Packet Storm new exploits for January, 2007.
b6eaa47a9e3232720a1866fd9bb709e19225ef854d9fc29c0f8316bdef7f3e8aLocal file inclusion exploit for zd_numer.php in Galeria Zdjec versions 3.0 and below.
233eef24ace755b6d40232c5d21acaf2dea351dc013d3c4d6bcd8f25c75e5c17PHPFootball version 1.6 suffers from a remote database disclosure flaw in show.php.
68c9191d314276c612d3df3550d52fcd30b7338b83488dfa3f55b7f1330f2d84CascadianFAQ versions 4.1 and below suffer from a remote SQL injection vulnerability in index.php.
eeb4107042aa92111be2e841b59f539609f6962f86fe255f70d0300e7744bc8cMyNews versions 4.2.2 and below suffer from a remote file inclusion vulnerability.
8a0ea1ec168c9e9ea46610431408cbe277b55cd4129c7b96ddd3ce0966782d4dphpBB2 MODificat versions 0.2.0 and below suffer from a remote file inclusion vulnerability.
2c300417c082eb3d14a7b9f21ded412bce15372c9f8ca6f156dd94a709f3d6b9Dev-C++ version 4.9.9.2 CPP file parsing local stack overflow proof of concept exploit.
936dc77c9870093ff53883f8c968b120f57b7b59be1327adf0f091501e660557Month of Apple Bugs - Apple iChat Bonjour functionality is affected by several remotely exploitable denial of service flaws which can be triggered via advertising presence services over multicast DNS. This is the denial of service proof of concept exploit.
a256f4a5ef48238266e678eab766d0cb63eb44cfd99e5782f4b5fff8e5aed773Generic PHP remote file inclusion exploit framework.
78923d2e34d68550a18c32c767a108afe4008aa55ba10d8fedaf3f7536b479dcRBL ASP suffers from a SQL injection vulnerability in its login/password fields.
94614eedde2fbeecdce895b3842c83d37a6d5eef8cf867b8ccf97c93c2d80c38Universal exploit for vulnerable EnumPrintersW() calls related to the spooler service. Allows code execution with SYSTEM privileges. Affected includes DiskAccess NFS Client (dapcnfsd.dll version 0.6.4.0), Citrix Metaframe - cpprov.dll, and Novell - nwspool.dll.
2b62efa9f7692468c57fd5ccfb6faa392631ea515d577bee9c4b44042069ea68MDPro version 1.0.76 suffers from multiple SQL injection vulnerabilities.
67b93c40bf535eae6b65f8d736d5676b8f99e6ee8e43003bae1bc46428309adbMonth of Apple Bugs - crashdump follows symlinks within the /Library/Logs/CrashReporter/ directory, allowing admin-group users to execute arbitrary code and overwrite files with elevated privileges. In couple with a specially crafted Mach-O binary, this can be used to write a malicious crontab entry, which will run with root privileges. This ruby code demonstrates this vulnerability.
a2f484f050a3539545bc04527aebfb7718411d5e564498448fa7024d15700ebeMonth of Apple Bugs - Flip4Mac fails to properly handle WMV files with a crafted ASF_File_Properties_Object size field, leading to an exploitable memory corruption condition, which can be abused remotely for arbitrary code execution. This tgz holds a malicious .wmv file that demonstrates this vulnerability.
5b0f7f222237672bd530a2f1c52368b0a593f5907f49c47913ca01b2f7900a50Heap overflow exploit for msgeng.exe in Computer Associates BrightStor ARCserve Backup.
a973115577880be9cb7f40039a629b7c8037ece864581b839544fb8c6ac71cb9Local Calendar System version 1.1 suffers from a remote file inclusion flaw.
c50edb7132dd5b2668271546d7f7ae83b5d0845c3dac08229c7671e138c9c4cdAdMentor suffers from a SQL injection vulnerability that allows for login bypass.
963c580bc9e516ab4a0a77b6412697f0b757200ddd54f6e66e93392c639e7af7Month of Apple Bugs - Ruby exploit that demonstrates how CFNetwork fails to handle certain HTTP responses properly, causing the _CFNetConnectionWillEnqueueRequests() function to dereference a NULL pointer, leading to a denial of service condition.
f7406daaadebb8a416333b8bedaa7f1ba60dc4e0d60fe455f34deb18ee74e296Month of Apple Bugs - C exploit that demonstrates how CFNetwork fails to handle certain HTTP responses properly, causing the _CFNetConnectionWillEnqueueRequests() function to dereference a NULL pointer, leading to a denial of service condition.
3199da9edd031aaa3b4b089d6910159ef30dde29e74ba47226c79241f26f3d3fThe Intel wireless mini-pci driver provided with Intel 2200BG cards is vulnerable to a remote memory corruption flaw. Malformed disassociation packets can be used to corrupt internal kernel structures, causing a denial of service (BSOD). Proof of concept exploit included.
96c1c5bf7fd32a53f660b0d112ab257bb65b17df4bb6322e76691519e7c61735Local root exploit for vscan/VSAPI in Trend Micro VirusWall version 3.81 on Linux.
9d755b5bafb1a729d747106a19b5bdf4cf329021970131996e1098b977f41310Siteman version 1.1.11 suffers from a remote password disclosure flaw.
9c34460266ceba58da69e99b79c232f3c39a1cc84eb51b847fc0de7f563f296aAztek Forum version 4.1 exploit that demonstrates multiple vulnerabilities including SQL injection and filter bypas flaws.
981c779961031b5c76898596d2e11fac06d836924f262d6e6ce915897ad516ebSiteman version 2.0.x2 suffers from a remote password disclosure flaw.
a0d7d79440348673ae6422980fe047110b731c64082359ca4df99be982eddc89uniForum versions 4 and below suffer from a remote SQL injection vulnerability in wbsearch.aspx.
23c084a4125a16749509ba6ca1d0cf5d4ea29a32d0580a2a8cf6a9088e60e593
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed