Proof of concept exploit for the recent JPEG buffer overrun vulnerability that crashes any Windows XP system that has not been patched for this flaw.
8235e8220b01d7e3b3bd9bc0d634b7d3fb3d2ba3a9e71573e8a7c873f0e759faA file inclusion vulnerability exists in PerlDesk 1.x due to insufficient input validation.
fccfe2c244da7f27d78bf36a7fbd20b1efa2f98e85943f0f5988d3d6b984d995myServer version 0.7 is susceptible to a simple directory traversal attack.
5e346d4fd84051b1af43543997416ebc071e1b9ab8cae08865414f317085f778BBS E-Market Professional suffers from path disclosure, file download, file disclosure, user authentication bypass, and php source injection vulnerabilities. BBS E-Market patch level bf_130, version 1.3.0, and below is affected.
fe6396baf023202a3aaa5e1cc4406171bca9fd0ede9d8fba31585a999b2ad73agetIntranet 2.x is susceptible to cross site scripting, SQL injection, script insertion, and multiple other attacks.
24961d116c64eacd29bab5fe46c43e7d9edae4eeaf4002d9b25688a62dc7a2dcVarious vulnerabilities exist in Regulus 2.x that allow for an attacker to gain access to sensitive information and to bypass certain security restrictions.
9f15687e204d7d59ed2335586f5bc35eda839d764767eed8ad9ceee0a80e7127getInternet is susceptible to multiple SQL injection attacks and remote command execution. Full exploitation details provided.
53f37b564a27ce9b7efd683eaba2c7f0f85d9708575ff48538a0f640942919f0A vulnerability in Turbo Seek 1.x allows an attacker the ability to access the contents of any file in the file system.
fad5b7e11a59e7a95ea1a03df172d19dd0c7273b055c119e5e06dc2f9135f4e5courier-imap 3.0.2-r1 and below remote format string vulnerability exploit. Tested on FreeBSD 4.10-RELEASE with courier-imap-3.0.2.
6b6fd0cbc65997bc5ba71342249c8d839b98e3f0017bd1622b2c633be2fd18a1Local root exploit for readcd that comes setuid default on some Linux distributions.
ebf6074259a64754f450086d3b5f185f63aadb539439f649e0aa62d989444041The PostNuke Subjects module 2.x is vulnerable to multiple SQL injection attacks. Detailed exploitation provided.
f2e43ce81a4b458af38d2996bd7bac9a704d17169dbb72af1dc7eb272204e227Proof of concept denial of service exploit for Halo: Combat Evolved versions 1.4 and below which suffer from an off-by-one vulnerability.
279e28068546b26d15850b461f9ae8cba371825079e3efe747efcb055aab12fb1n BBS E-Market Professional is susceptible to remote command execution vulnerabilities via remote file inclusion and also has a full path disclosure flaw.
3d4f0cad3bf5909482a41b6cd90458a4c7d884937342ee058bb2ffbf732e9cd2Perl exploit that makes use of a flaw in PHP-Nuke 7.4 where an attacker can post to global home-page messages.
4cc09851766971746c5b08e98353c8b4df3cf74fec7ad589cdc3d141e138eea7A buffer overflow vulnerability in the Trillian basic edition version 0.74i occurs in the MSN module when receiving a string of around 4096 bytes ending with a newline character from an MSN messenger server. This vulnerability is remotely exploitable but requires the use of a man-in-the-middle attack. Full exploit included.
045f8b6357fcbfcb5e4a9b20c60a3c2a36c5c1fdbf410125e1aea34ddaf40e1aLocal root exploit for cdrecord, which fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable.
2871e27ea81a6a71a847badaf4a16cae0b8f374ea8a414b249ac51d9cffa940dBuffer overflow exploit for BlackJumboDog FTP server version 3.6.1 that opens up port 7777 allowing for an executable upload.
d0a6cb671c15fdedc7d54c9417ea2d03b420c6181c6f36fa5782a5866cab377dA vulnerability in Site News 1.1 allows anyone to add or edit messages without having to authenticate as an administrator.
39cea13c47358c2b6933639b7295d599ae3cf5c206e8a98078b149883e80e73cLocal root exploit for an old flaw in cdrdao.
7b62a07fe0891df4fc0e3014cfbdf2c8764003d4f0e5182099154c912221cc2aProof of concept exploit for Call of Duty versions 1.4 and below that makes use of a denial of service vulnerability.
b8ddb5cf9cad3d53397ea5b472ac427b2bf469e3d1f577eed36f7a8721fd2021Private version of the remote exploit for Citadel/UX versions 6.23 and below that makes use of the USER directive overflow. Support for Red Hat 7.1, 7.2, 7.3, SuSE 8.0, Debian, Slackware 8.0, 9.0.0, 9.1.0.
0288e222e92a3ec340ab792060fffc178ba5bce0ce2bdd19260c5dc60893692bOpening up more than 600 connections to Ezmeeting versions 3.4.0 causes the application to crash.
8d02261244cd0b5b551e2dd67611dc663d9b71ffd4e54f331ea6687ebd5f8f5fDynalink RTA 230 ADSL router has a hardcoded backdoor account with root privileges.
7888d29430f1cb91a785acb2c0d4d3ec7cda2bd7ae14e1f533411ae05ccc9153rfdslabs security advisory - QNX PPPoEd is susceptible to multiple local root vulnerabilities. QNX RTP 6.1 is affected.
9ede65eb6707ad4a2815b517a4730417e97987b4d3aa5d8a08f8199ad3e32c5bProof of concept PHP exploit that makes use of a SQL injection vulnerability in TorrentTrader version 1.0 RC2.
9dce80108f836bd4eddb0de491a4df30d5452b7e1a68e5c6138b0452f93c7280
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed