Packet Storm new exploits for July, 2006.
bff7453aa11eda4ecfb0e822aeccd7d8The mambatstaff Mambo component is susceptible to a remote file inclusion flaw.
eb53c4c71ee2ffacbad940ad687f437aColophon versions 1.2 and below suffer from a remote file inclusion vulnerability.
96deb470d0aaf6deb2b335336276253eCoppermine Photo Gallery version 1.2.2b-Nuke suffers from remote file inclusion vulnerabilities.
8fe9b4110d65a2d11c2046ca6c29b897Mambo Gallery Manager version 095.r3 suffers from remote file inclusion vulnerabilities.
68a093279c55204c8bad157f45cf0f49Gidplus.dll division by 0 proof of concept exploit.
49da58624b1e2f6dd3e7adaf58bd50a4Exploit for Mozilla Firefox versions 1.5.0.4 and below. The demonstration exploit below will attempt to launch "calc.exe" on Windows systems, execute "touch /tmp/METASPLOIT" on Linux systems, and bind a command shell to port 4444 for Mac OS X Intel and PowerPC systems. An anonymous researcher for TippingPoint and the Zero Day Initiative showed that when used in a web page Java would reference properties of the window.navigator object as it started up. If the page replaced the navigator object before starting Java then the browser would crash in a way that could be exploited to run native code supplied by the attacker.
99310b4fff62cfdeb795aeed9747822cDr.Jr7 Gallery version 3.2 RC1 suffers from a remote file inclusion flaw.
54038ad3e8cde6c1d18cda0a99ca6380Portail PHP version 1.7 suffers from a remote file inclusion vulnerability.
463d0558974d2fe9a1c1a1a4d6fbce19Guestbook Mambo Module versions 1.3.0 and below suffer from a remote file inclusion vulnerability.
38c3ee0c0b9298fa22d43844ce3cac76PHP-Nuke INP is susceptible to cross site scripting.
06c268ec3435fa26130c0dc520fc8bbePrinceClan Chess Mambo Com versions 0.8 and below suffer from a remote file inclusion flaw.
ad0f4e40857b67ad87c1333fe88ee03eJD-WordPress suffers from a remote file inclusion vulnerability.
2a3881b018346243e5e0cacf383d40fcHeartbeat versions below 2.0.6 insecure shared memory local denial of service exploit.
cc0cb06c57f9ec4230223cd6444e5749Phorum version 5.1.14 is susceptible to cross site scripting and local file inclusion attacks.
0f036b3d8f0e0a5f4189fa5fcab6e25aGeoClassifieds Enterprise version 2.0.5.2 is susceptible to cross site scripting attacks.
6997c8ee618d65a8c3f8ae8e74e54625Remote exploit for the Syslog server by eIQnetworks that has a vulnerability when processing long strings transmitted to its TCP port.
653a1bb8051ce1b14857399b0dbbb5bdRemote exploit for the buffer overflow found in the LICMGR_ADDLICENSE Field of EIQ networks network analyzer.
b8686bb21a24ef8b23d48ea2992c0d2aThis Metasploit module exploits the buffer overflow found in the LICMGR_ADDLICENSE Field of EIQ networks network analyzer. This module exploits buffers of 1262 bytes in size. This module should work on all rebranded eiq analyzers. Exploitation assistance from KF of digital munition.
ddeca744de09b27c3a7b8b0c0df91427This Metasploit module exploits the buffer overflow found in the LICMGR_ADDLICENSE Field of EIQ networks network analyzer. This module exploits buffers of 494 bytes in size. This module should work on all EIQ branded analyzers. Exploitation assistance from KF.
322367dffe353d69a331c65b0223c358Etomite CMS versions 0.6.1 and below 'username' SQL injection and administrative credential disclosure exploit.
f18fa61d46a419eabaf89101a6f58998WMNews suffers from a remote file inclusion vulnerability.
ddec6d0e66dbfc93460fc917d7bba4d1A remote file inclusion flaw exists in the a6mambohelpdesk Mambo component versions 18RC1 and below.
72708f25a7e6eaa6cfde4713af84f565Triton version 1.0.4 remote exploit for the sipxtapi vulnerability.
c58da24cf8218d09d5499f3d36f0a635MttKe-php version 2.6 suffers from a cross site scripting flaw.
10f41cd62485da1e8e9adb8f4ee7430f
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed