Packet Storm new exploits for May, 2006.
37c26d3f5b41141ccb7312fba3ca4fd9gxine - HTTP Plugin Remote Buffer Overflow PoC exploit.
504d9c6d08f024d29eba3e1ad3e04a8fFoing Remote File Inclusion exploit
a1a6b85fface33aba12c6f433593eb07The XSS vulnerabilities reported for UBBThreads 5.x,6.x will allow you to inject javascript and steal MD5 Hashes.
7b8a682ad449ff74b787d53c15f3231cIt is possible to DOS Java Apache Mail Enterprise Server (a.k.a. Apache James) by sending it a long SMTP argument. POC included.
3b16937b13c91271931fbb4c674cd88cSpeedy ASP Forum (profileupdate.asp) User Pass Change Exploit
5e909f7d5a776f0e1b7345535fc4676amy Web Server versions less than 1.0 denial of service exploit.
0dab6b6dd19b0594bf3f6a570cdf38d9Kaspersky antivirus 6 suffers from an error in the POP3 state machine POP3 monitor thus allowing any malicious software on the local computer to bypass the POP3 monitor.
e5dd17cdc394afd4c6b98c13182fa457WordPress versions less than or equal to 2.0.2 'cache' shell injection exploit.
b6dda5f5447988566d4396753bec3891Drupal versions less than or equal to 4.7 attachment mod_mime poc exploit.
c14c68c560eeda956bd59c8cc892cad3phpBazar versions less than or equal to 2.1.0 Remote File Inclusion Exploit.
e2891cd9de0eafd2278bbf0bd1aa5bf4phpFoX could allow a malicious person to log in as any user by editing their cookie.
03bb9735c4b2d18d60f219d1f501b3c0Local DOS exploit for portmap.
8760c07f15308affb930e53f085cc32cThe WebTool service of PunkBuster is vulnerable to a buffer overflow. POC included.
284bbeb329bfd03f9b7c11de0fc64f32It is possible to crash netPanzer v0.8 by sending it a specially crafted packet.
661c3438cd59036726a45bb73c942a1cNucleus CMS versions 3.22 and below arbitrary remote inclusion exploit.
e4a99251c24a10c81dda88a9d0abe698Kaspersky antivirus 6 and Kaspersky internet security 6 suffer from a vulnerability due to HTTP parsing errors in the HTTP monitor that could allow malicious software on the local computer to bypass the HTTP virus monitor.
cfd68147e59e2377729170d2efc90285The default screen saver in Windows XP and Windows 2003 Server runs as a system process. Thus if a malicious person changes logon.scr to cmd.exe or explorer.exe they can take control of the system when the screen saver runs. POC exploit included.
d8f174910431a7908e23d89bd2c0a6b2phpMyDirectory versions 10.4.4 and below are susceptible to multiple remote file inclusion flaws.
ddf52740ccfa9c0613badfb7d550972bRedTeam identified a security flaw in perlpodder versions 0.4 and below which makes it possible for a malicious podcast server to execute arbitrary shell commands on the victim's client.
2ce1556c7e33703d3897b94f9c7ad28cRedTeam identified a security flaw in prodder versions 0.4 and below which makes it possible for a malicious podcast server to execute arbitrary shell commands on the victim's client.
4c214e8d424dc4c7144691cb7239ed0eXOOPS versions 2.0.13.2 and below xoopsOptions[nocommon] exploit.
6cf58227b6752d94bb378d1d44285c83PHP Easy Galerie version 1.1 is susceptible to a remote file inclusion vulnerability.
32d094cd2d199e2f87dc100680630fedCaptivate version 1.0 is susceptible to cross site scripting attacks.
3d5b1333d3e6f405634143a3231ea55fMicrosoft Internet Explorer is susceptible to a denial of service flaw where it crashes upon a mouse click.
d73ba9545fd549291adcda6500fc41c5
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed