Files ≈ Packet Storm

Files ≈ Packet Storm Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 04:52:55 GMT Packet Storm 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=2127297250&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F1007-exploits%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.2127297250.1338180775.1338180775.1338180775.1%3B%2B__utmz%3D32867617.1338180775.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) Packet Storm New Exploits For July, 2010 http://packetstormsecurity.org/files/92324/1007-exploits.tgz http://packetstormsecurity.org/files/92324/1007-exploits.tgz http://packetstormsecurity.org/files/92324/Packet-Storm-New-Exploits-For-July-2010.html Tue, 03 Aug 2010 06:18:58 GMT This archive contains all of the 378 exploits added to Packet Storm in July, 2010. UPlusFTP Server 1.7.1.01 Buffer Overflow http://packetstormsecurity.org/files/92255/uplusftp-overflow.txt http://packetstormsecurity.org/files/92255/uplusftp-overflow.txt http://packetstormsecurity.org/files/92255/UPlusFTP-Server-1.7.1.01-Buffer-Overflow.html Wed, 28 Jul 2010 22:34:54 GMT UPlusFTP Server version 1.7.1.01 remote buffer overflow post authentication exploit. Symantec AMS Intel Alert Handler Command Execution http://packetstormsecurity.org/files/92251/symantecams-flaw.txt http://packetstormsecurity.org/files/92251/symantecams-flaw.txt http://packetstormsecurity.org/files/92251/Symantec-AMS-Intel-Alert-Handler-Command-Execution.html Wed, 28 Jul 2010 18:20:54 GMT Symantec Antivirus Corporate Edition AMS Intel Alert Handler service (hndlrsvc.exe) proof of concept command execution exploit. Jira 4.0.1 Cross Site Scripting http://packetstormsecurity.org/files/92250/jira-xss.txt http://packetstormsecurity.org/files/92250/jira-xss.txt http://packetstormsecurity.org/files/92250/Jira-4.0.1-Cross-Site-Scripting.html Wed, 28 Jul 2010 18:19:27 GMT Jira version 4.0.1 suffers from a cross site scripting vulnerability. Zemana AntiLogger Local Privilege Escalation http://packetstormsecurity.org/files/92247/zemana-escalate.txt http://packetstormsecurity.org/files/92247/zemana-escalate.txt http://packetstormsecurity.org/files/92247/Zemana-AntiLogger-Local-Privilege-Escalation.html Wed, 28 Jul 2010 18:10:54 GMT Zemana AntiLogger with AntiLog32.sys versions 1.5.2.755 and below suffer from a local privilege escalation vulnerability. Cetera eCommerce 14.0 Cross Site Scripting / SQL Injection http://packetstormsecurity.org/files/92246/ceteraecommerce-sqlxss.txt http://packetstormsecurity.org/files/92246/ceteraecommerce-sqlxss.txt http://packetstormsecurity.org/files/92246/Cetera-eCommerce-14.0-Cross-Site-Scripting-SQL-Injection.html Wed, 28 Jul 2010 18:08:24 GMT Cetera eCommerce versions 14.0 and below suffer from cross site scripting and remote SQL injection vulnerabilities. Apache Tomcat UTF-8 Directory Traversal http://packetstormsecurity.org/files/92240/apachetomcat-traversal.txt http://packetstormsecurity.org/files/92240/apachetomcat-traversal.txt http://packetstormsecurity.org/files/92240/Apache-Tomcat-UTF-8-Directory-Traversal.html Wed, 28 Jul 2010 17:52:44 GMT UTF-8 directory traversal /etc/passwd grabbing exploit for Apache Tomcat versions prior to 6.0.18. Joomla PhotoMap Gallery 1.6.0 SQL Injection http://packetstormsecurity.org/files/92239/joomlaphotomapgallery-sql.txt http://packetstormsecurity.org/files/92239/joomlaphotomapgallery-sql.txt http://packetstormsecurity.org/files/92239/Joomla-PhotoMap-Gallery-1.6.0-SQL-Injection.html Wed, 28 Jul 2010 17:46:30 GMT Joomla PhotoMap Gallery version 1.6.0 suffers from multiple remote blind SQL injection vulnerabilities. AV Arcade 3 Insecure Cookie / SQL Injection http://packetstormsecurity.org/files/92238/avarcade-insecure.txt http://packetstormsecurity.org/files/92238/avarcade-insecure.txt http://packetstormsecurity.org/files/92238/AV-Arcade-3-Insecure-Cookie-SQL-Injection.html Wed, 28 Jul 2010 17:44:53 GMT AV Arcade version 3 suffers from insecure cookie and SQL injection vulnerabilities. nuBuilder 10.04.x Remote File Inclusion http://packetstormsecurity.org/files/92237/nubuilder-rfi.txt http://packetstormsecurity.org/files/92237/nubuilder-rfi.txt http://packetstormsecurity.org/files/92237/nuBuilder-10.04.x-Remote-File-Inclusion.html Wed, 28 Jul 2010 17:43:14 GMT nuBuilder version 10.04.x suffers from a remote file inclusion vulnerability. PunBB 1.3.x / Pun_PM 1.2.6 Blind SQL Injection http://packetstormsecurity.org/files/92226/punbbpunpm-sql.txt http://packetstormsecurity.org/files/92226/punbbpunpm-sql.txt http://packetstormsecurity.org/files/92226/PunBB-1.3.x-Pun_PM-1.2.6-Blind-SQL-Injection.html Wed, 28 Jul 2010 01:16:23 GMT PunBB versions 1.3.x and below with Pun_PM versions 1.2.6 and below remote blind SQL injection exploit. Joomla TTVideo 1.0 SQL Injection http://packetstormsecurity.org/files/92225/joomlattvideo-sql.txt http://packetstormsecurity.org/files/92225/joomlattvideo-sql.txt http://packetstormsecurity.org/files/92225/Joomla-TTVideo-1.0-SQL-Injection.html Wed, 28 Jul 2010 01:15:13 GMT Joomla TTVideo component version 1.0 suffers from a remote SQL injection vulnerability. Microsoft Visual Studio 6.0 Buffer Overflow http://packetstormsecurity.org/files/92223/msvisualstudio-overflow http://packetstormsecurity.org/files/92223/msvisualstudio-overflow http://packetstormsecurity.org/files/92223/Microsoft-Visual-Studio-6.0-Buffer-Overflow.html Wed, 28 Jul 2010 01:14:11 GMT Microsoft Visual Studio version 6.0 VCMUTL.dll unicode Active-X buffer overflow exploit. Internet Explorer 6/7 Denial Of Service http://packetstormsecurity.org/files/92220/ie67-dos.txt http://packetstormsecurity.org/files/92220/ie67-dos.txt http://packetstormsecurity.org/files/92220/Internet-Explorer-6-7-Denial-Of-Service.html Wed, 28 Jul 2010 01:06:52 GMT Microsoft Internet Explorer versions 6 and 7 suffers from a denial of service vulnerability. Social Media 2.0.0 Local File Inclusion http://packetstormsecurity.org/files/92214/socialmedia-lfi.txt http://packetstormsecurity.org/files/92214/socialmedia-lfi.txt http://packetstormsecurity.org/files/92214/Social-Media-2.0.0-Local-File-Inclusion.html Wed, 28 Jul 2010 00:24:54 GMT Social Media version 2.0.0 suffers from a local file inclusion vulnerability. PHPKIT WCMS 1.6.5 Reflected Cross Site Scripting http://packetstormsecurity.org/files/92213/major_rls78.txt http://packetstormsecurity.org/files/92213/major_rls78.txt http://packetstormsecurity.org/files/92213/PHPKIT-WCMS-1.6.5-Reflected-Cross-Site-Scripting.html Wed, 28 Jul 2010 00:23:27 GMT PHPKIT WCMS vesion 1.6.5 suffers from a reflected cross site scripting vulnerability. Theeta CMS Cross Site Scripting / SQL Injection http://packetstormsecurity.org/files/92211/theetacms-sqlxss.txt http://packetstormsecurity.org/files/92211/theetacms-sqlxss.txt http://packetstormsecurity.org/files/92211/Theeta-CMS-Cross-Site-Scripting-SQL-Injection.html Wed, 28 Jul 2010 00:10:58 GMT Theeta CMS suffers from cross site scripting and remote SQL injection vulnerabilities. Joomla Appointinator 1.0.1 SQL Injection http://packetstormsecurity.org/files/92210/joomlaappointinator-sql.txt http://packetstormsecurity.org/files/92210/joomlaappointinator-sql.txt http://packetstormsecurity.org/files/92210/Joomla-Appointinator-1.0.1-SQL-Injection.html Wed, 28 Jul 2010 00:08:27 GMT The Joomla Appointinator component version 1.0.1 suffers from remote SQL injection vulnerabilities. SyndeoCMS 2.9.0 Cross Site Scripting http://packetstormsecurity.org/files/92209/syndeocms-xss.txt http://packetstormsecurity.org/files/92209/syndeocms-xss.txt http://packetstormsecurity.org/files/92209/SyndeoCMS-2.9.0-Cross-Site-Scripting.html Wed, 28 Jul 2010 00:04:21 GMT SyndeoCMS versions 2.9.0 and below suffer from multiple cross site scripting vulnerabilities. PHPKIT WCMS 1.6.5 Cross Site Scripting http://packetstormsecurity.org/files/92200/major_rls79.txt http://packetstormsecurity.org/files/92200/major_rls79.txt http://packetstormsecurity.org/files/92200/PHPKIT-WCMS-1.6.5-Cross-Site-Scripting.html Tue, 27 Jul 2010 23:48:15 GMT PHPKIT WCMS version 1.6.5 suffers from multiple cross site scripting vulnerabilities. EasyFTP Server <= 1.7.0.11 MKD Command Stack Buffer Overflow http://packetstormsecurity.org/files/92199/easyftp_mkd_fixret.rb.txt http://packetstormsecurity.org/files/92199/easyftp_mkd_fixret.rb.txt http://packetstormsecurity.org/files/92199/EasyFTP-Server-1.7.0.11-MKD-Command-Stack-Buffer-Overflow.html Tue, 27 Jul 2010 23:13:55 GMT This Metasploit module exploits a stack-based buffer overflow in EasyFTP Server 1.7.0.11 and earlier. EasyFTP fails to check input size when parsing 'MKD' commands, which leads to a stack based buffer overflow. NOTE: EasyFTP allows anonymous access by default. However, in order to access the 'MKD' command, you must have access to an account that can create directories. After version 1.7.0.12, this package was renamed "UplusFtp". This exploit utilizes a small piece of code that I\\'ve referred to as 'fixRet'. This code allows us to inject of payload of ~500 bytes into a 264 byte buffer by 'fixing' the return address post-exploitation. See references for more information. EasyFTP Server <= 1.7.0.11 LIST Command Stack Buffer Overflow http://packetstormsecurity.org/files/92198/easyftp_list_fixret.rb.txt http://packetstormsecurity.org/files/92198/easyftp_list_fixret.rb.txt http://packetstormsecurity.org/files/92198/EasyFTP-Server-1.7.0.11-LIST-Command-Stack-Buffer-Overflow.html Tue, 27 Jul 2010 23:11:36 GMT This Metasploit module exploits a stack-based buffer overflow in EasyFTP Server 1.7.0.11. credit goes to Karn Ganeshan. NOTE: Although, this is likely to exploit the same vulnerability as the 'easyftp_cwd_fixret' exploit, it uses a slightly different vector. EasyFTP Server <= 1.7.0.11 list.html path Stack Buffer Overflow http://packetstormsecurity.org/files/92196/easyftp_list.rb.txt http://packetstormsecurity.org/files/92196/easyftp_list.rb.txt http://packetstormsecurity.org/files/92196/EasyFTP-Server-1.7.0.11-list.html-path-Stack-Buffer-Overflow.html Tue, 27 Jul 2010 23:11:13 GMT This Metasploit module exploits a stack-based buffer overflow in EasyFTP Server 1.7.0.11 and earlier. EasyFTP fails to check input size when parsing the 'path' parameter supplied to an HTTP GET request, which leads to a stack based buffer overflow. EasyFTP allows anonymous access by default; valid credentials are typically unnecessary to exploit this vulnerability. After version 1.7.0.12, this package was renamed "UplusFtp". Due to limited space, as well as difficulties using an egghunter, the use of staged, ORD, and/or shell payloads is recommended. Hyleos ChemView ActiveX Control Stack Buffer Overflow http://packetstormsecurity.org/files/92197/hyleos_chemviewx_activex.rb.txt http://packetstormsecurity.org/files/92197/hyleos_chemviewx_activex.rb.txt http://packetstormsecurity.org/files/92197/Hyleos-ChemView-ActiveX-Control-Stack-Buffer-Overflow.html Tue, 27 Jul 2010 23:09:47 GMT This Metasploit module exploits a stack-based buffer overflow within version 1.9.5.1 of Hyleos ChemView (HyleosChemView.ocx). By calling the 'SaveAsMolFile' or 'ReadMolFile' methods with an overly long first argument, an attacker can overrun a buffer and execute arbitrary code. QQplayer 2.3.696.400p1 Buffer Overflow http://packetstormsecurity.org/files/92176/qqplayersmi-overflow.txt http://packetstormsecurity.org/files/92176/qqplayersmi-overflow.txt http://packetstormsecurity.org/files/92176/QQplayer-2.3.696.400p1-Buffer-Overflow.html Mon, 26 Jul 2010 22:29:06 GMT QQplayer versions 2.3.696.400p1 and below .smi file processing local buffer overflow exploit.