Packet Storm's last 100 added files.
Last Updated: Wed Aug 27 18:03:16 EDT 2008


[ USN-638-1.txt ] c3002bba563957c93b2edfad569c7c01 Ubuntu Security Notice 638-1 - Aaron Grattafiori discovered that the Gnome Help Viewer did not handle format strings correctly when displaying certain error messages. If a user were tricked into opening a specially crafted URI, a remote attacker could execute arbitrary code with user privileges.  
[ kyocera-traversal.txt ] b1469751eb65919a9b8435ad1055dc09 Kyocera Command Center suffers from a directory traversal vulnerability.  
[ searchengine-sql.txt ] 63fc260d89bd02c73d5d2647cb1356d3 Search Engine suffers from a remote SQL injection vulnerability in viewcat.php.  
[ igshopdisp-sql.txt ] e73b22fbec473ddd5750c3cbf0d66b60 iG Shop suffers from a remote SQL injection vulnerability in display_review.php.  
[ SSRT080106.txt ] a84ae83f38e250d72f3b90696e44be96 HP Security Bulletin - A potential security vulnerability has been identified in the HP Enterprise Discovery. The vulnerability could be exploited remotely by an authorized user to gain extended privileges.  
[ advchk-2.10.tar.gz ] 03bd5578fd6b1795710a9c67225040c3 Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery.  
[ yourownbux-sql.txt ] 7e146c229cd2cc0ccbe6f6b868c695f2 YourOwnBux versions 3.1 and 3.2 Beta suffer from a remote SQL injection vulnerability.  
[ PLSA-2008-31.txt ] 89fde6963eee81805e587266f74bbffa Pardus Linux Security Advisory - A vulnerability has been reported in LibTIFF, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a user's system.   
[ phpmyrealty109-sql.txt ] c5c0581e59881b0c55bafb406bc61e32 phpMyRealty versions 1.0.9 and below suffer from a remote SQL injection vulnerability in pages.php.  
[ ultra-overflow.txt ] 8efda1569b663b030992e1d6768813f9 Ultra Office Active-X Control remote buffer overflow exploit.  
[ ultra-corrupt.txt ] 3c538957caf9590d5e856cd27bf0f824 Ultra Office Active-X Control remote arbitrary file corruption exploit.  
[ MDVSA-2008-180-1.txt ] cee89e63538737ae53aedf3ab3fd7410 Mandriva Linux Security Advisory - Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding. The original fix used to correct this issue caused some applications that used the libxml2 library to crash. These new updated packages use a different fix that does not cause certain linked applications to crash as the old packages did.  
[ fileutility.txt ] b9cc2a9b04bb9971365bc2eb05b812f3 This Metasploit exploit attacks multiple file manipulation vulnerabilities in the Kyocera Mita Scanner File Utility version 3.3.0.1.  
[ kyocera-upload.txt ] c188a08ce39e9da8719c911ff27e4178 The Kyocera Mita Scanner File Utility version 3.3.0.1 suffers from multiple file manipulation vulnerabilities.  
[ EMORY-2008-01.txt ] 46742f7d6234df7fa0b6c185fb2e534a Telartis's AWStats Totals versions 1.0 through 1.14 suffer from a remote code execution vulnerability.  
[ mybb1211-sql.txt ] 2b8c0145ecb2c5255a32519df1daeffe MyBulletinBoard (MyBB) versions 1.2.11 and below SQL injection exploit that leverages private.php.  
[ ifdate-sql.txt ] ea21be161b9c61655d9d93c6bb733611 iFdate versions 2.0.3 and below suffer from a SQL injection vulnerability.  
[ dsa-1631-2.txt ] f024501160502cc01f3a8a6951c7c361 Debian Security Advisory 1631-2 - The previous security update of the libxml2 package introduced some problems with other packages, most notably with librsvg. This update corrects these problems whilst still fixing the reported security problem.  
[ dsa-1632-1.txt ] 0e6569a1ce6eb08995b0101c1d463469 Debian Security Advisory 1632-1 - Drew Yao discovered that libTIFF, a library for handling the Tagged Image File Format, is vulnerable to a programming error allowing malformed tiff files to lead to a crash or execution of arbitrary code.  
[ thickboxgallery-disclose.txt ] 742dcf93f43279e1ee08f057327abcee Thickbox Gallery version 2 suffers from an administrative data disclosure vulnerability in admins.php.  
[ cmme-lfixsscsrf.txt ] a46f6ae035b9cb1477736efe43b4ed9a CMME version 1.12 suffers from local file inclusion, cross site scripting, cross site request forgery, and other vulnerabilities.  
[ simpgal-sql.txt ] c402f3afaca614ffeb393f9b84477b59 Simple Gallery ASP Script suffers from a remote SQL injection vulnerability.  
[ zoneminder-multi.txt ] d8bb2d877419e579e9d76b0f207b8425 ZoneMinder versions 1.23.3 and below suffer from command injection, SQL injection, and cross site scripting vulnerabilities.  
[ mvs-activex.txt ] 181f169f345f46154d1d9000c16aed1e Microsoft Visual Studio Active-X remote buffer overflow exploit that leverages Msmask32.ocx.  
[ hpsnh-xss.txt ] 10441eb7ff70f0b1f1b38bdfe4afb273 Further analysis regarding the HP System Management Homepage (SMH) cross site scripting vulnerability.  
[ zbreaknews-sql.txt ] a7eb6a2643b88223f58f0185eb07384d z-breaknews version 2.0 suffers from a remote SQL injection vulnerability in single.php.  
[ mininuke23-sql.txt ] 8e01430892a688f963f403b76a239c9a MiniNuke version 2.3 Freehost suffers from multiple remote SQL injection vulnerabilities.  
[ USN-637-1.txt ] 4ff77f698b3af8e2303260d5110f0d63 Ubuntu Security Notice 637-1 - It was discovered that there were multiple NULL-pointer function dereferences in the Linux kernel terminal handling code. A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service. The do_change_type routine did not correctly validation administrative users. A local attacker could exploit this to block mount points or cause private mounts to be shared, leading to denial of service or a possible loss of privacy. Tobias Klein discovered that the OSS interface through ALSA did not correctly validate the device number. A local attacker could exploit this to access sensitive kernel memory, leading to a denial of service or a loss of privacy. Zoltan Sogor discovered that new directory entries could be added to already deleted directories. A local attacker could exploit this, filling up available memory and disk space, leading to a denial of service.  
[ krate-sqlxss.txt ] d26ac1ccd455e8908f757fa505552e5d K-Rate suffers from SQL injection and cross site scripting vulnerabilities.  
[ sphpblog-exec.txt ] f98e850f53affbab3ddff8216779f279 Simple PHP Blog (SPHPBlog) versions 0.5.1 and below code execution exploit.  
[ kolifadownload-sql.txt ] ef095920edf3cf084b22795e4d5e48f6 Kolifa.Net Download Script version 1.2 suffers from a remote SQL injection vulnerability.  
[ popnupblog-xss.txt ] b82aae9cdaf7f648a0399aae7d72008e PopnupBlog version 3.30 suffers from multiple cross site scripting vulnerabilities in index.php.  
[ crafty-sql.txt ] e6945d67ffc3bf702f8bca9d13e35ddf Crafty Syntax Live Help versions 2.14.6 and below suffer from a remote SQL injection vulnerability.  
[ DSECRG-08-038.txt ] 8fe839a4a7d6a995587c81d9a5a0dffe ezContents CMS version 2.0.3 suffers from multiple local file inclusion vulnerabilities.  
[ DSECRG-08-037.txt ] 569ec165bf63e88aa064daa5c376d909 Pluck CMS version 4.5.2 suffers from multiple local file inclusion vulnerabilities.  
[ goranicms-blindsql.txt ] 5db9f49dbda6cc73f1613eedb0a8ab7a Gorani CMS suffers from a blind SQL injection vulnerability.  
[ neotericuk-sql.txt ] 31707c0c1c7da57f97e002dd3b4bae27 Neoteric UK websites suffers from a remote SQL injection vulnerabilities.  
[ millionpixel-sql.txt ] 8caf8d3ea10e6555e8319da4e3caa3df Million Pixel Ad Script suffers from a remote SQL injection vulnerability.  
[ geeklog-upload.txt ] 70f91a82ad8e316160b0c228f0f01631 GeekLog versions 1.5.0 and below remote arbitrary file upload exploit.  
[ webboard-sql.txt ] dd0f573ccd7d4c7427aafafd4d4f0ad6 WebBoard versions 2.0 and below suffers from an arbitrary SQL question/answer deletion vulnerability.  
[ wds-sql.txt ] 2d7d3c3ae39631f6786aad84cca8f978 Web Directory Script versions 2.0 and below suffer form a remote SQL injection vulnerability.  
[ freebsd-master.txt ] cf47939bcd912af3c724afa97bbd291f 65 byte NULL free /bin/cat /etc/master.passwd shellcode for freebsd/x86.  
