Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 08:00:58 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1146563850&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Proof%20of%20Concept%20Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Ftags%2Fproof_of_concept%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1146563850.1338192058.1338192058.1338192058.1%3B%2B__utmz%3D32867617.1338192058.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/113059/ios5_safari_js_crash.rb.txt http://packetstormsecurity.org/files/113059/ios5_safari_js_crash.rb.txt http://packetstormsecurity.org/files/113059/iOS-5.1.1-Safari-Browser-Denial-Of-Service.html Sat, 26 May 2012 22:22:22 GMT iOS versions 5.1.1 and below Safari Browser JS match(), search() crash proof of concept exploit. http://packetstormsecurity.org/files/113041/resedit-overflow.tgz http://packetstormsecurity.org/files/113041/resedit-overflow.tgz http://packetstormsecurity.org/files/113041/ResEdit-1.5.11-win32-Buffer-Overflow.html Fri, 25 May 2012 20:36:33 GMT ResEdit version 1.5.11-win32 suffers from a buffer overflow. Proof of concept denial of service exploits included. http://packetstormsecurity.org/files/113004/symantecendpoint-exec.txt http://packetstormsecurity.org/files/113004/symantecendpoint-exec.txt http://packetstormsecurity.org/files/113004/Symantec-End-Point-Protection-Network-Access-Control-11.x-Code-Execution.html Wed, 23 May 2012 13:33:33 GMT Symantec End Point Protection version 11.x and Symantec Network Access Control version 11.x local code execution proof of concept exploit. http://packetstormsecurity.org/files/112967/winxpkeyboard.zip http://packetstormsecurity.org/files/112967/winxpkeyboard.zip http://packetstormsecurity.org/files/112967/Windows-XP-Keyboard-Layouts-Pool-Corruption-Proof-Of-Concept.html Wed, 23 May 2012 02:45:29 GMT This proof of concept code demonstrates a Microsoft Windows XP keyboard layouts pool corruption vulnerability, post MS12-034. The vulnerability exists in the function win32k!ReadLayoutFile() that parses keyboard layout file data. http://packetstormsecurity.org/files/112746/liferay-xsrf.tgz http://packetstormsecurity.org/files/112746/liferay-xsrf.tgz http://packetstormsecurity.org/files/112746/Liferay-6.1-Cross-Site-Request-Forgery.html Tue, 15 May 2012 22:35:19 GMT Liferay version 6.1 is vulnerable to JSON-related cross site request forgery attacks. Proof of concept code is included. http://packetstormsecurity.org/files/112741/svg-trigger.tgz http://packetstormsecurity.org/files/112741/svg-trigger.tgz http://packetstormsecurity.org/files/112741/SVG-Java-Execution-Trigger.html Tue, 15 May 2012 22:21:05 GMT Some SVG specifications, like SVG 1.1 and SVG tiny 1.2, allow Java code execution when the file is opened. Proof of concept code included. http://packetstormsecurity.org/files/112740/liferay-disclose.tgz http://packetstormsecurity.org/files/112740/liferay-disclose.tgz http://packetstormsecurity.org/files/112740/Liferay-6.1-Name-Email-Address-Disclosure.html Tue, 15 May 2012 22:16:54 GMT Liferay version 6.1 suffers from a vulnerability where it is possible to retrieve the names and email addresses of all users. Proof of concept code included. http://packetstormsecurity.org/files/112735/liferay-bypass.tgz http://packetstormsecurity.org/files/112735/liferay-bypass.tgz http://packetstormsecurity.org/files/112735/Liferay-6.1-No-Account-Access-Bypass.html Tue, 15 May 2012 22:06:26 GMT Liferay version 6.1 suffers from a circumvention issue when restricting access to ip blocks. Proof of concept exploit included. http://packetstormsecurity.org/files/112662/imgrd_1.tgz http://packetstormsecurity.org/files/112662/imgrd_1.tgz http://packetstormsecurity.org/files/112662/FlexNet-License-Server-Manager-11.9.1-Stack-Overflow.html Sun, 13 May 2012 23:23:23 GMT FlexNet License Server Manager versions 11.9.1 and below suffer from a stack overflow vulnerability in lmgrd. Proof of concept included. http://packetstormsecurity.org/files/112661/proservrex_1.tgz http://packetstormsecurity.org/files/112661/proservrex_1.tgz http://packetstormsecurity.org/files/112661/Pro-face-Pro-Server-EX-1.30.000-Memory-Issues-Integer-Overflow.html Sun, 13 May 2012 19:22:22 GMT Pro-face Pro-Server EX versions 1.30.000 and PCRuntime versions 3.1.00 suffer from memory related and integer overflow vulnerabilities. Proof of concept included. http://packetstormsecurity.org/files/112623/qnx-overflows.tgz http://packetstormsecurity.org/files/112623/qnx-overflows.tgz http://packetstormsecurity.org/files/112623/QNX-phrelay-phindows-phditto-Overflows.html Fri, 11 May 2012 15:23:52 GMT QNX phrelay/phindows/phditto suffer from bpe_decompress stack overflow and Photon Session buffer overflow vulnerabilities. Proof of concept test code included. http://packetstormsecurity.org/files/112622/9sg_photoshock.tgz http://packetstormsecurity.org/files/112622/9sg_photoshock.tgz http://packetstormsecurity.org/files/112622/Adobe-Photoshop-CS5.1-U3D.8BI-Buffer-Overflow.html Fri, 11 May 2012 02:44:31 GMT Adobe Photoshop version CS5.1 U3D.8BI suffers from a library collada asset elements stack based buffer overflow vulnerability. Proof of concept included. http://packetstormsecurity.org/files/112574/guitarpro-dos.txt http://packetstormsecurity.org/files/112574/guitarpro-dos.txt http://packetstormsecurity.org/files/112574/Guitar-Pro-6.1.1-r10791-Denial-Of-Service.html Wed, 09 May 2012 17:55:22 GMT Guitar Pro version 6.1.1 r10791 crash proof of concept exploit that creates a malicious .gpx file. http://packetstormsecurity.org/files/112153/SH-019-20120424.tgz http://packetstormsecurity.org/files/112153/SH-019-20120424.tgz http://packetstormsecurity.org/files/112153/BeyondCHM-1.1-Buffer-Overflow.html Tue, 24 Apr 2012 17:22:11 GMT BeyondCHM version 1.1 suffers from a buffer overflow vulnerability when handling a specially crafted chm file. Proof of concept included. http://packetstormsecurity.org/files/112101/SH-018-20120423.txt http://packetstormsecurity.org/files/112101/SH-018-20120423.txt http://packetstormsecurity.org/files/112101/Mobipocket-Reader-6.2-Build-608-Buffer-Overflow.html Mon, 23 Apr 2012 20:31:41 GMT Mobipocket Reader version 6.2 build 608 suffers from a buffer overflow vulnerability. Proof of concept included. http://packetstormsecurity.org/files/112097/SH-017-20120423.tgz http://packetstormsecurity.org/files/112097/SH-017-20120423.tgz http://packetstormsecurity.org/files/112097/SumatraPDF-2.0.1-Memory-Corruption.html Mon, 23 Apr 2012 19:22:58 GMT SumatraPDF version 2.0.1 suffers from chm and mobi file memory corruption vulnerabilities. Proof of concept included. http://packetstormsecurity.org/files/112058/liferay-webdav.tgz http://packetstormsecurity.org/files/112058/liferay-webdav.tgz http://packetstormsecurity.org/files/112058/Liferay-6.0.5-ce-WebDAV-File-Reading.html Sat, 21 Apr 2012 00:17:26 GMT By creating a specially crafted webdav request that contains an external entity it is possible to read files from Liferay Portal version 6.0.5 ce. Proof of concept code included. http://packetstormsecurity.org/files/112057/liferay-config.tgz http://packetstormsecurity.org/files/112057/liferay-config.tgz http://packetstormsecurity.org/files/112057/Liferay-6.1-Default-Configuration-Compromise.html Sat, 21 Apr 2012 00:14:23 GMT By utilizing the json webservices exposed in Liferay Portal version 6.1 you can register a new user with any role in the system, including the built in administrator role. Proof of concept included. http://packetstormsecurity.org/files/112037/liferayjson-takeover.tgz http://packetstormsecurity.org/files/112037/liferayjson-takeover.tgz http://packetstormsecurity.org/files/112037/Liferay-JSON-Request-Control-Takeover.html Fri, 20 Apr 2012 19:59:13 GMT Liferay Portal suffers from a takeover vulnerability due to a single HTTP request allowing an attacker to reconfigure which memcached to use. Proof of concept code included. Version 6.1 ce is confirmed vulnerable. http://packetstormsecurity.org/files/112022/samsux_1.tgz http://packetstormsecurity.org/files/112022/samsux_1.tgz http://packetstormsecurity.org/files/112022/Samsung-Device-Endless-Restart-Possible-Buffer-Overflow.html Fri, 20 Apr 2012 06:36:25 GMT Samsung devices with support for remote controllers suffer from endless restart and possible buffer overflow vulnerabilities. Proof of concept code included. http://packetstormsecurity.org/files/111990/wiresharkcd-dos.tgz http://packetstormsecurity.org/files/111990/wiresharkcd-dos.tgz http://packetstormsecurity.org/files/111990/Wireshark-call_dissector-Denial-Of-Service.html Thu, 19 Apr 2012 12:33:33 GMT Wireshark suffers from a call_dissector() NULL pointer dereference denial of service vulnerability. Proof of concept pcap included. http://packetstormsecurity.org/files/111952/SH-016-20120416.txt http://packetstormsecurity.org/files/111952/SH-016-20120416.txt http://packetstormsecurity.org/files/111952/LibreOffice-3.5.2.2-Memory-Corruption.html Wed, 18 Apr 2012 23:05:13 GMT LibreOffice version 3.5.2.2 suffers from a soffice.exe\soffice.bin memory corruption vulnerability when handling a malformed RTF file. This is a proof of concept exploit. http://packetstormsecurity.org/files/111937/ms11-046-final.c.zip http://packetstormsecurity.org/files/111937/ms11-046-final.c.zip http://packetstormsecurity.org/files/111937/MS11-046-Proof-Of-Concept.html Wed, 18 Apr 2012 19:31:52 GMT This is a proof of concept exploit for the vulnerability documented in MS11-046 for the Microsoft Windows Ancillary Function Driver (AFD). http://packetstormsecurity.org/files/111842/proxy_tools.tar.gz http://packetstormsecurity.org/files/111842/proxy_tools.tar.gz http://packetstormsecurity.org/files/111842/McAfee-Web-Gateway-And-Squid-Proxy-3.1.19-Bypass.html Fri, 13 Apr 2012 21:55:11 GMT McAfee Web Gateway and Squid Proxy version 3.1.19 suffers from a bypass vulnerability due to putting trust in Host headers. Proof of concept tool included. Squid is only vulnerable to the attacks if the filtered site is using SSL. http://packetstormsecurity.org/files/111709/CVE-2012-0769.tgz http://packetstormsecurity.org/files/111709/CVE-2012-0769.tgz http://packetstormsecurity.org/files/111709/Adobe-Flash-Player-Information-Leak.html Tue, 10 Apr 2012 04:25:14 GMT Adobe Flash Player versions prior to 10.3.183.16 and 11.x before 11.1.102.63 suffer from an information disclosure vulnerability. This archive has research related to this issue, proof of concept source code, and a swf that demonstrates the issue.