Packet Storm's last 100 added files.
Last Updated: Wed Sep  8 23:33:13 EDT 2010


[ OIG_10-111_Aug10.pdf ] dd4096ea2a734a38f6e979e20eb541ae Office of Inspector General report OIG-10-1111 - DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems.  
[ USN-978-1.txt ] 2d45db4f2a4e1a2ed7f7af3dab4a9117 Ubuntu Security Notice 978-1 - Several dangling pointer vulnerabilities were discovered in Thunderbird. It was discovered that the XPCSafeJSObjectWrapper (SJOW) security wrapper did not always honor the same-origin policy. Matt Haggard discovered that Thunderbird did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Thunderbird processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the 
[ USN-975-1.txt ] 24ce7eef0734edef2ca67538df5ea039 Ubuntu Security Notice 975-1 - Several dangling pointer vulnerabilities were discovered in Firefox. Blake Kaplan and Michal Zalewski discovered several weaknesses in the XPCSafeJSObjectWrapper (SJOW) security wrapper. Matt Haggard discovered that Firefox did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Firefox processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the 
[ USN-985-1.txt ] bb3926c07160a32052adfd01b62c5720 Ubuntu Security Notice 985-1 - Alasdair MacGregor discovered that mountall created a udev rule file with world-writable permissions. A local attacker could exploit this under certain conditions to cause udev to execute arbitrary commands as the root user.  
[ ESA-2010-016.txt ] c01dd22225f6ad7b8e08c3f3829f52db RSA Access Manager Agent version 4.7.1 with RSA Adaptive Authentication Integration contains a potential vulnerability that could be exploited by malicious people to bypass authentication restrictions.  
[ ESA-2010-015.txt ] 0d20584fa2c2e349df2557ee817c7135 A vulnerability exists in EMC Celerra which can be exploited to gain unauthorized access to root NFS export on EMC Celerra NAS. NAS Code versions 5.6.50 and below are affected.  
[ ESA-2010-014.txt ] f8073f09a399af51958b70e95fe5531e RSA Access Manager Server contains a potential vulnerability that could be exploited to bypass certain security restrictions, potentially enabling unauthorized access to protected resources.  
[ dsa-2106-1.txt ] 2b68600653e970188ba3edbc6553146e Debian Linux Security Advisory 2106-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.  
[ fbsdpseudofs-nullpointer.txt ] ae95fee8dbe809a26ee1bc0179eb8bf6 FreeBSD versions 7.0 through 7.2 suffer from a pseudofs NULL pointer dereference vulnerability. Due to a spurious call to pfs_unlock() in pfs_getattr() (as defined in sys/fs/pseudofs/pseudofs_vnops.c), a null pointer is dereferenced after calling extattr_get_attribute() on pseudofs vnode. By allocating a page at address 0x0, an attacker can overwrite an arbitrarily chosen portion of kernel memory, leading to a crash or local root escalation.  
[ cisco-sa-20100908-wlc.txt ] 0c7a12cef77e7d44423ff149e9138987 Cisco Security Advisory - The Cisco Wireless LAN Controller (WLC) product family is affected by two denial of service, three privilege escalation and two access control list vulnerabilities.  
[ HPSBMA02574-SSRT100038.txt ] e24d4c8689985ba2f39360f73a01b522 HP Security Bulletin - A potential security vulnerability has been identified with HP ProLiant G6 Lights-Out 100 Remote Management. This vulnerability could be exploited remotely to create a Denial of Service (DoS) in the Lights-Out 100.  
[ dsa-2105-1.txt ] 82a24be2f5dc1de0acc06988c20d36a2 Debian Linux Security Advisory 2105-1 - Several vulnerabilities have been discovered in the FreeType font library.  
[ etax-sslignore.txt ] b82c928e7eb0c82a63cec05025da3290 ETax 2010 fails to properly verify SSL certificates.  
[ ieee-1394-forensics.pdf ] 6c30525e4592c46d658535b4e6dc37c9 Whitepaper called Memory Forensics over the IEEE 1394 Interface.  
[ DnsSpoofer.zip ] 543e3d741fdc733381f72ce0b0b19d34 DnsFucker is a DNS spoofing tool. It can be used effectively in both packet switched and hubbed networks. Written in Python.  
[ dsa-2098-2.txt ] 44dd729ccaacc13a4abe105424f1b08a Debian Linux Security Advisory 2098-2 - The update for TYPO3 in DSA 2098 introduced a regression which could make the backend functionality unusable. This update corrects the problem.  
[ moaub08-msoffice.pdf ] 99610b1dcc2abcd8868e4dca5513a96a Month Of Abysssec Undisclosed Bugs - Microsoft Office Visio suffers from a DXF file stack based overflow vulnerability.  
[ moaub-msoffice.txt ] 4d5699375ade33244cdbeab5f9ceb0bf Month Of Abysssec Undisclosed Bugs - Microsoft Office Visio suffers from a DXF file stack based overflow vulnerability.  
[ moaub08-sirang.pdf ] 30cbbacf844099f3e395a4e0aba08697 Month Of Abysssec Undisclosed Bugs - Sirang web-based D-Control versions 6.0 and below suffer from remote SQL injection and upload restriction bypass vulnerabilities.  
[ moaub-sirang.txt ] f7e4618f29d3562418a81caf04404d07 Month Of Abysssec Undisclosed Bugs - Sirang web-based D-Control versions 6.0 and below suffer from remote SQL injection and upload restriction bypass vulnerabilities.  
[ adobe_cooltype_sing.rb.txt ] a074bbb270cee3663e6a624314d93a55 This Metasploit module exploits a vulnerability in the Smart INdependent Glyplets (SING) table handling within versions 8.2.4 and 9.3.4 of Adobe Reader. Prior version are assumed to be vulnerable as well.  
[ java_rmi_connection_impl.rb.txt ] 0d92c0d644f75f48c339916b902897e1 This Metasploit module exploits a vulnerability in the Java Runtime Environment that allows to deserialize a MarshalledObject containing a custom classloader under a privileged context. The vulnerability affects version 6 prior to update 19 and version 5 prior to update 23.  
[ fbsdpmap-racecondition.txt ] 1b199d7aac81714fd93982f73df8a96d FreeBSD versions 7.3 and 8.1 suffer from a vm.pmap kernel local race condition denial of service vulnerability.  
[ glsa-201009-06.txt ] 9050994f9a8b868a4287648d56b05c3e Gentoo Linux Security Advisory 201009-6 - Multiple vulnerabilities have been reported in Clam AntiVirus. Versions less than 0.96.1 are affected.  
[ glsa-201009-05.txt ] 22a8bb303056f9b8259dd44dc93c04ca Gentoo Linux Security Advisory 201009-5 - Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. Multiple vulnerabilities were discovered in Adobe Reader. Versions less than 9.3.4 are affected.  
[ glsa-201009-04.txt ] 0c9e6c902658352c0b39c9ef0a1cd261 Gentoo Linux Security Advisory 201009-4 - Multiple stack-based buffer overflow vulnerabilities were discovered in SARG allowing for remote code execution. Multiple vulnerabilities were discovered in SARG. Versions less than 2.2.5-r5 are affected.  
[ ZSL-2010-4963.txt ] bd8b60ce7aee869caedf1e65edad6722 Textpattern CMS version 4.2.0 suffers from a cross site scripting vulnerability.  
[ USN-984-1.txt ] aaa7540a2d3aafe0659f148b8e9a7318 Ubuntu Security Notice 984-1 - It was discovered that LFTP incorrectly filtered filenames suggested by Content-Disposition headers. If a user or automated system were tricked into downloading a file from a malicious site, a remote attacker could create the file with an arbitrary name, such as a dotfile, and possibly run arbitrary code.  
