Packet Storm's last 20 added files. Last Updated: Tue Jul 1 12:37:50 EDT 2008 [ browser_insecurity_iceberg_2008.pdf ] af684f84277d52eb31988b9ac44515b2 Understanding the Web browser threat: Examination of vulnerable online Web browser populations and the "insecurity iceberg". [ SSRT080039.txt ] eb33bd08e909cb2c55021114df246deb HP Security Bulletin - A potential security vulnerability has been identified with HP System Management Homepage (SMH) for Linux and Windows. This vulnerability could by exploited remotely to allow cross site scripting (XSS). [ 25C3-CFP.txt ] e411b12f5ef8506c1f3aacdb3d43878b The Call For Papers for the 25th Chaos Communication Congress (25C3) has been announced. [ SCANIT-2008-003.txt ] 2dbe63c7f433939569f3b2bbd9396d7d Wordtrans versions 1.1pre15 and below suffer from a remote command execution vulnerability. [ SCANIT-2008-002.txt ] ce70fc05a90c81614cd3c86db797feda Wordtrans versions 1.1pre15 and below suffer from a remote command execution vulnerability. [ SCANIT-2008-001.txt ] 30766d2dfe2702bf77bc2e784af435fd QNX RTOS phgrafx version 6.3.2 and 6.3.0 suffer from a privilege escalation vulnerability. [ usurdat.zip ] 3b8adc5e317fff936cc5da1ecdf951c0 Proof of concept denial of service exploit for SOLDNER - Secret Wars versions 33724 and below which suffer from an endless loop vulnerability. [ usurdat.txt ] f3e825059f7ccedff30e8299e56ab72c SOLDNER - Secret Wars versions 33724 and below suffer from an endless loop vulnerability. [ glsa-200807-02.txt ] 45919da25460de8eeaa81d8449ca136f Gentoo Linux Security Advisory GLSA 200807-02 - Nico Golde reported an off-by-one error within the read_client() function in the webhttpd.c file, leading to a stack-based buffer overflow. Stefan Cornelius (Secunia Research) reported a boundary error within the same function, also leading to a stack-based buffer overflow. Both vulnerabilities require that the HTTP Control interface is enabled. Versions less than 3.2.10.1 are affected. [ glsa-200807-01.txt ] 9754f003ee383327a4cf504dfc48d95e Gentoo Linux Security Advisory GLSA 200807-01 - Multiple integer overflows may allow for Denial of Service. Versions less than 2.4.4-r13 are affected. [ blogparticle-traverse.txt ] b2b27405d6772b357b942e854231542e Blog Particle version 8.0 suffers from directory traversal and database credential disclosure vulnerabilities. [ hbr-rfi.txt ] 059950a053c937cf608ba8fa88fb87c7 HIOX Banner Rotator (HBR) version 1.3 suffers from a remote file inclusion vulnerability. [ 0806-exploits.tgz ] b8541128010b04328070aff54cf865f4 Packet Storm new exploits for June, 2008. [ mambongal-sql.txt ] 518ab12f168cd87e8d1f56f8f07ae494 The Mambo n-gallery component suffers from multiple SQL injection vulnerabilities. [ psys070-sql.txt ] 7753d7d24d70b5cdbe4ff97bd90822cf pSys version 0.7.0 suffers from a remote SQL injection vulnerability in chatbox.php. [ pivot-disclosure.txt ] 3aa95a0656fbb05e1de96366a7bc772d Pivot version 1.40.5 Dreamwind load_template() credential disclosure exploit. [ USN-617-2.txt ] 1a96557d0ecb7fc857c3b1519608d098 Ubuntu Security Notice 617-2 - USN-617-1 fixed vulnerabilities in Samba. The upstream patch introduced a regression where under certain circumstances accessing large files might cause the client to report an invalid packet length error. This update fixes the problem. Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service. Alin Rad Pop of Secunia Research discovered that Samba did not properly perform bounds checking when parsing SMB replies. A remote attacker could send crafted SMB packets and execute arbitrary code. [ rcm-sql.txt ] 4d8731d224689d8375fccf12d82edd5a RCM Revision Web Development suffers from a remote SQL injection vulnerability in products.php. [ barenuked-admin.txt ] 5ec47feac834cbac9413af2b028e7cd6 BareNuked CMS version 1.1.0 arbitrary add administrator exploit. [ faname10-xss.txt ] a91182cee88d64312eaa70e37f746fd7 Fa Name version 1.0 suffers from multiple cross site scripting vulnerabilities.