[ secunia-calendarix.txt ] 25805f56ddb5ea080e60cc240a6e595d Secunia Research has discovered two vulnerabilities in Calendarix Basic, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "catsearch" parameter in cal_search.php and "catview" in cal_cat.php is not properly sanitized before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Calendarix Basic 0.8.20071118 is affected.  
[ secunia-iprintget.txt ] fdd4e1fe471d8f8909683736fc941234 Secunia Research has discovered a security issue in Novell iPrint Client, which can be exploited by malicious people to gain knowledge of potentially sensitive information. Novell iPrint Client 4.36 and Novell iPrint Client for Windows Vista 5.04 are affected. The insecurity lies in GetFileList().  
[ secunia-iprint.txt ] 40a0bbe6cee53536da934ab4a38a4cb8 Secunia Research has discovered multiple vulnerabilities in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system. These include boundary errors and buffer overflow issues. Novell iPrint Client 4.36 is affected.  
[ danairc-overflow.txt ] ce78e866e21035b1d75c8e6ed56a451f Dana IRC version 1.4a remote buffer overflow exploit.  
[ nufw-2.2.16.tar.gz ] 7a4f72298783b877a050863888d643df NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server. 
[ fwknop-1.9.7.tar.gz ] 955a2a920aeeab655d16da212f70b5e8 fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap. 
[ belkin-bypass.txt ] 9119bf2575e2d603c0dd43fdac82247a Belkin wireless G router and ADSL2 modem authentication bypass exploit.  
[ PLSA-2008-30.txt ] bba89f851911b3ef0f74460ddb4d69a5 Pardus Linux Security Advisory - Insufficient sanitization can lead to Vim executing arbitrary commands when performing keyword or tag lookup.  
[ PLSA-2008-29.txt ] 353baefe1e7409fab29c0abd9c5f7291 Pardus Linux Security Advisory - Multiple vulnerabilities have discovered by g_ which potentially can be exploited by malicious people to compromise a user's system.   
[ PLSA-2008-28.txt ] b5d695d395d852aa764c49dbd945acc7 Pardus Linux Security Advisory - A vulnerability has been reported in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service).   
[ linux-cbexec.txt ] 2335f65f3587e1adb068e62f47af91ad 149 byte connect back, download a file, and execute shellcode for linux/x86.  
[ matterdaddy-sql.txt ] acec2b73d736ec39af3ba591c3480075 Matterdaddy Market version 1.1 suffers from multiple SQL injection vulnerabilities.  
[ btitrackerxbtit-sql.txt ] efb414d445b3a47428a394d923d766a1 BtiTracker versions 1.4.7 and xbtit versions 2.0.542 suffers from a remote SQL injection vulnerability.  
[ IVIZ-08-009.txt ] 19fafe4333b13d89b153a4c1a3b7a16c The password checking routine of Grub fails to sanitize the BIOS keyboard buffer before AND after reading passwords.  
[ IVIZ-08-008.txt ] b6128bc94dc690994313103896500060 The password checking routine of LILO fails to sanitize the BIOS keyboard buffer before AND after reading passwords.  
[ IVIZ-08-007.txt ] f5e88134d2c118dc27e0b5de40760281 The password checking routine of DriveCrypt fails to sanitize the BIOS keyboard buffer before AND after reading passwords.  
[ IVIZ-08-006.txt ] 28d14d2910f59a1abffea61e693b4bc3 The password checking routine of DiskCryptor fails to sanitize the BIOS keyboard buffer before AND after reading passwords.  
[ IVIZ-08-005.txt ] 9372ec1711b09a008c09f97aaad48fc9 The password checking routine of the IBM Lenovo BIOS firmware fails to sanitize the BIOS keyboard buffer after reading user input, resulting in plain text password leakage to local users.  
[ IVIZ-08-004.txt ] fb13f9752e6c436b4d7a1e7c99a21fa2 The password checking routine of Intel BIOS firmware fails to sanitize the BIOS keyboard buffer after reading user input, resulting in plain text password leakage to local users.  
[ IVIZ-08-003.txt ] 986464ca4ad63ebdd6c33978f68b69c6 The password checking routine of TrueCrypt fails to sanitize the BIOS keyboard buffer before AND after reading passwords.  
[ IVIZ-08-002.txt ] 7ed6e522d2b2d1576d1001319e9ae443 The password checking routine of Hewlett-Packard 68DTT version F.0D (11/22/2005) fails to sanitize the BIOS keyboard buffer after reading user input, resulting in plain text password leakage to local users.  
[ IVIZ-08-001.txt ] 08bf0022caed32290893bce4e558fee6 The password checking routine of Microsoft Bitlocker fails to sanitize the BIOS keyboard buffer after reading passwords, resulting in plain text password leakage to unprivileged local users.  
[ deremate-xssrfi.txt ] 3c4c2d54915206f7b7e3358f161dc074 Deremate's Shopping Online application is vulnerable to cross site scripting vulnerabilities.  
[ phpcart-xss.txt ] a667f382b4fac26273cd9ab4565b3a83 PHPCart versions 3.4 through 4.6.4 suffer from cross site scripting and price manipulation vulnerabilities.  
[ selfgen-xss.txt ] 55f4b2870a9be3465220de89f98862c0 The Self Generate CMS suffers from multiple cross site scripting vulnerabilities.  
[ WLB-2008080064.txt ] 618bef6d69afe88da171491f07cd89a3 libc inet_net_pton.c suffers from an integer overflow vulnerability.  
[ tor.uclibc.i686.20080822.iso ] 7886072dae6656c2b61793430177bd3e Tor-ramdisk is an i686 uClibc-based micro Linux distribution (3.1 MB) whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. 
[ onenews-sqlxss.txt ] c30394113a1d4578432263fc920ea170 OneNews Beta 2 suffers from cross site scripting, HTML injection, and SQL injection vulnerabilities.  
[ fivestar-sqlxss.txt ] 76a1fce96cbfd283354ccde02233a975 5 Star Review suffers from cross site scripting and SQL injection vulnerabilities.  
[ miacms-sql.txt ] 80e9f163d00d9ded2c2b83916fd0737a MiaCMS versions 4.6.5 and below suffer from multiple remote SQL injection exploits.  
[ vlcmms-overflow.txt ] 23a2a913c69f52978ccc7930f8671364 VLC version 0.8.6i MMS protocol handling heap overflow proof of concept exploit.  
[ gallery-xss.txt ] 884d325c621639312f1f07d6d3d591d7 Gallery version 1.3 suffers from a cross site scripting vulnerability.  
[ tor-0.2.0.30.tar.gz ] d37b582ee35b4f69564b0635a449b5f6 Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). 
[ netbeware.txt ] f4d83cea9d6dcd226ee4aae32d114574 The remote manager in Novell Netware version 6.5 suffers from an HTML injection vulnerability.  
[ dsa-1631-1.txt ] 4e11a0bf3ea05140834d932f3231418d Debian Security Advisory 1631-1 - Andreas Solberg discovered that libxml2, the GNOME XML library, could be forced to recursively evaluate entities, until available CPU & memory resources were exhausted.  
[ oCERT-2008-008.txt ] 030d4b684f35e92aea985834e35cd251 The xine free multimedia player suffers from a number of vulnerabilities ranging in severity. The worst of these vulnerabilities results in arbitrary code execution and the least, in unexpected process termination. xine-lib versions 1.1.14 and below are affected.  
[ noname-lfi.txt ] e08938492ce16785a939d37592f50395 NoName Script version 1.0 suffers from a local file inclusion vulnerability in index.php.  
[ vim-sanitize.txt ] 743819ed6f6edc557eb5e0a21ba43aec Vim version 3 suffers from multiple arbitrary code execution vulnerabilities.  
[ openvas-contest.txt ] 7e7ad7671b776d96a194bfc749f20e2f The OpenVAS Team (Open Vulnerability Assessment System) has started a contest and calls for submission of patches, scripts, converters or anything else that significantly improves the OpenVAS framework and extends Open Source Network Vulnerability Testing.  
[ H2HC-CFP-2008.txt ] 6d9f8171b263a0206de941f3abf26e34 The call for papers is open for the Hackers to Hackers Conference being held in November, 2008. It will take place in Sao Paulo, Brazil.  
[ PR08-20.txt ] 55f98a75179a16092e86c4dbcd9340b2 Microsoft ASP.NET ValidateRequest filters can be bypassed allowing for cross site scripting and HTML injection attacks.  
[ secunia-trendmicro.txt ] b5bcc9775cd18024e81e9933c9fa97da Secunia Research has discovered a vulnerability in certain Trend Micro products, which can be exploited by malicious people to bypass authentication. The vulnerability is caused by insufficient entropy being used to create a random session token for identifying an authenticated manager using the web management console. The entropy in the session token comes solely from the system time when the real manager logs in with a granularity of one second. This can be exploited to impersonate a currently logged on manager by brute forcing the authentication token. Successful exploitation further allows execution of arbitrary code via manipulation of the configuration.  
[ wms-overflow.txt ] 90d989c0208552bc19a8cc29a895d467 Windows Media Services (nskey.dll) on Windows 2000 Server, Advanced Server, and Datacenter Edition all suffer from a stack overflow vulnerability. Using an Active-X control that is safe for scripting/initialize, passing at least 9752 bytes to CallHTMLHelp will overwrite the EIP and remote code execution may be possible.  
[ ieatm4v.c ] 5f3a67a56374c35d6fb9afb38c114d5f Internet Explorer version 6, 7, and 8 m4v file parsing remote zero day exploit.  
[ sapnotsafe.txt ] c739934da289a3ec3d82a4943c1f9729 SAPgui version 6.40 Exec() exploit.  
[ MDVSA-2008-180.txt ] d020ce82b78a55691be3b77a8258749f Mandriva Linux Security Advisory - Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding. The updated packages have been patched to prevent this issue.  
[ MDVSA-2008-179.txt ] 7fa23a387b9a6aa48f33a17134658e9b Mandriva Linux Security Advisory - An input validation flaw was found in X.org's MIT-SHM extension. A client connected to the X.org server could read arbitrary server memory, resulting in the disclosure of sensitive data of other users of the X.org server. Multiple integer overflows were found in X.org's Render extension. A malicious authorized client could exploit these issues to cause a denial of service (crash) or possibly execute arbitrary code with root privileges on the X.org server. The Metisse program is likewise affected by these issues; the updated packages have been patched to prevent them.  
[ MDVSA-2008-178.txt ] f81b67007a37ee028b814f93f17b95cb Mandriva Linux Security Advisory - Alin Rad Pop found an array index vulnerability in the SDP parser of xine-lib. If a user or automated system were tricked into opening a malicious RTSP stream, a remote attacker could possibly execute arbitrary code with the privileges of the user using the program. The ASF demuxer in xine-lib did not properly check the length of ASF headers. If a user was tricked into opening a crafted ASF file, a remote attacker could possibly cause a denial of service or execute arbitrary code with the privileges of the user using the program. The Matroska demuxer in xine-lib did not properly verify frame sizes, which could possibly lead to the execution of arbitrary code if a user opened a crafted ASF file. Luigi Auriemma found multiple integer overflows in xine-lib. If a user was tricked into opening a crafted FLV, MOV, RM, MVE, MKV, or CAK file, a remote attacker could possibly execute arbitrary code with the privileges of the user using the program. Guido Landi found A stack-based buffer overflow in xine-lib that could allow a remote attacker to cause a denial of service (crash) and potentially execute arbitrary code via a long NSF title. The updated packages have been patched to correct this issue.  
[ dsa-1630-1.txt ] 367b80017310ff6cee24b30977a80f99 Debian Security Advisory 1630-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution.  
[ tinycms-lfi.txt ] 0598b8185b84b91e434f2ed18e03dd3a tinyCMS version 1.1.2 suffers from a local file inclusion vulnerability in templater.php.  
[ easysite-lfi.txt ] d78a8ea434b161e2d33d4b43fbfd4b97 EasySite version 2.3 suffers from local file inclusion and arbitrary folder viewing vulnerabilities.  
[ bandsitecms-xss.txt ] 63828352780d59d232deb17c76088e50 BandSite CMS version 1.1.4 suffers from arbitrary database download, cross site scripting, and cross site request forgery vulnerabilities.  
[ glsa-200804-22-03.txt ] ebb72f271795a16c7a89e0cc3a25ae70 Gentoo Linux Security Advisory [UPDATE] GLSA 200804-22:03 - Amit Klein of Trusteer reported that insufficient randomness is used to calculate the TRXID values and the UDP source port numbers (CVE-2008-1637). Thomas Biege of SUSE pointed out that a prior fix to resolve this issue was incomplete, as it did not always enable the stronger random number generator for source port selection (CVE-2008-3217). Versions less than 3.1.6 are affected.  
[ timetrex-xss.txt ] 4166e9c811d2f2a8287e2979d15dbe50 TimeTrex suffers from multiple cross site scripting vulnerabilities.  
[ freebsd-setexec.txt ] aa3b76332db49f1067debd3ecb21121b 56 byte setuid(0); execve(ipf -Fa); FreeBSD/x86 shellcode.  
[ freebsd-reverse.txt ] e7493694f7a1458ba9a1b3cfd1e972d9 89 byte /bin/sh reverse portbind FreeBSD/x86 shellcode.  
[ photocart-sql.txt ] 5a9dbd8e9e47b2a200dc1806ba20dbc8 PhotoCart versions 3.9 and below suffer from multiple remote SQL injection vulnerabilities.  
[ ccms40-sql.txt ] 931257c66ebab0de1e9f1fb22cab0d8b CustomCMS version 4.0 suffers from a remote SQL injection vulnerability in print.php.