Packet Storm new exploits for November, 2004.
21544ae105ed5cb283e29d421cc87574a1d6adaccea11dc9f8f02d99c852662d
Remote denial of service exploit for Jana server 2 versions 2.4.4 and below.
a53eb7696fdc2332399b894e113d5bfe7a6f8f00ef949e0c5bdba3fc6cffd92f
Universal remote exploit for the buffer overflow vulnerability in Mercury Mail 4.01 (Pegasus) IMAP server.
1992e2ec6ee91bec2e209f5d8942e15e93e225cd81bc0a56fc5540e11094d323
Mercury Mail 4.01 (Pegasus) IMAP remote buffer overflow exploit.
63374e92c80843538c8627f6b67f409bd9fb8bb850b2462fd9da4c9129f882a2
Remote proof of concept exploit for Orbz versions 2.10 and below which suffer from a buffer overflow in the password field of the join packet.
b7866a8811b382a054ae7fb62572e6e373eb33af3e44cfec542ed5f71f5dca85
Remote exploit for IPSwitch WS_FTP version 5.03 that binds a shell to port 4444.
0e9f16d2eb219cb6649d8a93058aceadd447cca259e088bba13b7e2bcf6a5f46
A local privilege escalation vulnerability exists with MDaemon 7.2 that allows a user to gain SYSTEM level access.
0bf2ceef32fcac791004f42845f98912b0a3b6b0da97801fcebb9b6068efaee7
Remote denial of service exploit for games using the Serious engine. Generates UDP packets that have fake players enter a room. The system fails to limit the amount of users that can enter.
73f4dcb9226f5e9726827b4fbf00a53e50c64b329583482853dbd42a63d49d11
Simple remote exploit for the SQL injection vulnerability discovered in PHPNews.
c5de8860494ec9c6c1f6fd843c7a558b1fee55f076ab1a36f0363084f66befb4
phpBB versions below 2.0.11 suffer from addition SQL injection and directory traversal flaws.
4d879cc6423df932290b6e1b7d9182c499c15eaf7502b726946c2a1b29356b16
PnTresMailer code browser version 6.03 is susceptible to path disclosure and directory traversal attacks.
0a17793363214eba0be0a9ddbc2c21299703b7751b93939842febb4de75a715c
MailEnable Professional Edition version 1.52 and MailEnable Enterprise Edition version 1.01 both suffer from a remote buffer overflow in their IMAP service. Full exploit included.
32c6ae1f1b84066439bf30e3587f50ec5f207c7c74e794bbd4f1278e559265ab
Exploit that makes use of the PHP memory limit vulnerability discovered in July of 2004.
2c97cd1c958eda9cb6b3a5a97720fabb55603f0d0d23e1c106b84fb552ebbcfa
EZshopper is susceptible to a directory traversal attack. Exploitation included.
cbdb0c2b9acdabdbc38e91ad21b569d3defbbf86aa3ad3d5253a0b43f04f7d69
Exploit for the Atari800 atari emulator. Allows for local privilege escalation to root six different ways.
760cd8cf8696f135ffda0b2089c0d717801c12d775ac0adf04bfd86a5a846d7a
Remote test exploit for Star Wars Battlefront versions 1.11 and below that checks for buffer overflow and memory access flaws.
98ba6099180ba4bd950aa9286836fab845e0408239a0283b9977828da8575ced
Proof of concept exploit for a buffer overflow vulnerability that exists in Open Dc Hub version 0.7.14.
8258ae931f345dbb3993fba33e50fa99806a19f8996a9b591ba1f150a0fb65d9
Exploit for the Winamp vulnerability existing in versions 5.06 and below making use of the IN_CDDA.dll remote buffer overflow.
25fbcbea1f6cb52583688142fc6827f1aab748a864da9963e4213633a0d1f4bd
STG Security Advisory: Due to an input validation flaw, Zwiki is vulnerable to cross site scripting attacks.
65b7e075dc354dda1b68af47357e8245716561c8adb622f8769142ea94fc9d0f
STG Security Advisory: Due to an input validation flaw, JSPWiki is vulnerable to cross site scripting attacks.
ecd38f592043061846aa7d65232f39d632ae3aa0e137fb49d4c2e1f914db517d
STG Security Advisory: KorWeblog suffers from a directory traversal vulnerability that malicious attackers can get file lists of arbitrary directories.
71700686df5b1678bd4503f868982180d543ec54e0c9d59cc2e37c275e95716e
Remote proof of concept exploit for Soldier of Fortune II versions 1.0.3 gold and below that suffer from a typical sprintf() overflow.
8c1f38ba19234cca1350bb97214735995b65a3407cba5859c48514f728863627
Halo: Combat Evolved versions 1.05 and below remote denial of service exploit.
0d3cef695d9fdc47fdfd95ee798dad5deadd30a99fcef14209bc6b476fb3f98e
CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10 both suffer from an overflow that allows for arbitrary code execution. Exploit included that spawns a shell on port 5555.
c9c0e8b484d3a06402a6c82a42672cbd98ac77e8c0eda4fe6e231b78eb1cc7da
WodFtpDLX versions below 2.3.2.97 are susceptible to a classic buffer overflow attack. Denial of service exploit included.
195769a65ca00316eed591f6fcee2829057831d8d052f6c924409e82b66d029c