Packet Storm new exploits for March, 2008.
613019d940cccc4c6f3c0679a25977a020d9fc860be6af46487822ef26987a6amod_jk2 version 2.0.2 for Apache 2.0 remote buffer overflow exploit for Win32 that binds a shell to port 9999.
ab526bea307a48d0b9d5da1a92ef9b01c745fe4c763a0d45b267a68fc1c716b6Neat Weblog version 0.2 remote SQL injection exploit that makes use of index.php.
0ea9b9799b2f50dc85971790c1e0de6507d0ba896fd06c90362b9ed28b518a92Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.
6d48b4721a8991c3fbce8d089aa9d625c50a82af5e424240af421e57c5966352Secunia Security Advisory - A vulnerability has been reported in CDS Invenio, which can be exploited by malicious users to manipulate certain data.
2558810f5db12b2cd3a6597bdf545f2f1557b790119b11a7a6d9823b562f8667Secunia Security Advisory - Some vulnerabilities have been reported in Perlbal, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
4b095a0a18c0e36f323256398ed950f4717ec4ead3d03901eacfce39a384cf11Secunia Security Advisory - VMware has issued an update for VMware ESX Server. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
082e75ca0f0cbc49f5e74c91310cbceb3c3c0d752e1cf2b2404128e3030dc36fSecunia Security Advisory - A weakness has been reported in OpenSSH, which can be exploited by malicious, local users to bypass certain security restrictions.
c939edb871ccda0cb6acc94069f750c46dd0f6dce1dd79fdae897f7356545cc8Secunia Security Advisory - Tobias Klein has reported a vulnerability in avast! Home/Professional, which can be exploited by malicious, local users to gain escalated privileges.
be63ab457f87882ed2896740855609bdc0a19ec3c9a62b26f1067e17e317b611Secunia Security Advisory - A weakness has been reported in OpenBSD, which can be exploited by malicious, local users to bypass certain security restrictions.
e84e3e3992b549106fee0acb94c3e0ff3558276919b36a1ec55b2eca3cf52531Secunia Security Advisory - Debian has issued an update for iceweasel. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system.
5df21e4eee244aa7ba97f7258c4c248a4883ad2e075b6928f2933a7dc5c7e507iDefense Security Advisory 03.31.08 - Remote exploitation of an untrusted library loading vulnerability in Macrovision's InstallShield InstallScript One-Click Install ActiveX control allows remote attackers to execute code with the privileges of the currently logged in user. iDefense confirmed this vulnerability exists in version 12.0 of the Macrovision InstallShield InstallScript One-Click Install ActiveX Control. Previous versions of the control are reported to be vulnerable to variations of this attack. Previous versions are known to use different CLSIDs.
43de1fe2a2db8c9142cfcc62930c4a7e8244c9a74ebd86de23f0101133587ac1ProxyStrike is an active Web Application Proxy and is a tool designed to find vulnerabilities while browsing an application. It current has SQL injection and cross site scripting modules. This is the Windows version. Written in Python.
da770b4014ebd251157864ec374ad5b81d1ca7e37682b8813de1fb246c9ae242ProxyStrike is an active Web Application Proxy and is a tool designed to find vulnerabilities while browsing an application. It current has SQL injection and cross site scripting modules. This is the Linux / Mac OSX version. Written in Python.
6911c85050d2dd1521c1b8f2b5f0a8a6bbc3fe11c7e60d55551550068026cde62X ThinClientServer versions 5.0_sp1-r3497 and below along with TFTPd.exe version 3.2.0.0 and below suffer from a directory traversal vulnerability.
9b3253a8b61ef8c70cf1336d5c6c53496e12ab3bf584561690dfbd9cbdf162f7PowerDNS Recursor versions 3.0 through 3.1.4 suffer form a DNS cache poisoning vulnerability.
8824d748ef2aaa9c0293a00da6abf363dbb510dbe88dfd97be4f16a4f3450ecfVbSeo suffers from a cross site scripting vulnerability.
6b6f21c6f611e76839a26986641ae360ca4bb37a26527b04d985626991e61e5cIntro to Buffer Overflows - A whitepaper demonstrating a buffer overflow on a Windows XP SP1 box using Backtrack 3 Beta.
7eee601d3a61af58f41eee3b233daabac27cbb59bda1011826f01dafdda38592The kernel driver aavmker4.sys as shipped with avast! version 4.7 contains a vulnerability in the code that handles IOCTL requests. Exploitation of this vulnerability can result in denial of service or arbitrary code execution.
d52a527b0d71922fcc4398ba23f1b4b1ef9a7c3ad9909acb482c607ce166b6e2This is an interesting little tool that converts shellcode to javascript.
2773c8a2bf2462f587b76f904a1581da07ced3128718f697bfaead1dadb9de63Simple and compact TCP port scanner.
fd6d5f859bbcc997a354b1cb06ac667dcbd4040bcf8153ee871ddfd39c502986Proviso SiteKiosk suffers from a bypass flaw that allows for file downloads.
814b4daa279162f1ce3648beaa054279e4bbd422f822554387855f50615aed62mxBB module mx_blogs version 2.0.0-beta remote file inclusion exploit.
27657f3dac1a3a03b450e42e044d2befa24fe921d63baa2d5956852946151c2eThe Woltlab Burning Board Add-on JGS-Treffen suffers from a SQL injection vulnerability.
aaa0dce3c9d99f1879094d84fb192af4375174d8a41005901aefa552bdf73bf1The Wordpress Download plugin suffers from a SQL injection vulnerability.
5cd86be39af293e12c8a4916cea19a99cbcfe29d7446e520c78542bb4863e2ff
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed