.:[ packet storm ]:.
                         
plan for the worst
plan for the worst

 Section:  .. / Last 20 Files /

 ///  File Name:TA10-068A.txt
Description:
Technical Cyber Security Alert 2010-68A - Microsoft has released updates to address vulnerabilities in Microsoft Windows and Microsoft Office.
Author:US-CERT
Homepage:http://www.us-cert.gov/
File Size:3802
Last Modified:Mar 9 18:18:07 2010
MD5 Checksum:52a06df4c61def449f7f9c9f8bcad8b7

 ///  File Name:tor.uclibc.i686.20100309.iso
Description:
Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP.
Author:Anthony G. Basile
Homepage:http://opensource.dyc.edu/tor-ramdisk
Changes:Tor was updated to 0.2.1.24 and busybox to 1.15.3. The build scripts now allow the option of creating images with a fully featured busybox for debugging and a minimally configured busybox for production.
File Size:4286464
Last Modified:Mar 9 18:16:23 2010
MD5 Checksum:24b38d121c40ba789db06b32c48b1899

 ///  File Name:CORE-2009-1103.txt
Description:
Core Security Technologies Advisory - A memory corruption occurs on Microsoft Office Excel 2002 when parsing a .XLS file with a malformed DbOrParamQry record. This vulnerability could be used by a remote attacker to execute arbitrary code in the context of the currently logged on user, by enticing the user to open a specially crafted file.
Author:Core Security Technologies,Damian Frizza
Homepage:http://www.coresecurity.com/corelabs/
File Size:7741
Related CVE(s):CVE-2010-0264
Last Modified:Mar 9 18:13:44 2010
MD5 Checksum:3b4084cc3bd02ec3abcf8034a1cd52e2

 ///  File Name:CORE-2009-0813.txt
Description:
Core Security Technologies Advisory - A vulnerability was found in Windows Movie Maker and Microsoft Producer, which can be triggered by a remote attacker by sending a specially crafted file and enticing the user to open it. This vulnerability results in a write access violation and can lead to remote code execution.
Author:Core Security Technologies,Damian Frizza
Homepage:http://www.coresecurity.com/corelabs/
File Size:12942
Related CVE(s):CVE-2010-0265
Last Modified:Mar 9 18:11:06 2010
MD5 Checksum:c616fcba3c0a93ba3996a3ca8d8818b9

 ///  File Name:rivercms-sql.txt
Description:
River CMS version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Author:Pouya Daneshmand
File Size:799
Last Modified:Mar 9 18:07:52 2010
MD5 Checksum:3f9fd122e2c9c13cf36e4141986c3d46

 ///  File Name:MDVSA-2010-058.txt
Description:
Mandriva Linux Security Advisory 2010-058 - Multiple vulnerabilities have been found and corrected in PHP. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues.
Author:Mandriva
Homepage:http://www.mandriva.com/security/
File Size:62736
Last Modified:Mar 9 18:06:23 2010
MD5 Checksum:07bda32325dbbfc3f66329dadbc38dc9

 ///  File Name:nusnewssystem-sql.txt
Description:
NUs Newssystem version 1.02 suffers from a remote SQL injection vulnerability.
Author:n3w7u
File Size:695
Last Modified:Mar 9 18:05:34 2010
MD5 Checksum:73b85126d9a72c43885fe8f5015285eb

 ///  File Name:jevci-disclose.txt
Description:
Jevci Siparis Formu Scripti suffers from a remote database disclosure vulnerability.
Author:indoushka
File Size:1920
Last Modified:Mar 9 18:04:28 2010
MD5 Checksum:8dc51a5f030e969191a583ba8fb34d42

 ///  File Name:ZDI-10-026.txt
Description:
Zero Day Initiative Advisory 10-026 - This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Hewlett-Packard Performance Insight. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of requests to the helpmanager servlet running on the Performance Insight web server. Insufficient input validation and authentication allows for arbitrary JSP pages to be uploaded which can be leveraged to execute arbitrary OS commands. Exploitation of this vulnerability allows an attacker to gain control of the affected system under SYSTEM credentials.
Author:TippingPoint
Homepage:http://www.zerodayinitiative.com/
File Size:3057
Related CVE(s):CVE-2010-0447
Last Modified:Mar 9 18:02:35 2010
MD5 Checksum:7e8b4a4e56efc310c9d29affb2ee9a3f

 ///  File Name:mhproducts-sql.txt
Description:
Mhproducts Kleinanzeigenmarkt suffers from a remote SQL injection vulnerability.
Author:Easy Laster
File Size:1994
Last Modified:Mar 9 18:01:22 2010
MD5 Checksum:d9ed3069eabcbca64dc161d3fca09550

 ///  File Name:easyftp.rb.txt
Description:
This Metasploit module exploits a stack overflow in the CWD verb in Easy~FTP Server. You must have valid credentials to trigger this vulnerability.
Author:Blake
Homepage:http://www.metasploit.com
File Size:2263
Last Modified:Mar 9 18:00:35 2010
MD5 Checksum:d732ec3c57befe33133a22a93ffe3bc9

 ///  File Name:HPSBMA02489-SSRT090065.txt
Description:
HP Security Bulletin - A potential vulnerability has been identified with HP Performance Insight. The vulnerability could be exploited remotely to execute arbitrary commands.
Homepage:http://www.hp.com/
File Size:6868
Related CVE(s):CVE-2010-0447
Last Modified:Mar 9 17:50:54 2010
MD5 Checksum:d32dd84a89acc0ff85800e4c96e86450

 ///  File Name:energizer_duo_payload.rb.txt
Description:
This Metasploit module will execute an arbitrary payload against any system infected with the Arugizer trojan horse. This backdoor was shipped with the software package accompanying the Energizer Duo USB battery charger.
Author:H D Moore
Homepage:http://www.metasploit.com
File Size:2841
Related CVE(s):CVE-2010-0103
Last Modified:Mar 9 17:50:14 2010
MD5 Checksum:d6d4fbfd8adf2bc89ff2a66c568d2df7

 ///  File Name:orbital_viewer_orb.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow in David Manthey's Orbital Viewer. When processing .ORB files, data is read from file into a fixed-size stack buffer using the fscanf function. Since no bounds checking is done, a buffer overflow can occur. Attackers can execute arbitrary code by convincing their victim to open an ORB file.
Author:jduck
Homepage:http://www.metasploit.com
File Size:2851
Related OSVDB(s):62580
Related CVE(s):CVE-2010-0688
Last Modified:Mar 9 17:49:56 2010
MD5 Checksum:5aa02439f41605543223cc94d1459d02

 ///  File Name:rsstatic-sql.txt
Description:
Rsstatic suffers from a remote SQL injection vulnerability.
Author:Itsecteam
File Size:498
Last Modified:Mar 9 17:36:56 2010
MD5 Checksum:36b80b3567abad8055fcf5b5022ef709

 ///  File Name:uebimiauwebmail-disclose.txt
Description:
Uebimiau Webmail version 3.2.0-2.0 suffers from a remote email disclosure vulnerability.
Author:R4vax,Z3r0c0re
File Size:1018
Last Modified:Mar 9 17:35:11 2010
MD5 Checksum:d8986001128e37ed03e54a8e5d292448

 ///  File Name:aef-xss.txt
Description:
AEF version 1.0.8 suffers from a cross site scripting vulnerability.
Author:Itsecteam
File Size:686
Last Modified:Mar 9 17:33:09 2010
MD5 Checksum:dc6f4907b92f1b05e661dc65bc490c7b

 ///  File Name:ibmenovia-xss.txt
Description:
IBM ENOVIA SmarTeam version 5 suffers from a cross site scripting vulnerability.
Author:Yaniv Miron
File Size:1349
Last Modified:Mar 9 17:31:44 2010
MD5 Checksum:44229551878fc0a868b16aae04f085eb

 ///  File Name:wildcms-sql.txt
Description:
WILD CMS suffers from a remote SQL injection vulnerability.
Author:Ariko-Security
File Size:1066
Last Modified:Mar 9 17:30:43 2010
MD5 Checksum:f1c9b20b4b3deac6cdf7619762dfe050

 ///  File Name:eleanorcms-xss.txt
Description:
Eleanor CMS version Rc5.1 suffers from a cross site scripting vulnerability.
Author:Itsecteam
File Size:694
Last Modified:Mar 9 17:29:26 2010
MD5 Checksum:c2139058f58f69cd7a9b7bf522bd98c7