Packet Storm new exploits for July, 2006.
d7668749bea4492043760c7281574495ad942216a132f5325f62290a5fa61780The mambatstaff Mambo component is susceptible to a remote file inclusion flaw.
fa7b9aaa25bac2fdfebbe0f529ca7304edb279aaa506c90a60448255b99bda6eColophon versions 1.2 and below suffer from a remote file inclusion vulnerability.
870c50c1955358cd09c6815fc5ed147288272f145dce06f2bf4a80dbcac1b21fCoppermine Photo Gallery version 1.2.2b-Nuke suffers from remote file inclusion vulnerabilities.
841a02d8c14bf56f354bf35cf941793561f0cfa85e8f48d3c46ae11eaf798f7dMambo Gallery Manager version 095.r3 suffers from remote file inclusion vulnerabilities.
2e97397e359cd7cdb11dc44b91eade8442528731a5d3ac075dc9669073fe1fb7Gidplus.dll division by 0 proof of concept exploit.
e34790ee7ca7e923136b18150c98e6b36106bb11d8baf1c3bfbef95889ee672cExploit for Mozilla Firefox versions 1.5.0.4 and below. The demonstration exploit below will attempt to launch "calc.exe" on Windows systems, execute "touch /tmp/METASPLOIT" on Linux systems, and bind a command shell to port 4444 for Mac OS X Intel and PowerPC systems. An anonymous researcher for TippingPoint and the Zero Day Initiative showed that when used in a web page Java would reference properties of the window.navigator object as it started up. If the page replaced the navigator object before starting Java then the browser would crash in a way that could be exploited to run native code supplied by the attacker.
9e096b35f0514a051a6f1a202b7742ec4b356a48415a7e37748c715e85cf7500Dr.Jr7 Gallery version 3.2 RC1 suffers from a remote file inclusion flaw.
61bf03c5bc2bfedaeb1de0d3b9814420169cfda1b3eff3e4a7e2735abe4568adPortail PHP version 1.7 suffers from a remote file inclusion vulnerability.
075f391c35623dda2d5d48a6eee2eb5e8ce6569dd08523a1428252eacf2a2210Guestbook Mambo Module versions 1.3.0 and below suffer from a remote file inclusion vulnerability.
30f8667ef29fb8872e71730d3e8b9aaf8c165d18a5d0b8196435b73dba301b57PHP-Nuke INP is susceptible to cross site scripting.
1b0f5896e76364a4d2e25fe5cde01518a4c80a8079c5cb728737164570fed8d7PrinceClan Chess Mambo Com versions 0.8 and below suffer from a remote file inclusion flaw.
6373cd538545bb2474dbec4a5e708deaee424a8b2b066656d51965604e1df979JD-WordPress suffers from a remote file inclusion vulnerability.
a29fa9ad87d09b2126c672ee2423cf18ff231120339b690d140ca6e263135bafHeartbeat versions below 2.0.6 insecure shared memory local denial of service exploit.
042d63f05a32cabe28243556ac05eef1189e08fbe3e1d1baa9934d4c7333678fPhorum version 5.1.14 is susceptible to cross site scripting and local file inclusion attacks.
9c72077583d824261da03a364967e6f7aac0f9330b3bbdb08b9bca4689408220GeoClassifieds Enterprise version 2.0.5.2 is susceptible to cross site scripting attacks.
b8221d279fb36db5d12e100e503a7dc2d6e86db89e31f5be786c2a153273bd65Remote exploit for the Syslog server by eIQnetworks that has a vulnerability when processing long strings transmitted to its TCP port.
60bffcf1a26deeb9ebda5eb75a657c002ee82720c1ef7a36d68131a01a17d94dRemote exploit for the buffer overflow found in the LICMGR_ADDLICENSE Field of EIQ networks network analyzer.
2fd385aaecbd319e45011cb0297961bc7072184913dd3828fc4dc4b0331f3984This Metasploit module exploits the buffer overflow found in the LICMGR_ADDLICENSE Field of EIQ networks network analyzer. This module exploits buffers of 1262 bytes in size. This module should work on all rebranded eiq analyzers. Exploitation assistance from KF of digital munition.
e4ce3e36553a518104ebf7e58cf8a9dd52695a1715d37a0ba3161d6ab879f3edThis Metasploit module exploits the buffer overflow found in the LICMGR_ADDLICENSE Field of EIQ networks network analyzer. This module exploits buffers of 494 bytes in size. This module should work on all EIQ branded analyzers. Exploitation assistance from KF.
88bc70754e26114c4ff252085966059a0af29b9d43f03db6984fbde54d0ad30aEtomite CMS versions 0.6.1 and below 'username' SQL injection and administrative credential disclosure exploit.
620bdf667e0fa3f353fc138d5dfe20509298865beffecfea4b15e781ea7a4210WMNews suffers from a remote file inclusion vulnerability.
98b7bae8e8dffa9da5136497722726c556ef8d4cde3d3d0dce85fb2630f2989aA remote file inclusion flaw exists in the a6mambohelpdesk Mambo component versions 18RC1 and below.
26d95654d6ebc3032cb7df52f555cd568cad30aa468d559004087e80c4d461beTriton version 1.0.4 remote exploit for the sipxtapi vulnerability.
f93b23609f2b1ea7d2fa0921eaab18bffbff4d1f638e4c6b7dad4792aca8f31aMttKe-php version 2.6 suffers from a cross site scripting flaw.
acb4fa8dc82c4238ba81970d67aea5492f38fd1851e06cd86f85f1d24926c94a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed