Packet Storm new exploits for February, 2006.
81bf259c71da2fdcc64fecfe19ab903f839ceffba88f9fa70284c98d81b24a9c
SaphpLesson version 2.0 remote SQL injection exploit.
84880ff4eb056306cb0b82e52812c3947c34a07cf6eccc6a330c88ff1c7c2339
iGENUS WebMail versions 2.0.2 and below remote command execution exploit.
85c7f7a9b770046f5a06b39f98b512e90aada232d07b5f768129ae77bbd6bdff
Local privilege escalation exploit for MySQL 4.x and 5.0 that makes use of UDFs.
259ac0290dd0e3e004ce1a3a8f637fde8c686703359f1c60679c5a45b6988645
This Metasploit module exploits a vulnerability in Safari's "Safe file" feature, which will automatically open any file with one of the allowed extensions. This can be abused by supplying a zip file, containing a shell script, with a metafile indicating that the file should be opened by Terminal.app. This module depends on the 'zip' command-line utility.
d07fb300961da20240be4d01af4bf9ae28d737166fc35716c762ae250e33252f
Microsoft Windows Media Player 10 Plug-In EMBED overflow universal exploit that makes use of the flaw discussed in MS06-006.
2773662b377c0c196a0104ce112087de801337f51b5949420cc9fc8330f312a6
This Metasploit module exploits a vulnerability in the Windows Media Player plugin for non-Microsoft web browsers. This module has been tested with Windows Media Player 9 on Windows 2000 SP4, Windows XP SP2, and Windows 2003 SP0 (Firefox 1.5 and Opera 8.5).
109944d0f0bc94820c9812ca99a3a01766f288fa18315471b7364cf9c0e05b92
Microsoft Windows Media Player BMP handling buffer overflow denial of service exploit.
8f2d41bf1dd64716755ada44360ed3a49914717b8e043672e16b3d2999406bcd
Windows Media Player BMP heap overflow exploit.
822f5c646504ac887852555d8001a9bf10e68172b4532b4596c607174b9241af
eZ publish versions 3.7.3 and below suffer from cross site scripting flaws.
a2e3a0d122a5938311a50fa279d8aaecfdf72b266d633af98ca648075c1b6805
ICQmail.com and Mail2World.com suffer from cross site scripting flaws.
110d6619c74376b652d2594211b95a74a9ca9925caa10924f9d46b4c07940b4e
Pentacle In-Out Board versions 6.03 and below suffer from a SQL injection flaw in newsdetailsview.asp.
c41e3a101311cb8d1397efad265cd2055b641e6671e8d741ab46b7c57ba9771a
Pentacle In-Out Board versions 6.03 and below suffer from a SQL injection flaw in login.asp that allows for authentication bypass.
44e21740ebfcc261a03c72155b1ffc8c45a59dff7a5f146b6633b424340e2e5f
NSA Group Advisory - SPiD version 1.3.1 suffers from a classic directory traversal flaw.
12524908c6c57479cfbc4caef1bf5c49494264797d167ce4596229d847b85cc3
Remote exploit for ArGoSoft FTP server versions 1.4.3.5 and below that makes use of a remote heap overflow in the DELE command.
7254d5e1a22aa5a9bedc2e13bb70cc4b7c74c92e5c1eac37b5611a7eb4360abd
Hotmail/MSN cross site scripting exploit.
7ee723fd6bda6975447f5281a29e4b67559ae75d79a168fe927bfc0c9b56085f
Guestext version 1.0 is susceptible to cross site scripting attacks.
325f9ac22671d90b92992e8b0593fdad85244048bb98ab1a9c7d6ae3d153ecd8
NSA Group Advisory - Website Generator version 3.3 suffers from an arbitrary remote PHP file inclusion flaw.
885da198541b682486a9824c51d6e3e1c076266899c8404b0a0cd280901f787f
Mambo versions 4.5.3h and below are susceptible to SQL injection and file inclusion attacks. Full details provided.
32f94f56d297af76886b57f1aaf38f9c0442583eea7d2246d3d29f09d3e5105e
MyPHPNuke versions 1.8.8 and below are susceptible to multiple cross site scripting vulnerabilities. Details provided.
e0c7f805e02b0449c14d070cba3507927c4da8f250e046f53b5066a0cbef8541
Woltlab Burning Board 2.x is susceptible to multiple cross site scripting flaws. Details provided.
6a378f20bcf1a839d6265b48317ce172486aa6ae12a3ec5434d309d5d2318f60
Guestext version 1.0 suffers from a remote command execution flaw. Exploitation details provided.
ad8e22d4bd67bd67d25b0053845cdf9707c8101d9110eb03b8f3bb75193c470b
NSA Group Advisory - The ArGoSoft Mail Server Pro version 1.8 IMAP server suffers from improper input validation when RENAME is being used.
a8fbb124c9cbf0c98d038f5736cffd5dd2d87b2abc163e54d36fede7fa42a809
NSA Group Advisory - The ArGoSoft Mail Server Pro version 1.8 POP server discloses system information to removed users.
30a01494f264c29a1bd6db824e48f1a8dd545e435b9fb0fdd9c5f0340f5e72d0
NSA Group Advisory - A flaw in CubeCart versions 3.0.0 through 3.0.6 allows for removed users to load arbitrary files onto the system.
f83ee850b2b7385929f1eb0a99c94cac82878316551fa19dba8e05c055910182