Packet Storm new exploits for February, 2008.
797e684690090755c7ace511a762d7b0A brief example describing a method of bypassing the Myspace.com Phishing blocker.
133da45353d3874c82a8b990c8daa402Centreon versions 1.4.2.3 and below suffer from multiple remote file disclosure vulnerabilities.
05057677fc0bd2cb16cbe13159b883cdnetOffice Dwins versions 1.3 suffers from remote code execution vulnerabilities.
0b9b3369a59031e6305282004d0246b3PHPMyTourney suffers from a remote file inclusion vulnerability in index.php.
8b6acb62363309113a7a28e2b7fbf163Proof of concept exploit that demonstrates a buffer overflow vulnerability in Ghostscript versions 8.61 and below.
68b371030bdbb5deb3fbdb2b286fa2efSymantec BackupExec Calendar Control (PVCalendar.ocx) buffer overflow exploit. and spawns calc.exe or a shell on tcp/4444.
2c1cff8c354f4a88ca29b3119d31f0a3Koobi CMS versions 4.3.0 through 4.2.3 suffer from a remote SQL injection vulnerability in index.php.
5dec46e2c630f88bfe6fdce9b79e0e8eJuniper Networks Secure Access 2000 versions prior to 5.5R3 are vulnerable to a cross site scripting vulnerability. Full details provided.
152ed43ef865a56f7d6d4d31c80eef6bThe 123 Flash Chat module for phpBB suffers from a remote file inclusion vulnerability.
9d6c7f8df76cf13706d4a3f20938366eCentreon versions 1.4.2.3 and below suffer from a remote file disclosure vulnerability in get_image.php.
b184119ee973ba67d5ea86c8c6bffa6cThe PHP-Nuke module My_eGallery versions 2.7.9 and below suffer from a remote SQL injection vulnerability.
d214880bc233b425e1eaf52aa1d89ed6Barryvan Compo Manager version 0.3 suffers from a remote file inclusion vulnerability.
eb0aff9e45edf06dea75fae13d99264aThe Podcast Generator versions 1.0 BETA 2 and below suffer from remote file inclusion and file disclosure vulnerabilities.
32f783c56777ec7a0df62dfad5879cfdSiteBuilderElite version 1.2 suffers from multiple remote file inclusion vulnerabilities.
a7bd287447a140f9954f160ff51025f7Koobi Pro version 5.7 suffers from a remote SQL injection vulnerability in index.php.
dbf431ffa1e35fc3f37dade6f4419fdcCrysis versions 1.1.1.5879 and below suffer from a remote format string denial of service vulnerability.
62aca6acf2796db98921ea721efa5df2GROUP-E version 1.6.41 suffers from a remote file inclusion vulnerability.
bbffd69ee536b82c53330ea105a20935Core Security Technologies Advisory - The VideoLAN (VLC) media player package is vulnerable to an arbitrary memory corruption vulnerability, which can be exploited by malicious remote attackers to compromise a user's system. VLC versions 0.8.6d and below and Miro Player versions 1.1 and below are vulnerable. Proof of concept code included.
f24730594bd1527fb6468a67590f93bfProof of concept exploits for Trend Micro OfficeScan Corporate Edition versions 8.0 Patch 2 and below and versions 7.3 Patch 3 and below which suffer from buffer overflow and dead process vulnerabilities. To use the exploits, nc SERVER 8080 -v -v here.
7033f1fd4968dd98d7eb37813ca6ad2bThe AuthentiX administration page suffers from cross site scripting vulnerabilities.
ed02c1dde9d866834a78ff9c804d195cEazyPortal versions 1.0 and below cookie-related remote SQL injection exploit.
13e541481db75adc5d988fdfac0c56a7Mambo Simpleboard Forum component version 1.0.3 Stable suffers from a remote SQL injection vulnerability.
9f276da2b96a8c5a6c1318ca0ba8c36dezyEdit 2007 is susceptible to cross site scripting vulnerabilities.
01204d9c5dc6055fd3e58aa9af2f8f1eNukedit version 4.9.x remote create admin SQL injection exploit.
dadf6fde3e0b8263c3eb11bff2af6fb8
© 2011 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed