Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 06:06:02 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1804402139&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0908-exploits%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1804402139.1338185162.1338185162.1338185162.1%3B%2B__utmz%3D32867617.1338185162.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/80843/0908-exploits.tgz http://packetstormsecurity.org/files/80843/0908-exploits.tgz http://packetstormsecurity.org/files/80843/Packet-Storm-New-Exploits-For-August-2009.html Tue, 01 Sep 2009 20:57:07 GMT This archive contains all of the 356 exploits added to Packet Storm in August, 2009. http://packetstormsecurity.org/files/80777/utorrent-overflow.txt http://packetstormsecurity.org/files/80777/utorrent-overflow.txt http://packetstormsecurity.org/files/80777/uTorrent-1.8.3-Buffer-Overflow.html Fri, 28 Aug 2009 23:22:55 GMT uTorrent versions 1.8.3 (Build 15772) and below create new torrent buffer overflow proof of concept exploit. http://packetstormsecurity.org/files/80769/kaspersky-memory.txt http://packetstormsecurity.org/files/80769/kaspersky-memory.txt http://packetstormsecurity.org/files/80769/Kaspersky-2010-Memory-Corruption.html Fri, 28 Aug 2009 23:16:27 GMT Kaspersky 2010 remote memory corruption denial of service proof of concept. http://packetstormsecurity.org/files/80767/sluruscs-sql.txt http://packetstormsecurity.org/files/80767/sluruscs-sql.txt http://packetstormsecurity.org/files/80767/Silurus-Classifieds-System-SQL-Injection.html Fri, 28 Aug 2009 22:19:06 GMT Silurus Classifieds System suffers from a remote SQL injection vulnerability in category.php. http://packetstormsecurity.org/files/80755/htmlcreatorsender-overflow.txt http://packetstormsecurity.org/files/80755/htmlcreatorsender-overflow.txt http://packetstormsecurity.org/files/80755/HTML-Creator-And-Sender-2.3-Buffer-Overflow.html Fri, 28 Aug 2009 22:03:50 GMT HTML Creator and Sender versions 2.3 build 697 and below local buffer overflow exploit that creates a malicious .html file. http://packetstormsecurity.org/files/80754/pipl250-overflow.txt http://packetstormsecurity.org/files/80754/pipl250-overflow.txt http://packetstormsecurity.org/files/80754/PIPL-2.5.0-Buffer-Overflow.html Fri, 28 Aug 2009 22:02:41 GMT PIPL versions 2.5.0 and below universal buffer overflow exploit that creates a malicious .m3u file. http://packetstormsecurity.org/files/80753/dreamhost-sqlxsslfirfi.txt http://packetstormsecurity.org/files/80753/dreamhost-sqlxsslfirfi.txt http://packetstormsecurity.org/files/80753/DreamHost-2.3-SQL-Injection-RFI-LFI-XSS.html Fri, 28 Aug 2009 22:00:05 GMT DreamHost versions 2.3 and below suffer from remote SQL injection, remote file inclusion, local file inclusion, and cross site scripting vulnerabilities. http://packetstormsecurity.org/files/80774/phpfusiondsmsf-sql.txt http://packetstormsecurity.org/files/80774/phpfusiondsmsf-sql.txt http://packetstormsecurity.org/files/80774/PHP-Fusion-dsmsf-SQL-Injection.html Fri, 28 Aug 2009 17:27:52 GMT PHP-Fusion dsmsf module downloads suffer from a remote SQL injection vulnerability. http://packetstormsecurity.org/files/80775/urlhunter-overflow.txt http://packetstormsecurity.org/files/80775/urlhunter-overflow.txt http://packetstormsecurity.org/files/80775/URL-Hunter-3.0.12-Buffer-Overflow.html Fri, 28 Aug 2009 17:18:18 GMT URL Hunter version 3.0.12 local buffer overflow exploit that creates a malicious .m3u file. http://packetstormsecurity.org/files/80766/mediacoder07x-overflow.txt http://packetstormsecurity.org/files/80766/mediacoder07x-overflow.txt http://packetstormsecurity.org/files/80766/MediaCoder-0.7.x-Buffer-Overflow.html Fri, 28 Aug 2009 17:16:58 GMT MediaCoder version 0.7.x .m3u/.lst universal local buffer overflow exploit. http://packetstormsecurity.org/files/80765/livestreet-xss.txt http://packetstormsecurity.org/files/80765/livestreet-xss.txt http://packetstormsecurity.org/files/80765/LiveStreet-Cross-Site-Scripting.html Fri, 28 Aug 2009 06:53:17 GMT LiveStreet suffers from a cross site scripting vulnerability. http://packetstormsecurity.org/files/80762/flexcms25-sql.txt http://packetstormsecurity.org/files/80762/flexcms25-sql.txt http://packetstormsecurity.org/files/80762/FlexCMS-2.5-Blind-SQL-Injection.html Fri, 28 Aug 2009 06:23:04 GMT FlexCMS versions 2.5 and below suffer from a remote blind SQL injection vulnerability. http://packetstormsecurity.org/files/80764/jboard-sql.txt http://packetstormsecurity.org/files/80764/jboard-sql.txt http://packetstormsecurity.org/files/80764/JBoard-2.0-SQL-Injection.html Fri, 28 Aug 2009 06:22:51 GMT JBoard version 2.0 suffers from remote SQL injection vulnerabilities. http://packetstormsecurity.org/files/80763/interactivefx-sql.txt http://packetstormsecurity.org/files/80763/interactivefx-sql.txt http://packetstormsecurity.org/files/80763/Interactivefx.ie-CMS-SQL-Injection.html Fri, 28 Aug 2009 06:05:23 GMT Interactivefx.ie CMS suffers from multiple remote SQL injection vulnerabilities one of which allows for authentication bypass. http://packetstormsecurity.org/files/80730/joomladigifolio-sql.txt http://packetstormsecurity.org/files/80730/joomladigifolio-sql.txt http://packetstormsecurity.org/files/80730/Joomla-Digifolio-1.52-SQL-Injection.html Thu, 27 Aug 2009 21:44:53 GMT The Joomla Digifolio component version 1.52 suffers from a remote SQL injection vulnerability. http://packetstormsecurity.org/files/80729/wpsyntax091-exec.txt http://packetstormsecurity.org/files/80729/wpsyntax091-exec.txt http://packetstormsecurity.org/files/80729/WordPress-WP-Syntax-0.9.1-Command-Execution.html Thu, 27 Aug 2009 21:42:07 GMT WordPress WP-Syntax component versions 0.9.1 and below suffer from a remote command execution vulnerability. http://packetstormsecurity.org/files/80727/danneo052-sql.txt http://packetstormsecurity.org/files/80727/danneo052-sql.txt http://packetstormsecurity.org/files/80727/Danneo-CMS-0.5.2-SQL-Injection.html Thu, 27 Aug 2009 21:39:04 GMT Danneo CMS versions 0.5.2 and below suffer from a remote SQL injection vulnerability. http://packetstormsecurity.org/files/80726/quarkmail-lfi.txt http://packetstormsecurity.org/files/80726/quarkmail-lfi.txt http://packetstormsecurity.org/files/80726/QuarkMail-Local-File-Inclusion.html Thu, 27 Aug 2009 21:35:52 GMT QuarkMail suffers from a local file inclusion vulnerability. http://packetstormsecurity.org/files/80725/uigachurch-sql.txt http://packetstormsecurity.org/files/80725/uigachurch-sql.txt http://packetstormsecurity.org/files/80725/Uiga-Church-Portal-SQL-Injection.html Thu, 27 Aug 2009 21:35:01 GMT Uiga Church Portal suffers form a remote SQL injection vulnerability. http://packetstormsecurity.org/files/80723/phpsane-rfi.txt http://packetstormsecurity.org/files/80723/phpsane-rfi.txt http://packetstormsecurity.org/files/80723/phpSANE-0.5.0-Remote-File-Inclusion.html Thu, 27 Aug 2009 21:31:30 GMT phpSANE version 0.5.0 suffers from a remote file inclusion vulnerability in save.php. http://packetstormsecurity.org/files/80722/allomani-sql.txt http://packetstormsecurity.org/files/80722/allomani-sql.txt http://packetstormsecurity.org/files/80722/Allomani-2007-SQL-Injection.html Thu, 27 Aug 2009 21:30:42 GMT Allomani 2007 suffers from a remote SQL injection vulnerability. http://packetstormsecurity.org/files/80721/padsitescripts-sql.txt http://packetstormsecurity.org/files/80721/padsitescripts-sql.txt http://packetstormsecurity.org/files/80721/PAD-Site-Scripts-3.6-SQL-Injection.html Thu, 27 Aug 2009 21:29:35 GMT PAD Site Scripts version 3.6 suffers from a remote SQL injection vulnerability in list.php. http://packetstormsecurity.org/files/80697/open-auto-classifieds-v1.5.9-exploit.txt http://packetstormsecurity.org/files/80697/open-auto-classifieds-v1.5.9-exploit.txt http://packetstormsecurity.org/files/80697/Open-Auto-Classifieds-1.5.9-File-Upload.html Wed, 26 Aug 2009 23:16:54 GMT Open Auto Classifieds versions 1.5.9 and below remote file upload exploit. http://packetstormsecurity.org/files/80696/MORNINGSTAR-2009-01.txt http://packetstormsecurity.org/files/80696/MORNINGSTAR-2009-01.txt http://packetstormsecurity.org/files/80696/Open-Auto-Classifieds-1.5.9-SQL-Injection.html Wed, 26 Aug 2009 23:12:53 GMT Open Auto Classifieds versions 1.5.9 and below suffer from a remote SQL injection vulnerability. http://packetstormsecurity.org/files/80690/SkypeTrojan.zip http://packetstormsecurity.org/files/80690/SkypeTrojan.zip http://packetstormsecurity.org/files/80690/Megapanzer-Skype-Trojan-Source.html Wed, 26 Aug 2009 22:46:32 GMT This is the source code for the Skype Superintendent Trojan. It injects function calls into the Skype process to intercept all audio data coming and going to the Skype process. It extracts the PCM audio data, converts it to MP3 and sends it to the attacker after encrypting it.