Packet Storm new exploits for February, 2005.
ab1eb6fa04a25b510796e7b6bf18ac72BadBlue webserver version 2.55 remote buffer overflow exploit. Tested under Windows 2000 Professional SP3/SP4 Spanish, Windows 2000 Server SP4 Spanish, and Windows XP SP1 Spanish.
5529b72cb5a1e55ee5a545eee55e8adcBadBlue webserver version 2.5 is susceptible to a remote buffer overflow vulnerability that allows for code execution. Full exploit provided.
b199afc5574630ee6ece67c8d1c7d8afKnet versions 1.04c and below are susceptible to a remote buffer overflow vulnerability that allows for execution of code. Exploit provided.
c9d2eb21aeeefd9b8a87f0393fc2cb12CIS WebServer version 3.5.13 is susceptible to a classic directory traversal attack.
8ddb6a4d31dd61f9b9a44f94d44f79faImproper handling of several arguments in the moderate.php code in punbb version 1.2.1 allows a malicious moderator to inject arbitrary SQL statements.
0fa245da1da2ee450650915c291a331aDue to a flaw in punbb version 1.2.1, a remote attacker without an account can set the password of any user on the system to NULL, effectively shutting them out of the system.
2fca37c706129ea7a3acd4dc2f838553A remote attacker can cause register.php punbb version 1.2.1 to execute arbitrary SQL statements by supplying malicious values to the language or email parameters.
49e3dec810dbe71cfb281699c1269f7dProof of concept exploit for a denial of service flaw in Soldier of Fortune II versions 1.03 and below.
6b5ce84269c5f3dbf5a53e46c70a1a33phpMyAdmin versions 2.6.1 and below suffer from remote file inclusion and cross site scripting flaws. Detailed exploitation given.
943aaf73594eaf3a6329bd1ea8d69e72The Cyclades AlterPath Manager (APM) Console Server has design flaws that expose restricted consoles to unauthorized APM users, allow any APM user to obtain administrative privileges, and provide detailed system information to unauthorized users.
b05be9d4fc5d8ff1dadf3875d69ea0d1wu-ftpd versions 2.6.2 and below file globbing denial of service exploit.
2e6a392d582fec375515b21f8f5022e2Remote pluginmode command execution exploit for AWStats versions 5.7 through 6.2.
a3c1e41a10460242dd78ea43169acc88Avaya IP Office Phone Manager exploit that attempts to extract sensitive data from the Windows registry.
9666749b62f499e1f04e9084c391876bWebConnect remote exploit that makes use of a directory traversal vulnerability in versions 6.4.4 and 6.5.
87be5ea960b62e6bab82d1a72e4b7e5aWWW File Share Pro version 2.72 local exploit that discloses passwords.
1396bc6f92f6f687ac3638bf0c5582f4Chat Anywhere version 2.72a local exploit that discloses passwords.
32c7f73afcc0918d6935521ae88004e7SendLink version 1.5 local exploit that discloses passwords.
e05fe5a6f04ba21b132754cbb67c2d51eXeem version 0.21 local exploit that discloses passwords for proxy settings.
1f56bd8c9fa4abdd53b03dc6288c2435Multiple information disclosure and possible SQL injection vulnerabilities have been discovered in iGeneric eShop 1.2.
a90af00737204235c158c89d0979957dSD Server versions 4.0.70 and below suffer from a classic directory traversal flaw.
edd39b6f6ccf627ba499afd72b2bbdecBontago versions 1.1 and below remote exploit that makes use of a buffer overflow when a nickname longer than 512 bytes is sent.
fc1431f7ae6fa0b788010eb29472e4f7Xinkaa WEB Station versions 1.0.3 and below suffer from a classic directory traversal flaw.
28039f57e1c23f2f1fccb9ab33b8e28dpaNews version 2.0b4 is susceptible to remote php code injection.
0768931e700ec992ba71b15aa8732b4aUsing magic DNS, the domain name in the Internet Explorer titlebar can be exploited to trick users into visiting a malicious pop-up window. The weakness has been confirmed in version 6.0 on a fully patched system running Windows XP with SP2 installed.
d469b06a4e4051d3981c2a3efdaad2f6
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed