Packet Storm new exploits for August, 2008.
8f38f45c056f7264ae9a8c4c4a1ac60bc7067bcec901bc64a5a44de26c5592af
Mimo Multimedia CMS suffers from a remote SQL injection vulnerability.
1b64b54dae39c2061cd22b111b09b5cbc16c2af7e6aae2de35ec7e71f925d2bc
Proof of concept exploit for the local root vulnerability in Postfix. Original discovery by Sebastian Krahmer.
580ca779c583764d2626796399a8efc1b0ac74297cca06444962fc87b5bf3b1e
@mail version 5.42 suffers from multiple cross site scripting vulnerabilities.
a2eb6fa2375a9a5e0ec1b2d3c083525cd6b948e4b266a0d8a48fc42c2ffdd4b7
OpenSharePoint version 0.4.0 RC3 suffers from remote SQL injection, cross site scripting, and cross site request forgery vulnerabilities.
ffa4368c38d195b0e5c5c0cb44e7351cac676530cad030d7dced9b5a52df9c13
Open Media Collectors Database version 1.0.6 suffers from cross site scripting and cross site request forgery vulnerabilities.
dfd35a3d6068b0d371ba5e3422bef5afdb004d9e03f95c0561cd5d5f0cbb533d
WeBid version 0.5.4 suffers from SQL injection and cascading style sheet editing vulnerabilities.
c509f28733f49513f619cff8ac7666465089bd0ede7ba09888092b812fc1caf0
myPHPNuke versions below 1.8.8_8rc2 suffer from cross site scripting and remote SQL injection vulnerabilities.
6c5f703ade4a9181885f325285a52583e0264ee23fc243eaddc89611b80da2f9
Words Tag Script version 1.2 suffers from a SQL injection vulnerability.
0d4ecda5f70787c95462b7684726f494e3eefd0e7dee3542540f32679aecf04c
Web Directory Script version 1.5.3 suffers from a SQL injection vulnerability.
60aedfa0337a6e63a8fdd194f1d598e3686feba090f6de0fd5f862f9cdc3bff5
Brim version 2.0.0 suffers from remote SQL injection and cross site scripting vulnerabilities.
57602c0fe7ee63cf55d219a49ade5eda4439275c7434fe814143a1b65ece45d0
Friendly Technologies read/write register/read files exploit.
9b8b1f6f5acfe1dc0da28e3ccafeb08fea80102ed603096f52f4c1f9a5d6e2fe
Full PHP Emlak Script suffers from a remote SQL injection vulnerability in landsee.php.
f4968c6b56d104c765733c5faf2219cf134b9b74903857fe4c2b0f03acd80198
LogMeIn remote access utility Active-X memory consumption denial of service exploit.
b9e39f98515adef80631fb01feadece13b9cbbe60fe4aa1703cfff921eabe808
Najdi.si Toolbar Active-X remote buffer overflow proof of concept exploit.
3899e619ee304913fc06cfbe1291b6a323d591ea4a1aa9a662fccef3f676a068
Invision Power Board versions 2.3.5 and below remote exploit that brute forces, attempts IDS evasion, and more.
7779c993b7397aaec65eef50dc7ff88cbb5936a2ae85c14d56352edc8fc4a524
Sun Solaris 8/9/10 and OpenSolaris versions below snv_96 snoop utility remote exploit.
35e45fd192fe8d93b73a8b63f302b1e8583257b9ea95ef03be4093ea08ebd7e9
dotProject version 2.1.2 suffers from cross site scripting and SQL injection vulnerabilities.
c2506e01037c9e81b5e703b788820b64c68d357035112d587f80012a70e76508
Mercadolibre.com suffers from cross site scripting and remote javascript insertion vulnerabilities.
e5d66c658f2078cfc30d24d389e3fc9a796a985b1977213ed9c47555dcdda4f0
Friendly Technologies Active-X related remote command execution exploit that leverages fwRemoteCfg.dll.
cf791a62866e8c13b0bb4170fecbd62a11c9aa209334d2a4bd08c4ac0092e078
Friendly Technologies Active-X remote buffer overflow exploit that leverages fwRemoteCfg.dll.
36eddcbf66c4d13623f2f168843ec44c7ed28ea5b3f30556054af77b456fb53d
Acoustica Mixcraft versions 4.2 Build 98 and below mx4 file local buffer overflow exploit.
43b6c437b76203c406a76bf1208c80f1560e902d45286eea3f3997178aafd87f
Kyocera Command Center suffers from a directory traversal vulnerability.
42d830ef4de171b4deadad97f60d6a5e5ada87a058d0dfdd45dcec7b6995b466
Search Engine suffers from a remote SQL injection vulnerability in viewcat.php.
7d367886141ab88ad0e6e88e78d2f987a94456e00aeeffc72616569f158aa711
iG Shop suffers from a remote SQL injection vulnerability in display_review.php.
a948c300ff2259ebaba25ed1d03cd17f1dacdaf36d3d6508ed71cc5a7b986bd6