Packet Storm's last 20 added files.
Last Updated: Tue Dec  2 20:25:31 EST 2008


[ USN-684-1.txt ] a5f773b5f80db981aa46e006a4efa56c Ubuntu Security Notice USN-684-1 - Ilja van Sprundel discovered that ClamAV did not handle recursive JPEG information. If a remote attacker sent a specially crafted JPEG file, ClamAV would crash, leading to a denial of service.  
[ binsh-shellcode.txt ] 5b5c34ec04999bdaed22fee8ccfd02ab 39 bytes of Solaris/x86 shellcode that performs setuid(0), execve(/bin/sh); exit(0). NULL free.  
[ catshadow-shellcode.txt ] 43ac829213d2724175265c403f658d2e 59 bytes of Solaris/x86 shellcode that performs setuid(0), execve(/bin/cat, /etc/shadow), exit(0).  
[ fsharp-reverse.pdf ] 646434fe251aefffc57d98fa5e28037a Whitepaper entitled Reverse Engineering Microsoft F#.  
[ dsa-1677-1.txt ] 628566c9879081d980d24250a10d5438 Debian Security Advisory DSA 1677-1 - An integer overflow has been discovered in the image validation code of cupsys, the Common UNIX Printing System. An attacker could trigger this bug by supplying a malicious graphic that could lead to the execution of arbitrary code.  
[ z1exchange-sqlxss.txt ] 5b390745afcfa0684522b79dcc8767c7 z1exchange suffers from cross site scripting and remote SQL injection vulnerabilities.  
[ cmsmaxsite-exec.txt ] 857d5bb777915d414f761d3dc233247a CMS MAXSITE Guestbook component remote command execution exploit.  
[ ocean12ml-sqlxssdisclose.txt ] d9c88cc756b97b1101d9d10bdb9f2419 Ocean12 Mailing List Manager Gold suffers from a direct database download, remote SQL injection, and cross site scripting vulnerabilities.  
[ orkut-sqlxss.txt ] 23280afa08297ab8d28e3faaeea9a26a The Orkut Clone by i-netsolution suffers from cross site scripting and remote SQL injection vulnerabilities.  
[ rapid-disclose.txt ] 650e59945cc139e5465a4c3450c4fc9c Rapid Classified version 3.1 suffers from a remote database disclosure vulnerability.  
[ jbook-disclosesql.txt ] 513a95c3d30b6df14011a17c3db0a2b5 JBook suffers from a remote SQL injection vulnerability that allows for authentication bypass and also suffers from a direct database download.  
[ PLSA-2008-77.txt ] d508983edcad9ea6b153a3aa8b1a2d83 Pardus Linux Security Advisory 2008-77 - Two vulnerabilities have been fixed in ffmpeg which can cause to a DoS (Denial of Service).Versions below 0.4.9_20080909-48-16 are affected.  
[ sunbyte-sql.txt ] 3675361f3ee42f0ef8fc812564aa04fc SunByte e-Flower suffers from a remote SQL injection vulnerability.  
[ cpanel-bypass.txt ] d533ac6575da815696f196eded00e977 CPanel version 11.x privilege escalation exploit that bypasses mod_security and a php restriction.  
[ glsa-200812-07.txt ] d9317149ec967b95a726d07039d000bd Gentoo Linux Security Advisory GLSA 200812-07 - Multiple vulnerabilities have been discovered in Mantis, the most severe of which leading to the remote execution of arbitrary code. Versions less than 1.1.4-r1 are affected.  
[ glsa-200812-06.txt ] bdeaa23fcd3973885c874f66adb24c75 Gentoo Linux Security Advisory GLSA 200812-06 - Multiple vulnerabilities in libxml2 might lead to execution of arbitrary code or Denial of Service. Versions less than 2.7.2-r1 are affected.  
[ glsa-200812-05.txt ] 00b44c420510e7048d105180e9487573 Gentoo Linux Security Advisory GLSA 200812-05 - A buffer overflow vulnerability in libsamplerate might lead to the execution of arbitrary code. Russell O'Connor reported a buffer overflow in src/src_sinc.c related to low conversion ratios. Versions less than 0.1.4 are affected.  
[ glsa-200812-04.txt ] 6d61a182a5ccda6a91f6ad35af1d56b6 Gentoo Linux Security Advisory GLSA 200812-04 - Multiple vulnerabilities in lighttpd may lead to information disclosure or a Denial of Service. Versions less than 1.4.20 are affected.  
[ glsa-200812-03.txt ] c7fd15138337ac691f218c2ec559e538 Gentoo Linux Security Advisory GLSA 200812-03 - IPsec-Tools' racoon is affected by a remote Denial of Service vulnerability. Versions less than 0.7.1 are affected.  
[ glsa-200812-02.txt ] 7798691cbc8349b986a232c8549f5553 Gentoo Linux Security Advisory GLSA 200812-02 - Two buffer overflows in enscript might lead to the execution of arbitrary code. Two stack-based buffer overflows in the read_special_escape() function in src/psgen.c have been reported. Ulf Harnhammar of Secunia Research discovered a vulnerability related to the setfilename command (CVE-2008-3863), and Kees Cook of Ubuntu discovered a vulnerability related to the font escape sequence (CVE-2008-4306). Versions less than 1.6.4-r4 are affected.