Packet Storm's last 50 added files. Last Updated: Mon Oct 6 22:31:24 EDT 2008 [ sacphp.txt ] 8db5ac674c4dd4e2e29dce7d9fe40bbc Yerba SACphp versions 6.3 and below local file inclusion exploit. [ apple-store.txt ] d4bd986357144dbbc77a2f924357767a Apple's Mail.app does not store S/MIME encrypted emails securely in the Drafts directory on server. Version 3.5 is affected. [ cmme-disclose.txt ] c0dd8f01bef55cc5449f3f93bcf549df CMME versions 1.19 and below suffer from multiple information disclosure vulnerabilities. [ dsa-1645-1.txt ] e8d344c305809ff14e11e18fcae68145 Debian Security Advisory 1645-1 - Several local/remote vulnerabilities have been discovered in lighttpd, a fast webserver with minimal memory footprint. [ dsa-1644-1.txt ] 63d8bdd15952341d8b15445ba1e16b00 Debian Security Advisory 1644-1 - Felipe Andres Manzano discovered that mplayer, a multimedia player, is vulnerable to several integer overflows in the Real video stream demuxing code. These flaws could allow an attacker to cause a denial of service (a crash) or potentially the execution of arbitrary code by supplying a maliciously crafted video file. [ dsa-1643-1.txt ] 5117ac099afbaf76d8ba3f92087f33f1 Debian Security Advisory 1643-1 - Dmitry E. Oboukhov discovered that the "to-upgrade" plugin of Feta, a simpler interface to APT, dpkg, and other Debian package tools creates temporary files insecurely, which may lead to local denial of service through symlink attacks. [ phpfusiontris-sql.txt ] 7179eea011d2ebd20c445bbe54280ce2 The triscoop_race_system module form PHP-Fusion is susceptible to a remote SQL injection vulnerability. [ phpfusionrecept-sql.txt ] 1ca6370bfdea447bdf7ce773c9b41698 The recept module form PHP-Fusion is susceptible to a remote SQL injection vulnerability. [ phpfusionraid-sql.txt ] e2530db8784d7c1a148a9c422f872e26 The raidtracker_panel module form PHP-Fusion is susceptible to a remote SQL injection vulnerability. [ phpfusionmanuals-sql.txt ] 9a38b0c25d95dfdcf7fd9ccd1f8b6967 The manuals module form PHP-Fusion is susceptible to a remote SQL injection vulnerability. [ antenna-sql.txt ] df3913ee28981d01e69556c4195315f8 It seems like some PHP code provided by Leicester Internet Services Antenna Web Services suffers from remote SQL injection vulnerabilities. [ timbuktu-pwn.txt ] cc21e159c048321b9694b8bec0e1dde3 The Motorola/Netopia Timbuktu Remote Control Software suffers from a flaw in the Internet Locator service that allows anyone to find someone by just knowing their email address. [ geccbblite-sql.txt ] 15e104653b65a55669de18efc86cf04f geccBBlite version 2.0 remote SQL injection exploit that uses leggi.php. [ fastpublish-lfisql.txt ] 4c085d1ed3b6598c0560c11e8f53fa0e Fastpublish CMS version 1.9999 suffers from local file inclusion and SQL injection vulnerabilities. [ phpabook-lfi.txt ] be30d14264af177d9ba31fcfcc2068b6 phpAbook versions 0.8.8b suffers from a local file inclusion vulnerability by leveraging the cookie. [ asicms-rfi.txt ] 04ab4e817896f65cb139ba610886aad9 asiCMS alpha version 0.208 suffers from multiple remote file inclusion vulnerabilities. [ fossgp-upload.txt ] 2ec20d3c6b1d886410240d10ae079dad FOSS Gallery Public versions 1.0 and below suffer from an arbitrary file upload vulnerability. [ bluecoat-bypass.txt ] ec3ac699e04fa37600344d8d751904f7 Blue Coat K9 Web Protection version 4.0.230 Beta suffers from multiple administrative bypass vulnerabilities due to controlling access via javascript. [ opennms-xss.txt ] 85d4f502a9d57fbea2d2560efa484e0c OpenNMS version 1.5.93-1 suffers from HTTP response splitting and cross site scripting vulnerabilities. [ targeting-voip.pdf ] 6cf443937c55a3febd2aff3bf63c18ac Whitepaper discussing methodologies and logistics to targeting Voice Over IP (VoIP) networks. [ oracle-assault.pdf ] f9ab79eb4c9cf9a20d44e368ed1ae970 This paper discusses injection into Oracle PL/SQL databases objects. [ ifoto-disclose.txt ] ebc6d785d4aa55f8ce0b8eeaa157b5c5 iFoto Photo Gallery versions 1.0 and below suffer from a remote file disclosure vulnerability. [ phpwebexplorer-lfi.txt ] 94d1426e25f049cc9ded68dfcde253e3 PHPWebExplorer versions 0.09b and below suffer from a local file inclusion vulnerability. [ interdynamic-sql.txt ] 4bb6a6ca0c622dfbeb7c51e237960609 InterDynamic SA web sites suffer from a remote SQL injection vulnerability. [ verisign-xss.txt ] fdf83b16ce4c0daac617a79a916defb8 The VeriSign Kontiki Delivery Management System (DMS) versions 5.0 and below suffer from a cross site scripting vulnerability. [ jmweb-lfi.txt ] 557b7075fe29e066530bf30867bd487f JMweb MP3 suffers from multiple local file inclusion vulnerabilities. [ galerie-blindsql.txt ] 6bb25649afeae3053f5f01dacb5e6a2b Galerie version 3.2 WBB Lite add-on blind SQL injection exploit. [ foss10-upload.txt ] 6ebe2e70a4c2c1ed6cec4d3b138f46df FOSS Gallery Admin versions 1.0 and below remote arbitrary upload exploit. [ foss-upload.txt ] f7519898cd134f8e682f0472387fd85f FOSS Gallery Public versions 1.0 and below arbitrary upload / information c99 exploit. [ ppim-lfi.txt ] 2fa88e21871a87656df0cfca9ebc4ee9 pPIM version 1.01 suffers from a local file inclusion vulnerability in notes.php. [ kwalbum-upload.txt ] f1ee2eff2f7c14874f79fb53b7ec552a Kwalbum versions 2.0.2 and below suffer from an arbitrary file upload vulnerability. [ ccms-lfi.txt ] a4ee55f68d1cc3e1edfd1c6f1fe5ab20 CCMS version 3.1 suffers from multiple local file inclusion vulnerabilities. [ vmware-emulation.txt ] 9d308b99f74f10aaccfde19943b9cbc4 By exploiting the VMware flaw described in this document, user-mode code executing in a virtual machine may gain kernel privileges within the virtual machine, dependent upon the guest operating system. The flaw has been proven exploitable on x64 versions of Windows, and it has produced potentially exploitable crashes on x64 versions of *BSD. The Linux kernel does not allow exploitation of the flaws on x64 versions of Linux. [ VMSA-2008-0016.txt ] 6d2cadbdc3aa8d8b14781c8f7a10e20e VMware Security Advisory - VMware addresses an in-guest privilege escalation on 64-bit guest operating systems in ESX, ESXi, and previously released versions of our hosted product line. Updated VMware VirtualCenter Update 3 addresses potential information disclosure and updates Java JRE packages. [ MDVSA-2008-210.txt ] 68b4e4fdd62c729cba03aa357003d366 Mandriva Linux Security Advisory - CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string. The updated packages have been patched to fix the issue. [ MDVSA-2008-209.txt ] 6c8c02e04058c8e9e9b7b397c121754e Mandriva Linux Security Advisory - Stéphane Bertin discovered a flaw in the pam_krb5 existing_ticket configuration option where, if enabled and using an existing credential cache, it was possible for a local user to gain elevated privileges by using a different, local user's credential cache. The updated packages have been patched to prevent this issue. [ ayeview220-dos.txt ] 22ec90cad8f01e0710dcaae91b295b27 AyeView version 2.20 malformed GIF image denial of service exploit. [ faststone-dos.txt ] adac5794f150c02f3b3dd8896007bd91 FastStone Image Viewer version 3.6 malformed BMP image denial of service exploit. [ ayeview-dos.txt ] 8e14eff221ce5dc0da7b21679822fea7 AyeView version 2.20 invalid bitmap header parsing denial of service exploit. [ vista-access.txt ] 68e64c685219c6145071f4a9faebb354 Microsoft Windows Vista access violation from limited account denial of service blue screen of death exploit. [ hammer-traversal.txt ] e7eacd600ee59a1dce5ab3cccd014630 Hammer Software MetaGauge version 1.0.0.17 suffers from a directory traversal vulnerability. [ mirc634-overflow.txt ] 4e0f112638c474ea9793b70bea109bed MIRC version 6.34 remote buffer overflow exploit that spawns calc.exe. [ ampjuke-sql.txt ] c3cf01381849c364e5d91e4b45ee345d AmpJuke version 0.7.5 suffers from a remote SQL injection vulnerability in index.php. [ ShellCodeForBeginners.pdf ] 07361f6aebc463b21728882f5c3c50d4 ShellCode For Beginners - A short whitepaper discussing what defines shellcode and simple fundamentals surrounding its use. [ secunia-trendtraverse.txt ] cd3bd7717ea3e9d76584427b2039083a Secunia Research has discovered a vulnerability in Trend Micro OfficeScan, which can be exploited by malicious people to gain knowledge of sensitive information. The vulnerability is caused by an input validation error in TmListen.exe when a client is configured to be an update agent. This can be exploited to retrieve arbitrary files from the system via directory traversal attacks. Affected is Trend Micro OfficeScan 7.3 patch 4 build 1367. [ vba32-poc.tgz ] d59ccdb754ec13657e227efe39bb89a1 VBA32 Personal Antivirus version 3.12.8.x suffers from a malformed archive denial of service vulnerability. Proof of concept exploit enclosed. [ Gdi.tgz ] 05232665cf0225ea433977e7c5d0744e This archive contains two EMR_COLORMATCHTOTARGETW related stack buffer overflow exploits. calc.zip executes calc.exe and IE.zip and localhost.zip connect back to port 230. [ opennhrp-0.8.tar.bz2 ] 5e671a243981b41f47838e7be02690de OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible. [ servu72-upload.txt ] 9d56ebbb5d60ff809c562ed83d970868 Serv-U version 7.2.0.1 suffers from a remote FTP file replacement vulnerability. [ servu72-dos.txt ] 3a4a7dc94a88ddaf8bc332a3c8dbc1f2 Serv-U version 7.2.0.1 suffers from a remote denial of service vulnerability.