Packet Storm new exploits for May, 2006.
0cacdf0c79da97c1d74623b472c09bcc1a534f04135abd40ab71f6152b2f590a
gxine - HTTP Plugin Remote Buffer Overflow PoC exploit.
85abb0a734ce0c9f5ed3fcea3a05b53448867d420db751826d5ebd7cc5df8c15
Foing Remote File Inclusion exploit
8adf654ddfa4b83fb8ae69dce42667b1db02ee59d1a04c55067c99c741d74c5b
The XSS vulnerabilities reported for UBBThreads 5.x,6.x will allow you to inject javascript and steal MD5 Hashes.
ea438861e9a77db23c4228e3e4e7186021706986c8938a24662f2f7508af5bdd
It is possible to DOS Java Apache Mail Enterprise Server (a.k.a. Apache James) by sending it a long SMTP argument. POC included.
cc3c20662b0fb8e4281f134d233ad98aa520497d76563802964f2c8ccd5e4b28
Speedy ASP Forum (profileupdate.asp) User Pass Change Exploit
725e888d94f4a7127c50110d10ac93be8e96d9eb27941498d1c3978a326e2929
my Web Server versions less than 1.0 denial of service exploit.
921cfa55377aaf3935dd7fa871e62330545920453430dfe85471315e317449c2
Kaspersky antivirus 6 suffers from an error in the POP3 state machine POP3 monitor thus allowing any malicious software on the local computer to bypass the POP3 monitor.
cfde53847ca7073a5d51de21e6afc60d7fa884300a01ec532fa94d49cbd67449
WordPress versions less than or equal to 2.0.2 'cache' shell injection exploit.
f362a8ac6581d9d86031a4f27ac493ed0896ad35c36a3994cef95e98f78deaa8
Drupal versions less than or equal to 4.7 attachment mod_mime poc exploit.
2fc9ce589c58c2041d52ea76aaaa377ba30c8a82eb2bd371b292b091cd014bf1
phpBazar versions less than or equal to 2.1.0 Remote File Inclusion Exploit.
baf8f072eff30f192794e7bc5453be62cae5eeb462315bdc5f4387b086e97a9e
phpFoX could allow a malicious person to log in as any user by editing their cookie.
eeb50c5357012c97138995cc8bee7e00955024516aa814216834b45304cb7f8c
Local DOS exploit for portmap.
7c4a20d1a40de51804e9f75274183c6df5afe555a796e5164cd6b82a8f61e201
The WebTool service of PunkBuster is vulnerable to a buffer overflow. POC included.
554910fc9dd17c34fab9b544aaa9b35f0135d0fcc606f7190ed5c132efd82370
It is possible to crash netPanzer v0.8 by sending it a specially crafted packet.
5bd15f99d0b0ee065d43422994775a79e39fd02b835ee584083925567219fc2b
Nucleus CMS versions 3.22 and below arbitrary remote inclusion exploit.
64a5a62dc8fa1e62fa9e2edda6a37ccfeb8d591612217c3d8636c355dcbd4aa5
Kaspersky antivirus 6 and Kaspersky internet security 6 suffer from a vulnerability due to HTTP parsing errors in the HTTP monitor that could allow malicious software on the local computer to bypass the HTTP virus monitor.
268c19c0cb19f78740cd72d2a95993b7c5094298ce1e62a50f86ff0573425201
The default screen saver in Windows XP and Windows 2003 Server runs as a system process. Thus if a malicious person changes logon.scr to cmd.exe or explorer.exe they can take control of the system when the screen saver runs. POC exploit included.
9e05af997c3f8dc90610177e1645b1cbb30384da557ca3ff72d1e3a6861247a5
phpMyDirectory versions 10.4.4 and below are susceptible to multiple remote file inclusion flaws.
afd42af68cbdfe2da2f9aa0642818fb5fb795b72a789b623abc444f26415a3f8
RedTeam identified a security flaw in perlpodder versions 0.4 and below which makes it possible for a malicious podcast server to execute arbitrary shell commands on the victim's client.
d686ebd6d0f72001988dd595a3a938da6296bf4e8ed1a1d3da041456e3806d68
RedTeam identified a security flaw in prodder versions 0.4 and below which makes it possible for a malicious podcast server to execute arbitrary shell commands on the victim's client.
975e42263e294d6f883525759982d7537fbd5d89e46c8f947eabcdc5fe0eada4
XOOPS versions 2.0.13.2 and below xoopsOptions[nocommon] exploit.
da569ba856b0e034d077ba72bba96dac0240feaf78083fd44224cbfe0c90f9d9
PHP Easy Galerie version 1.1 is susceptible to a remote file inclusion vulnerability.
e66764ca534ea5fa9aa331c7d4559855c1d9a39114baf3c7f710a156ba48b83a
Captivate version 1.0 is susceptible to cross site scripting attacks.
849931fd6bbdf68ae26154e13dfd725c74ef0630beafbf6a1a96a2aaf30f44c6
Microsoft Internet Explorer is susceptible to a denial of service flaw where it crashes upon a mouse click.
ceae8f052f104f765314c7924b7f7ee8f64188d330b5e05e340d3562f5d82012