Packet Storm new exploits for January, 2006.
021993e8e959d231836792fa8c61c789Winamp versions 5.12 and below remote buffer overflow universal exploit that makes use of the PLS file handing buffer overflow flaw.
dbc47c8a4f8105ead181869a3cab0c13Cisco Aironet wireless access point ARP replies remote denial of service exploit. Takes advantage of the flaw originally discovered by Eric Smith.
629b072695b012fb13d8be7b7386d0aaThe file hosting company rapidshare.de suffers from cross site scripting vulnerabilities.
92c1fdd496535dea73b1f57848c4bab3VP-ASP Shopping Cart version 5.50 is susceptible to SQL injection attacks.
f7775e5cbc389819c373c3ac3508f55fASPThai Forums version 8.0 and below suffer from a SQL injection vulnerability.
e8f7c37fa0929da667774c0643413fd7Oracle 10g Release 1 exploit for the GENERATESCHEMA buffer overflow with shellcode that creates a file named Unbreakable.txt.
58e81ef8d8f5dcde7c2a0fbf81cefc47Windows DOS emulation allows dumping of the first 1 Mo of RAM with no particular privileges needed. asm code that demonstrates this is included.
1ff8a5eb6ca89e1f9f4d6b4f5253478dmIRC /font exploit that spawns a cmd.exe.
cc354422b0b369da3ea499ad5264febeThe WorldsEnd.NET Free Ping script is susceptible to a restriction bypass condition.
e384226759c240ec8c678aa282f1d49dPixelpost version 1.4.3 is susceptible to cross site scripting attacks.
04ad864d958b3c22eb2c159e70813772Azbb versions 1.1.00 and below suffer from cross site scripting vulnerabilities. NASL plugin to test for this included.
c73436eb82588baf20ab5c34d114e159Eterm LibAST exploit for Ubuntu. Yields utmp GID.
571f6213c9d31ebb23dbc929ba9f1c3cVis.pl is a perl script which manages files as part of e-cms. It suffers from a directory transversal vulnerability.
f835573c3d690ce10f395098c3e0078eMyBB v1.0.2 updated suffers from XSS via search.php
d29a2eb7c73d6da7c970cb840531dff3CheesyBlog v1.0 suffers from XSS POC included.
4c99966395f822899bd2f9a275d6582eSami FTP 2.0.1 Stack based buffer overflow exploit.
b8ed1cdae3ae234a78dee05ec76d2eb9MYBB 1.x does not properly sanitize user supplied input leading to a XSS vulnerability.
d64d3cd4e2838d832b42972566e22d20A vulnerability in BitComet allows remote attackers to construct a special .torrent file and put it on any BitTorrent publishing web site. When a user downloads the .torrent file and clicks on publishers name, BitComet will crash. An attacker can run arbitrary code on victims' host by specially crafted .torrent file.
14470abea96e7bf3ad397bff3fa16165CheesyBlog v1.0 does not properly sanitize user input leading to script injection bugs in archive.php
4aef61c6c3b655a60ee98ff2e932e064ExpressionEngine 1.4.1 does not sanatize the HTTP_REFERER variable. This can be used to post HTTP query with fake Referrer value which may contain arbitrary html or script code. This code will be executed when administrator(or any user) will open Referrer Statistics.
de8a40d525006723af46d5ab925d4febHYSA-2006-002 h4cky0u.org Advisory 011 - Phpclanwebsite 1.23.1 Multiple Vulnerabilities
d7c03e183639aea5f891076876d4b1eaHYSA-2006-001 h4cky0u.org Advisory 010 - phpBB 2.0.19 search.php and profile.php DOS Vulnerability
527fddee8232f657ffeeb1fe2176efe4Note-A-Day v2.1 does not password protect a sensitive directory leading to information disclosure.
3f8f22100fbc3881340d9456cd079c0de-moBLOG v1.3 suffers from SQL injection bugs leading to login bypass and information disclosure.
8f48cc7e8eac77c7787a18ddd91fa98f
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed