Last 50 Exploits From Packetstormsecurity
nullconGoa2011-CFP.txt
The Call For Papers for nullcon Dwitiya 2.0 is now open. It takes place February 25th through the 26th, 2011 in Goa, India.
amirocmsfaq-xss.txt
Amiro.CMS version 5.8.4.0 suffers from a stored cross site scripting vulnerability.
advanced-xss.pdf
Whitepaper called Advanced XSS. Written in Arabic.
moaub01-cpanel.pdf
Month Of Abysssec Undisclosed Bugs - Cpanel suffers from a PHP restriction bypass vulnerability. Versions 11.25 and below are affected.
moaub01-adobe.pdf
Month Of Abysssec Undisclosed Bugs - Adobe Acrobat Reader and Flash Player suffer from a newclass invalid pointer vulnerability.
MDVSA-2010-168.txt
Mandriva Linux Security Advisory 2010-168 - Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service and possibly execute some sources refer to this as a use-after-free issue. The updated packages have been patched to correct this issue.
ZSL-2010-4961.txt
LEADTOOLS version 16.5.0.2 suffers from buffer overflow, integer overflow and denial of service vulnerabilities related to Active-X Common Dialogs.
cpanelcp-xss.txt
cPanel Customer Portal suffers from a cross site scripting vulnerability.
tftpddesktop-traversal.txt
TFTP Desktop version 2.5 suffers from a directory traversal vulnerability.
tftpdwin-traversal.txt
TFTPDWIN version 0.4.2 suffers from a directory traversal vulnerability.
macosxparental-bypass.txt
The parental controls built into the Mac OS X Mail client can be easily bypassed by anyone who knows the email address of the child and his/her parent.
autodeskmapguide-overflow.txt
Autodesk MapGuide Viewer version 6.5 suffers from an Active-X related overflow vulnerability in MGAXCTRL.DLL.
moaub-adobenewclass.txt
Month Of Abysssec Undisclosed Bugs - Adobe Acrobat Reader and Flash Player suffer from a newclass invalid pointer vulnerability.
moaub-cpanel.txt
Month Of Abysssec Undisclosed Bugs - Cpanel suffers from a PHP restriction bypass vulnerability. Versions 11.25 and below are affected.
phpjokesitesbjoke-sql.txt
PHP Joke Site Software suffers from a remote SQL injection vulnerability.
dompdf-rfi.txt
Dompdf version 0.6.0 Beta 1 suffers from a remote file inclusion vulnerability.
mblogger-sql.txt
mBlogger version 1.0.04 remote SQL injection exploit that leverages viewpost.php.
1008-exploits.tgz
This archive contains all of the 422 exploits added to Packet Storm in August, 2010.
dbpoweramplocal-overflow.txt
dBpowerAMP Audio Player local buffer overflow exploit (EDI overwrite method used).
artgk-xss.txt
ArtGK CMS suffers from cross site scripting vulnerabilities.
rooted2011-cfp.txt
Rooted CON 2011 Call For Papers - Rooted CON is a security congress which will be held in Madrid (Spain) from 3 to 5 March 2011, whose spectrum of participants ranging from students to state forces and secret services, through professionals of the security market, lawyers, or even technology enthusiasts (and others).
rumbacms-xss.txt
Rumba CMS version 2.4 suffers from cross site scripting vulnerabilities.
VMSA-2010-0013.txt
VMware Security Advisory - The service console package cpio is updated to version 2.5-6.RHEL3. The service console package tar is updated to version 1.13.25-16.RHEL3. The service console packages for samba are updated to version samba-3.0.9-1.3E.17vmw, samba-client-3.0.9-1.3E.17vmw and samba-common-3.0.9-1.3E.17vmw. The service console package krb5 is updated to version 1.2.7-72. The service console package perl is updated to version 5.8.0-101.EL3.
gawker-lfi.txt
Gawker suffered from a local file inclusion vulnerability.
MDVSA-2010-167.txt
Mandriva Linux Security Advisory 2010-167 - lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a. character, which allows remote servers to create or overwrite files via a 3xx redirect to a URL with a crafted filename or a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.
Botan-1.8.10.tgz
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
dsa-2101-1.txt
Debian Linux Security Advisory 2101-1 - Several implementation errors in the dissector of the Wireshark network traffic analyzer for the ASN.1 BER protocol and in the SigComp Universal Decompressor Virtual Machine may lead to the execution of arbitrary code.
cartxpress-shelldisclose.txt
CartXpress suffers from backup related, file disclosure and shell upload vulnerabilities.
apphp-xssxsrf.txt
ApPHP suffers from cross site request forgery and cross site scripting vulnerabilities.
keepass-dllhijack.tgz
KeePass Password Safe versions 2.12 and below suffer from a DLL hijacking vulnerability.
wp301-redir.txt
WordPress versions 3.0.1 and below suffer from an URL redirection bug.
HPSBMA02571-SSRT100034.txt
HP Security Bulletin - A potential security vulnerability has been identified with HP Insight Diagnostics Online Edition running on Linux. The vulnerability could be exploited remotely resulting in cross site scripting (XSS).
tortoisesvn-dllhijack.txt
Tortoise SVN version 1.6.10 build 19898 suffers from the Windows DLL hijacking vulnerability.
ZDI-10-168.txt
Zero Day Initiative Advisory 10-168 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the QTPlugin.ocx ActiveX control. The plugin accepts a parameter named _Marshaled_pUnk that it uses as a valid pointer. By specifying invalid values an attacker can force the application to jump to a controlled location in memory. This can be exploited to execute remote code under the context of the user running the web browser.
MDVSA-2010-166.txt
Mandriva Linux Security Advisory 2010-166 - Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; a crafted JPEG file, related to the gdip_load_jpeg_image_internal function in jpegcodec.c; or a crafted BMP file, related to the gdip_read_bmp_image function in bmpcodec.c, leading to heap-based buffer overflows. The updated packages have been patched to correct this issue.
webideas-sql.txt
Web-Ideas Web Shop Standard suffers from a remote SQL injection vulnerability.
ninga.zip
This is a proof of concept, self replicating, social network based malware for NING.
USN-981-1.txt
Ubuntu Security Notice 981-1 - It was discovered that libwww-perl incorrectly filtered filenames suggested by Content-Disposition headers. If a user were tricked into downloading a file from a malicious site, a remote attacker could overwrite hidden files in the user's directory.
joomlajefaqpro-sql.txt
The Joomla JE FAQ component suffers from a remote blind SQL injection vulnerability.
USN-980-1.txt
Ubuntu Security Notice 980-1 - Julius Plenz discovered that bogofilter incorrectly handled certain malformed encodings. By sending a specially crafted email, a remote attacker could exploit this and cause bogofilter to crash, resulting in a denial of service.
voidssh.tar.gz
Void SSH is a python script that performs multithreaded bruteforcing.
joomlapicsell-disclose.txt
The Joomla PicSell component suffers from a file disclosure vulnerability.
HPSBUX02552-SSRT100062.txt
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Software Distributor (sd). The vulnerability could be exploited locally to grant an increase in privilege, or to permit unauthorized access.
dsa-2100-1.txt
Debian Linux Security Advisory 2100-1 - George Guninski discovered a double free in the ECDH code of the OpenSSL crypto library, which may lead to denial of service and potentially the execution of arbitrary code.
MDVSA-2010-165.txt
Mandriva Linux Security Advisory 2010-165 - Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause a denial of service via a string that is inconsistent with the expected number of fields. The updated packages have been patched to correct this issue.
auditx.tgz
AuditX is a shell script that performs initial information gathering for a given target. Can be used prior to a penetration test, etc.
binary-english.pdf
Whitepaper called Binary Modification [Patching Vulnerabilities]. This is the English version.
R7-0036.txt
Rapid7 Security Advisory - FCKEditor contains a file renaming bug that allows remote code execution. Specifically, it is possible to upload ASP code via the ASP.NET connector in FCKEditor. The vulnerability requires that the remote server be running IIS. This vulnerability has been confirmed on FCKEditor 2.5.1 and 2.6.6.
apple_quicktime_marshaled_punk.rb.txt
This Metasploit module exploits a memory trust issue in Apple QuickTime 7.6.7. When processing a specially-crafted HTML page, the QuickTime ActiveX control will treat a supplied parameter as a trusted pointer. It will then use it as a COM-type pUnknown and lead to arbitrary code execution. This exploit utilizes a combination of heap spraying and the QuickTimeAuthoring.qtx module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions. NOTE: The addresses may need to be adjusted for older versions of QuickTime.
appleqtmp-exec.txt
Apple QuickTime suffers from a _Marshaled_pUnk backdoor parameter client-side arbitrary code execution vulnerability.
Add A Comment