecurity.org/files/77938/roxiocineplayer-overflow.txt http://packetstormsecurity.org/files/77938/Roxio-CinePlayer-3.2-Buffer-Overflow.html Sat, 30 May 2009 14:04:27 GMT Roxio CinePlayer version 3.2 remote buffer overflow exploit that leverages SonicMediaPlayer.dll. ECShop PHP Code Execution http://packetstormsecurity.org/files/77922/ecshop-exec.txt http://packetstormsecurity.org/files/77922/ecshop-exec.txt http://packetstormsecurity.org/files/77922/ECShop-PHP-Code-Execution.html Fri, 29 May 2009 01:38:54 GMT ECShop version 2.6.2 suffers from a remote php code execution vulnerability. Firefox Denial Of Service http://packetstormsecurity.org/files/77919/TZO-27-2009.txt http://packetstormsecurity.org/files/77919/TZO-27-2009.txt http://packetstormsecurity.org/files/77919/Firefox-Denial-Of-Service.html Fri, 29 May 2009 00:56:55 GMT Mozilla Firefox 3.x suffers from a remote denial of service vulnerability. Small Pirates 2.1 SQL Injection http://packetstormsecurity.org/files/77914/smallpirates-sql.txt http://packetstormsecurity.org/files/77914/smallpirates-sql.txt http://packetstormsecurity.org/files/77914/Small-Pirates-2.1-SQL-Injection.html Fri, 29 May 2009 00:21:45 GMT Small Pirates version 2.1 suffers from SQL injection and cookie stealing vulnerabilities. AdPeeps 8.5d1 Cross Site Scripting http://packetstormsecurity.org/files/77875/adrotator-xss.txt http://packetstormsecurity.org/files/77875/adrotator-xss.txt http://packetstormsecurity.org/files/77875/AdPeeps-8.5d1-Cross-Site-Scripting.html Wed, 27 May 2009 22:33:36 GMT AdPeeps version 8.5d1 suffers from cross site scripting and HTML injection vulnerabilities. Evernew Free Joke Script 1.2 SQL Injection http://packetstormsecurity.org/files/77874/evernewfreejoke-sql.txt http://packetstormsecurity.org/files/77874/evernewfreejoke-sql.txt http://packetstormsecurity.org/files/77874/Evernew-Free-Joke-Script-1.2-SQL-Injection.html Wed, 27 May 2009 22:31:31 GMT Evernew Free Joke Script version 1.2 suffers from a remote SQL injection vulnerability. SiteX 0.7.4.418 Local File Inclusion http://packetstormsecurity.org/files/77873/sitex-lfi.txt http://packetstormsecurity.org/files/77873/sitex-lfi.txt http://packetstormsecurity.org/files/77873/SiteX-0.7.4.418-Local-File-Inclusion.html Wed, 27 May 2009 22:30:05 GMT SiteX versions 0.7.4.418 and below suffer from local file inclusion vulnerabilities. Vanilla 1.1.7 Cross Site Scripting http://packetstormsecurity.org/files/77869/vanilla117-xss.txt http://packetstormsecurity.org/files/77869/vanilla117-xss.txt http://packetstormsecurity.org/files/77869/Vanilla-1.1.7-Cross-Site-Scripting.html Wed, 27 May 2009 22:17:45 GMT Vanilla version 1.1.7 suffers from a cross site scripting vulnerability. PHP-Nuke 8.0 SQL Injection http://packetstormsecurity.org/files/77868/phpnuke80ref-sql.txt http://packetstormsecurity.org/files/77868/phpnuke80ref-sql.txt http://packetstormsecurity.org/files/77868/PHP-Nuke-8.0-SQL-Injection.html Wed, 27 May 2009 22:15:06 GMT PHP-Nuke version 8.0 suffers from a REFERER related SQL injection vulnerability. Easy Px 41 CMS Local File Inclusion http://packetstormsecurity.org/files/77867/easypxcms-lfi.txt http://packetstormsecurity.org/files/77867/easypxcms-lfi.txt http://packetstormsecurity.org/files/77867/Easy-Px-41-CMS-Local-File-Inclusion.html Wed, 27 May 2009 22:13:58 GMT Easy Px 41 CMS version 09.00.00B1 suffers from a local file inclusion vulnerability. Joomla AgoraGroup 0.3.5.3 SQL Injection http://packetstormsecurity.org/files/77866/joomlaagora-sql.txt http://packetstormsecurity.org/files/77866/joomlaagora-sql.txt http://packetstormsecurity.org/files/77866/Joomla-AgoraGroup-0.3.5.3-SQL-Injection.html Wed, 27 May 2009 22:12:19 GMT The Joomla AgoraGroup component version 0.3.5.3 suffers from a blind SQL injection vulnerability. Million Dollar Text Links 1.x Insecure Cookie http://packetstormsecurity.org/files/77865/milliondollartext-insecure.txt http://packetstormsecurity.org/files/77865/milliondollartext-insecure.txt http://packetstormsecurity.org/files/77865/Million-Dollar-Text-Links-1.x-Insecure-Cookie.html Wed, 27 May 2009 22:11:00 GMT Million Dollar Text Links version 1.x suffers from an insecure cookie handling vulnerability. SonicOS Format String http://packetstormsecurity.org/files/77859/SA-20090525-4.txt http://packetstormsecurity.org/files/77859/SA-20090525-4.txt http://packetstormsecurity.org/files/77859/SonicOS-Format-String.html Wed, 27 May 2009 03:09:38 GMT SEC Consult Security Advisory 20090525-4 - A format string vulnerability exists in the logfile parsing function of SonicOS. An attacker could crash the system or execute arbitrary code by injecting format string metacharacters into the logfile, if an administrator subsequently uses the SonicOS GUI to view the log. SonicWALL Global VPN Client Privilege Escalation http://packetstormsecurity.org/files/77858/SA-20090525-3.txt http://packetstormsecurity.org/files/77858/SA-20090525-3.txt http://packetstormsecurity.org/files/77858/SonicWALL-Global-VPN-Client-Privilege-Escalation.html Wed, 27 May 2009 03:08:11 GMT SEC Consult Security Advisory 20090525-3 - The SonicWALL Global VPN Client versions 4.0.0.835 and below suffer from a local privilege escalation vulnerability.