[ USN-983-1.txt ] 208cd1d61b0cdf3a03dd8f94bf34ed01 Ubuntu Security Notice 983-1 - Markus Wuethrich discovered that sudo did not always verify the user when a group was specified in the Runas_Spec. A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use a program as a group when the attacker was not a part of that group.  
[ zenphoto-sqlxss.txt ] c62d335fae653b3b1cfc92f6d46cc010 Zenphoto version 1.3 suffers from remote SQL injection and cross site scripting vulnerabilities.  
[ openjournalsystem-xss.txt ] 4afa498b46d5dd7cabc96aaa6759a8fe OpenJournalSystem suffers from stored cross site scripting vulnerabilities.  
[ fcms-sql.txt ] c74b34bd255d422869a5f2d6edebeadd FCMS version 2.3 suffers from a remote SQL injection vulnerability.  
[ enanocms-sql.txt ] 026ac0b42f48fa241cee526c3d264012 EnanoCMS version 1.1.7pl1 suffers from a remote blind SQL injection vulnerability.  
[ luckysploit-exec.txt ] 85e8c9b4ebc0d14c3a1484e7ae6af22d LuckySploit Exploit Pack suffers from a remote php code execution vulnerability.  
[ chrome-extensiondetection.txt ] a76ba5e7565d1c6c8e2e8342a19d93a1 Google Chrome suffers from an installed extensions arbitrary detection vulnerability.  
[ coldusergroup-sql.txt ] 26ec4853bc4e172c9e51243a3094684a ColdUserGroup version 1.06 suffers from a remote blind SQL injection vulnerability.  
[ coldofficeview-sql.txt ] 780073af3fd813bc529d5992bc99057a ColdOfficeView version 2.04 suffers from a remote blind SQL injection vulnerability.  
[ micronetsoftrvdealer-sql.txt ] 2c630f95283bd4afc14e98614c864b13 Micronetsoft RV Dealer Website suffers from a remote SQL injection vulnerability.  
[ glsa-201009-03.txt ] 29aa52d8f9e48eb6c852449c36c4a725 Gentoo Linux Security Advisory 201009-3 - The secure path feature and group handling in sudo allow local attackers to escalate privileges. Versions less than 1.7.4_p3-r1 are affected.  
[ moaub07-novell.pdf ] ad83723a305777643009329903c4bf71 Month Of Abysssec Undisclosed Bugs - Novell Netware NWFTPD suffers from a RMD/RNFR/DELE argument parsing buffer overflow.  
[ moaub-novell.txt ] 107497b5b5f526f444f848d238fcf04f Month Of Abysssec Undisclosed Bugs - Novell Netware NWFTPD suffers from a RMD/RNFR/DELE argument parsing buffer overflow.  
[ beehiveforum091-xssxsrf.txt ] 4d80db509d414ab31f5b62a6c4d0c304 BeehiveForum version 0.9.1 suffers from cross site request forgery and cross site scripting vulnerabilities.  
[ itsecteam_shell.zip ] b30055c75b8c68a9c8b8f945ee5aad7c This is a backdoor PHP shell from ITSecTeam.  
[ hordeaf-xss.txt ] 4343470c4fb1d99f0abf728d32400857 Horde Application Framework versions 3.3.8 and below suffer from a cross site scripting vulnerability.  
[ netrecon-1.78.tgz ] dcfe141a58babc0277f7d58e4102a934 Netreconn is a collection of network scan/recon tools that are relatively small compared to their larger cousins. These include nstrobe, ipdump, and ndecode. 
[ glsa-201009-02.txt ] e4cc2fa7a55c4835d6565b252f840992 Gentoo Linux Security Advisory 201009-2 - Insecure permission handling in maildrop might allow local attackers to elevate their privileges. Christoph Anton Mitterer reported that maildrop does not properly drop its privileges when run as root. Versions less than 2.4.2 are affected.  
[ dsa-2104-1.txt ] 9a0a71a52f714254cea594f18bf3db98 Debian Linux Security Advisory 2104-1 - Several remote vulnerabilities have been discovered in the BGP implementation of Quagga, a routing daemon.  
[ joomlaaardvertiser-sql.txt ] 9623d1926921a22bdd4e1a2733f0c81e The Joomla Aardvertiser component version 2.1 suffers from a remote blind SQL injection vulnerability.  
[ ZSL-2010-4962.txt ] ee5f8a04648428bcca695ec61209a235 MySource Matrix version 3.28.3 suffers from a cross site scripting vulnerability.  
[ MDVSA-2010-171.txt ] af20b3ba41da2894c48b67a30d4abee2 Mandriva Linux Security Advisory 2010-171 - The cluster logical volume manager daemon in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted control commands. The updated packages have been patched to correct this issue.  
[ aar-corrupt.tgz ] cedd559ed245b48fee63a1d80859c5af Adobe Acrobat Reader suffers from an acroform_PlugInMain memory corruption vulnerability.  
[ micronetsoftrpm-sql.txt ] 2e18669ac571ebfebbb76bb4ce43a28a Micronetsoft Rental Property Management Script suffers from a remote SQL injection vulnerability.  
[ moaub07-dynpage.pdf ] fb0a3bd350f441969999cac7d97406cd Month Of Abysssec Undisclosed Bugs - DynPage versions 1.0 and below suffer from local file disclosure and administrative hash disclosure vulnerabilities.  
[ moaub-dynpage.txt ] 545235179a218479ab3ed14f6424b0c1 Month Of Abysssec Undisclosed Bugs - DynPage versions 1.0 and below suffer from local file disclosure and administrative hash disclosure vulnerabilities.  
[ ida-overflow.txt ] 3307b2771145f0b20ae26e43234e12e0 Internet Download Accelerator version 5.8 remote buffer overflow proof of concept exploit.  
[ dmxreadymam-xss.txt ] 52f522916896b46b03c1e5c574e4936d DMXReady Members Area Manager suffers from a persistent cross site scripting vulnerability.  
[ joomlagantry-sql.txt ] 6716d3ef807efa9fc7a6e51cb5bb8fb3 The Joomla Gantry Framework component version 3.0.10 suffers from a remote blind SQL injection vulnerability.  
[ iexploder-1.7.tgz ] 5c53e50c2c085e605d1fd4086de39612 iExploder is like a fire hydrant full of bad HTML and CSS code to test the stability and security of web browsers. Available as a standalone webserver or CGI script, it continuously feeds browsers bad data in the hope that they will eventually crash. It is designed to run for hours, or even days until the browser crashes. namebench was initially written as a QA tool for the Mozilla Project to test the Firefox 1.0 release, and is now included and used by Apple's Webkit project. 
[ encfs-1.7.2.tgz ] 3a3fef640c7c9f020104304392cd1836 EncFS is an encrypted pass-through filesystem which runs in userspace on Linux (using the FUSE kernel module). Similar in design to CFS and other pass-through filesystems, all data is encrypted and stored in the underlying filesystem. Unlike loopback filesystems, there is no predetermined or pre-allocated filesystem size. 
[ softbizad-sql.txt ] bf911be7783f3d5ae9923c4b7dd27b81 Softbiz Article Directory Script suffers from a remote blind SQL injection vulnerability.  
[ integardhomepro-overflow.rb.txt ] 251a1fa774a8771e7fdd5c688a54d282 This is a Metasploit module that exploits a remote buffer overflow in Integard Home and Pro version 2.  
[ moaub06-hpopenview.pdf ] ef62fc270ef92ac7530fbdd54a5a1149 Month Of Abysssec Undisclosed Bugs - HP OpenView NNM suffers from a remote code execution vulnerability in webappmon.exe.  
[ moaub-hpopenview.txt ] aca36a2983c0d9ef4c12ab0eac55859f Month Of Abysssec Undisclosed Bugs - HP OpenView NNM suffers from a remote code execution vulnerability in webappmon.exe.  
[ moaub06-interphoto.pdf ] d579bf9cb3490ace75b4daee4dab3852 Month Of Abysssec Undisclosed Bugs - InterPhoto Gallery versions 2.4.0 and below suffer from shell upload, cross site request forgery, cross site scripting and disclosure vulnerabilities.  
[ moaub-interphoto.txt ] a6768e07dec4e4fbd8cb30f8d2b5b415 Month Of Abysssec Undisclosed Bugs - InterPhoto Gallery versions 2.4.0 and below suffer from shell upload, cross site request forgery, cross site scripting and disclosure vulnerabilities.  
[ pbania-jit-mitigations2010.pdf ] f8c1bc46124a3121bae8455cacb38bf9 Whitepaper called JIT Spraying and Mitigations.  
[ qqplayer-dos.txt ] 622edb5f4807b6a55eb6c1d45b631e7f QQPlayer version 2.3.696.400p1 suffers from a denial of service vulnerability.  
[ weborf-traversal.txt ] 909b18d30d082337e9cad89f2e46c443 Weborf version 0.12.2 suffers from a directory traversal vulnerability.  
[ coldbookmarks-sql.txt ] e1745a31f8c4a1592e9f460ec06fcee8 ColdBookmarks version 1.22 suffers from a remote SQL injection vulnerability.  
[ coldcalendar-sql.txt ] 0a3a48bfd6efcc474c391dcb4aec94c5 ColdCalendar version 2.06 suffers from a remote SQL injection vulnerability.  
[ javabridge-traversal.txt ] dc4425d3836528cd941f80a63cd6630a Java Bridge version 5.5 suffers from a directory traversal vulnerability.  
[ wordpressem-xss.txt ] 9048cc7d8e4582fdec34f99464b7873b WordPress Events Manager version 3.1.2 suffers from a cross site scripting vulnerability.  
[ dsa-2103-1.txt ] fdd1ba7811a3320b25a58f0d0625b38f Debian Linux Security Advisory 2103-1 - It was discovered that smbind, a PHP-based tool for managing DNS zones for BIND, does not properly validating input. An unauthenticated remote attacker could execute arbitrary SQL commands or gain access to the admin account.  
[ nmap521-dllhijack.txt ] 6a0abee338d060bfdbc13e33e77cea86 Nmap version 5.21 on Microsoft Windows suffers from a DLL hijacking vulnerability.  
[ openca-tools-1.3.0.tar.gz ] 4a4645b52adfa7a70d9a0d0d3b907c86 The OpenCA Project is a collaborative effort to develop a robust, full-featured and Open Source out-of-the-box Certification Authority implementing the most used protocols with full-strength cryptography world-wide. OpenCA is based on many Open-Source Projects. Among the supported software is OpenLDAP, OpenSSL, Apache Project, Apache mod_ssl. 
[ moaub05-ifnuke.pdf ] 6943d1cb01ccd7e9fdd0cfecb14f338a Month Of Abysssec Undisclosed Bugs - IfNuke version 4.0.0 suffers from cross site scripting and shell upload vulnerabilities.  
[ moaub05-msmpeg.pdf ] 95af88928d7a66dff741dfec48764f7f Month Of Abysssec Undisclosed Bugs - Microsoft MPEG Layer-3 remote command execution exploit.  
[ moaub04-moviemaker.pdf ] f03c01da0cf0f0acc53b7eec23aedc8e Month Of Abysssec Undisclosed Bugs - Movie Maker version 2.1 suffers from a remote code execution vulnerability as described in MS10-016.  
[ moaub04-syndeocms.pdf ] c00c7733d3e7980e669831dbfa7c4f7c Month Of Abysssec Undisclosed Bugs - Syndeo CMS version 2.8.02 suffers from cross site request forgery, cross site scripting and local file inclusion vulnerabilities.  
[ malware_check_tool-1.2.zip ] 73c60c1c35d7daa27937e24f114d62f6 Malware Check Tool is a python script that detects malicious files via checking md5 hashes from an offline set or via the virustotal site. It has http proxy support and an update feature. 
[ dmxreadypbm-sql.txt ] f8d76180dbeb82d7f7b4e64c094b96c6 DMXready Polling Booth Manager suffers from a remote SQL injection vulnerability.  
[ pam_shield-0.9.4.tar.gz ] 383b0a10e41b68961c006191839ab92c pam_shield is a PAM module that uses null-routing or iptables to lock out script kiddies that probe your computer for open logins or easy guessable passwords. pam_shield is meant as an aid to protect public computers on the Internet. 
[ hyenae-0.35-2.tar.gz ] ba7d0a20dc3eb4273f0731a64cff4ddb Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks. 
[ joomlaclantools15-sql.txt ] 41d21224b809c6ef60bb03fdc8b3ba1e The Joomla Clantools component version 1.5 suffers from a remote blind SQL injection vulnerability.  
[ joomlascan.tgz ] 29e2aa29b797959e750a368a0b4e85cc Joomla web scanning perl script that gets the version, components and shows possible bugs.  
[ moaub-ifnuke.txt ] 16c29c06e717255e923092501b942006 Month Of Abysssec Undisclosed Bugs - IfNuke version 4.0.0 suffers from cross site scripting and shell upload vulnerabilities.  
[ mblogger-xss.txt ] ac329602f53e933ab8d1c40e1f3484d2 mBlogger version 1.0.04 addcomment.php persistent cross site scripting exploit.  
[ openscap-0.6.2.tar.gz ] 7cf91a6fee29c9a7cb16692f445c16e2 The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, and CVSS. 
[ moaub-syndeocms.txt ] 54f83eeb5c1854d11c75bf95ae648cc2 Month Of Abysssec Undisclosed Bugs - Syndeo CMS version 2.8.02 suffers from cross site request forgery, cross site scripting and local file inclusion vulnerabilities.  
[ joomlaclantools-sql.txt ] 10108ec23e9532b155385672b6d56d98 The Joomla Clantools component version 1.2.3 suffers from blind SQL injection vulnerabilities.  
[ phpclassifiedsads-sql.txt ] fc6a083c7cd75f15b243e9558799bda9 PHP Classifieds ADS suffers from a remote blind SQL injection vulnerability.  
[ fcrackzip-overflow.txt ] 26b980d9def2c7a4eaf5f6c35cd113d8 FCrackZip version 1.0 local buffer overflow proof of concept exploit.  
[ chillycms-sqlxss.txt ] f1ac940d231caa7a1cdc34626cc9b35d chillyCMS version 1.1.3 suffers from cross site scripting and remote SQL injection vulnerabilities.  
[ ijoomlamagazine-rfi.txt ] 58851778f8c52ef5830f8dd795d32c1a iJoomla Magazine version 3.0.1 suffers from a remote file inclusion vulnerability.  
[ armbinsh-shellcode.txt ] 1422b1ff5fbb0a171eb218a1f020a11c 27 bytes small Linux/ARM execve("/bin/sh",[0],[0],[0 vars]) shellcode.  
[ virtualdjtrial-overflow.txt ] 56cbac46362991f3991eb81db0368354 Virtual DJ Trial version 6.1.2 SEH buffer overflow crash proof of concept exploit.  
[ ablog-sql.txt ] 8ce8acb382d24f462f9ac9cb6a12d2c0 A-Blog version 2.0 remote SQL injection exploit that leverages sources/search.php.  
[ phpclassifieds-rfi.txt ] 3065950e5911a08513948845af4b470f PHP Classifieds version 7.3 suffers from a remote file inclusion vulnerability.  
[ vlcmpsmb-overflow.txt ] 763384366ab724939182b58676c235e3 VLC Media Player versions prior to 1.1.4 smb::// URI handling remote stack overflow proof of concept exploit that creates a malicious .xspf file.  
[ moaub-msmpeg.txt ] d4b2242d4267867ef990e47086ff8728 Month Of Abysssec Undisclosed Bugs - Microsoft MPEG Layer-3 remote command execution exploit.