Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 08:10:43 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=2334547350&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F1008-exploits%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.2334547350.1338192643.1338192643.1338192643.1%3B%2B__utmz%3D32867617.1338192643.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/93389/1008-exploits.tgz http://packetstormsecurity.org/files/93389/1008-exploits.tgz http://packetstormsecurity.org/files/93389/Packet-Storm-New-Exploits-For-August-2010.html Wed, 01 Sep 2010 18:05:29 GMT This archive contains all of the 422 exploits added to Packet Storm in August, 2010. http://packetstormsecurity.org/files/93361/cartxpress-shelldisclose.txt http://packetstormsecurity.org/files/93361/cartxpress-shelldisclose.txt http://packetstormsecurity.org/files/93361/CartXpress-Backup-Related-File-Disclosure-Shell-Upload.html Tue, 31 Aug 2010 23:53:35 GMT CartXpress suffers from backup related, file disclosure and shell upload vulnerabilities. http://packetstormsecurity.org/files/93359/keepass-dllhijack.tgz http://packetstormsecurity.org/files/93359/keepass-dllhijack.tgz http://packetstormsecurity.org/files/93359/KeePass-Password-Safe-2.12-DLL-Hijack.html Tue, 31 Aug 2010 23:48:41 GMT KeePass Password Safe versions 2.12 and below suffer from a DLL hijacking vulnerability. http://packetstormsecurity.org/files/93358/wp301-redir.txt http://packetstormsecurity.org/files/93358/wp301-redir.txt http://packetstormsecurity.org/files/93358/WordPress-3.0.1-URL-Redirection.html Tue, 31 Aug 2010 23:46:05 GMT WordPress versions 3.0.1 and below suffer from an URL redirection bug. http://packetstormsecurity.org/files/93343/webideas-sql.txt http://packetstormsecurity.org/files/93343/webideas-sql.txt http://packetstormsecurity.org/files/93343/Web-Ideas-Web-Shop-Standard-SQL-Injection.html Tue, 31 Aug 2010 18:45:20 GMT Web-Ideas Web Shop Standard suffers from a remote SQL injection vulnerability. http://packetstormsecurity.org/files/93342/ninga.zip http://packetstormsecurity.org/files/93342/ninga.zip http://packetstormsecurity.org/files/93342/NING-Application-Self-Replicating-Malware.html Tue, 31 Aug 2010 18:43:01 GMT This is a proof of concept, self replicating, social network based malware for NING. http://packetstormsecurity.org/files/93340/joomlajefaqpro-sql.txt http://packetstormsecurity.org/files/93340/joomlajefaqpro-sql.txt http://packetstormsecurity.org/files/93340/Joomla-JE-FAQ-Pro-Blind-SQL-Injection.html Tue, 31 Aug 2010 18:39:36 GMT The Joomla JE FAQ component suffers from a remote blind SQL injection vulnerability. http://packetstormsecurity.org/files/93337/joomlapicsell-disclose.txt http://packetstormsecurity.org/files/93337/joomlapicsell-disclose.txt http://packetstormsecurity.org/files/93337/Joomla-PicSell-Local-File-Disclosure.html Tue, 31 Aug 2010 18:34:04 GMT The Joomla PicSell component suffers from a file disclosure vulnerability. http://packetstormsecurity.org/files/93313/R7-0036.txt http://packetstormsecurity.org/files/93313/R7-0036.txt http://packetstormsecurity.org/files/93313/Rapid7-Security-Advisory-36.html Mon, 30 Aug 2010 23:10:27 GMT Rapid7 Security Advisory - FCKEditor contains a file renaming bug that allows remote code execution. Specifically, it is possible to upload ASP code via the ASP.NET connector in FCKEditor. The vulnerability requires that the remote server be running IIS. This vulnerability has been confirmed on FCKEditor 2.5.1 and 2.6.6. http://packetstormsecurity.org/files/93312/apple_quicktime_marshaled_punk.rb.txt http://packetstormsecurity.org/files/93312/apple_quicktime_marshaled_punk.rb.txt http://packetstormsecurity.org/files/93312/Apple-QuickTime-7.6.7-_Marshaled_pUnk-Code-Execution.html Mon, 30 Aug 2010 23:00:59 GMT This Metasploit module exploits a memory trust issue in Apple QuickTime 7.6.7. When processing a specially-crafted HTML page, the QuickTime ActiveX control will treat a supplied parameter as a trusted pointer. It will then use it as a COM-type pUnknown and lead to arbitrary code execution. This exploit utilizes a combination of heap spraying and the QuickTimeAuthoring.qtx module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions. NOTE: The addresses may need to be adjusted for older versions of QuickTime. http://packetstormsecurity.org/files/93311/appleqtmp-exec.txt http://packetstormsecurity.org/files/93311/appleqtmp-exec.txt http://packetstormsecurity.org/files/93311/Apple-QuickTime-_Marshaled_pUnk-Backdoor-Parameter-Code-Execution.html Mon, 30 Aug 2010 22:57:48 GMT Apple QuickTime suffers from a "_Marshaled_pUnk" backdoor parameter client-side arbitrary code execution vulnerability. http://packetstormsecurity.org/files/93307/safarisgv-dos.txt http://packetstormsecurity.org/files/93307/safarisgv-dos.txt http://packetstormsecurity.org/files/93307/Safari-For-Windows-SGV-Denial-Of-Service.html Mon, 30 Aug 2010 22:42:46 GMT Safari for Windows invalid SGV text style denial of service vulnerability that leverages Webkit.dll. http://packetstormsecurity.org/files/93302/mop-exec.txt http://packetstormsecurity.org/files/93302/mop-exec.txt http://packetstormsecurity.org/files/93302/Microsoft-Office-Property-Code-Execution.html Mon, 30 Aug 2010 22:35:49 GMT Microsoft Office memory corruption code execution exploit that demonstrates a malformed property vulnerability. http://packetstormsecurity.org/files/93300/seagull-rfi.txt http://packetstormsecurity.org/files/93300/seagull-rfi.txt http://packetstormsecurity.org/files/93300/Seagull-0.6.7-Remote-File-Inclusion.html Mon, 30 Aug 2010 22:12:58 GMT Seagull version 0.6.7 suffers from remote file inclusion vulnerabilities. http://packetstormsecurity.org/files/93299/cfimagehosting-disclose.txt http://packetstormsecurity.org/files/93299/cfimagehosting-disclose.txt http://packetstormsecurity.org/files/93299/CF-Image-Hosting-Script-1.3-Database-Disclosure.html Mon, 30 Aug 2010 22:11:23 GMT CF Image Hosting Script version 1.3 suffers from a database disclosure vulnerability. http://packetstormsecurity.org/files/93298/virtdj-vuln.txt http://packetstormsecurity.org/files/93298/virtdj-vuln.txt http://packetstormsecurity.org/files/93298/Virtual-DJ-6.1.2-DLL-Hijacking-Exploit.html Mon, 30 Aug 2010 22:08:33 GMT Virtual DJ version 6.1.2 DLL hijacking exploit that leverages hdjapi.dll while loading .mp3 content. http://packetstormsecurity.org/files/93297/bsplayer-vuln-ehtraceDLL.txt http://packetstormsecurity.org/files/93297/bsplayer-vuln-ehtraceDLL.txt http://packetstormsecurity.org/files/93297/BS-Player-2.56-DLL-Hijacking-Exploit.html Mon, 30 Aug 2010 22:07:47 GMT BS Player version 2.56 DLL hijacking exploit. http://packetstormsecurity.org/files/93296/windowsbackup-dllhijack.txt http://packetstormsecurity.org/files/93296/windowsbackup-dllhijack.txt http://packetstormsecurity.org/files/93296/Windows-7-Vista-Backup-Utility-sdclt.exe-fveapi.dll-DLL-Hijacking-Exploit.html Mon, 30 Aug 2010 22:05:27 GMT Microsoft Windows 7 / Vista backup utility sdclt.exe fveapi.dll DLL hijacking exploit. http://packetstormsecurity.org/files/93295/daemontools-dllhijack.txt http://packetstormsecurity.org/files/93295/daemontools-dllhijack.txt http://packetstormsecurity.org/files/93295/Daemon-Tools-Lite-4.35.6.0091-mfc80loc.dll-DLL-Hijacking-Exploit.html Mon, 30 Aug 2010 22:03:59 GMT Daemon Tools Lite versions 4.35.6.0091 and below mfc80loc.dll DLL hijacking exploit. http://packetstormsecurity.org/files/93293/guestbookplus-redir.txt http://packetstormsecurity.org/files/93293/guestbookplus-redir.txt http://packetstormsecurity.org/files/93293/GuestBookPlus-HTML-Injection-Comment-Bypass.html Mon, 30 Aug 2010 22:01:23 GMT GuestBookPlus suffers from comment restriction bypass and html injection vulnerabilities. http://packetstormsecurity.org/files/93288/qtweb-dllhijack.tgz http://packetstormsecurity.org/files/93288/qtweb-dllhijack.tgz http://packetstormsecurity.org/files/93288/QtWeb-Browser-3.3-Build-043-DLL-Hijacking-Exploit.html Mon, 30 Aug 2010 21:57:10 GMT QtWeb Browser version 3.3 build 043 DLL hijacking exploit. http://packetstormsecurity.org/files/93287/maxthon-dllhijack.tgz http://packetstormsecurity.org/files/93287/maxthon-dllhijack.tgz http://packetstormsecurity.org/files/93287/Maxthon-Browser-2.5.15.1000-DLL-Hijacking-Exploit.html Mon, 30 Aug 2010 21:54:17 GMT Maxthon Browser version 2.5.15.1000 DLL hijacking exploit that leverages dwmapi.dll. http://packetstormsecurity.org/files/93285/diycms-rfi.txt http://packetstormsecurity.org/files/93285/diycms-rfi.txt http://packetstormsecurity.org/files/93285/DiY-CMS-1.0-Remote-File-Inclusion.html Mon, 30 Aug 2010 21:45:31 GMT DiY-CMS version 1.0 suffers from multiple remote file inclusion vulnerabilities. http://packetstormsecurity.org/files/93284/nginx-heapcorrupt.txt http://packetstormsecurity.org/files/93284/nginx-heapcorrupt.txt http://packetstormsecurity.org/files/93284/Nginx-0.6.3.8-Heap-Corruption.html Mon, 30 Aug 2010 21:44:10 GMT Nginx version 0.6.38 heap corruption exploit. http://packetstormsecurity.org/files/93278/snackamp312-overflow.txt http://packetstormsecurity.org/files/93278/snackamp312-overflow.txt http://packetstormsecurity.org/files/93278/SnackAmp-3.1.2-SMP-Buffer-Overflow.html Mon, 30 Aug 2010 20:34:45 GMT SnackAmp version 3.1.2 malicious .smp file buffer overflow SEH exploit.