Packet Storm's last 100 added files. Last Updated: Wed Aug 20 03:34:32 EDT 2008 [ collabreate-defcon.tgz ] d205984bf3188797c6e56f224938cda7 CollabREate is an IDA Pro plugin with a server backend that allows multiple people to collaborate on a single RE (reverse engineering) project. This is the Defcon demo bundle. [ Grendel-Scan-v1.0-src.zip ] 15ad913facfcb8075b5b038f9cc19358 Grendel-Scan is an open-source web application security testing tool. It has an automated testing module for detecting common web application vulnerabilities, and features geared at aiding manual penetration tests. [ voiper-0.06.tar.gz ] 81517b583ef0700efc3b5cff047518f0 VoIPER is a VoIP security testing toolkit incorporating several VoIP fuzzers and auxiliary tools to assist the auditor. It can currently generate over 200,000 SIP tests and H.323/IAX modules are in development. [ modscan.py.txt ] a884da5a3df280eab12fd998cf7dbf8b ModScan is a new tool designed to map a SCADA MODBUS TCP based network. The tool is written in python for portability and can be used on virtually any system with few required libraries. [ bh-0.8.6.tgz ] 65eaed3776355063d4cd9131f1515a07 Beholder is a wireless intrusion detection tool that looks for anomalies in a wifi environment. [ bookmarks-sql.txt ] 6b0b701af098af60ef85174f2ee06888 Active PHP Bookmarks version 1.1.02 suffers from a remote SQL injection vulnerability. [ vsclam-0.9.1.tar.gz ] 71b2ba265316850c0c2b557e0d9f154c ClamSAP consists of two C shared libraries that link between ClamAV and the Virus Scan Interface (VSI) of SAP (official name: NW-VSI). A SAP application can use the ClamAV engine to scan for malicious uploads in HTTP uploads, for example. [ USN-636-1.txt ] cce112ac7583d275595f69c51a839d9d Ubuntu Security Notice 636-1 - Sebastian Krahmer discovered that Postfix was not correctly handling mailbox ownership when dealing with Linux's implementation of hardlinking to symlinks. In certain mail spool configurations, a local attacker could exploit this to append data to arbitrary files as the root user. The default Ubuntu configuration was not vulnerable. [ MDVSA-2008-174.txt ] 00d8eaccddf52548564ee8c6e0a43883 Mandriva Linux Security Advisory - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. [ MDVSA-2008-173.txt ] a4ecb934a32e106110b9ab5649af376c Mandriva Linux Security Advisory - Kees Cook of Ubuntu security found a flaw in how poppler prior to version 0.6 displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause applications using poppler to crash, or possibly execute arbitrary code when opened. This vulnerability also affected older versions of kpdf, so the updated packages have been patched to correct this issue. [ forcedmatrix-sql.txt ] b06c68e34751d22960cfaa815a8693ed Forced Matrix Script suffers from a remote SQL injection vulnerability in tr1.php. [ prograte-sql.txt ] cda25d3f905fff731903c2922794afab Programs Rating suffers from a remote SQL injection vulnerability in details.php. [ jokessite-sql.txt ] 1163803e2427039d47c62c117306a423 Jokes Site suffers from a remote SQL injection vulnerability in jokes.php. [ classifieds-sql.txt ] 1aee893c0ea4371cb9266c592408cc14 Classifieds suffers from a remote SQL injection vulnerability in view.php. [ adexchange-sql.txt ] bcac4b151289c89497fd87780248ddce Ad-Exchange suffers from a remote SQL injection vulnerability in tr.php. [ viral-sql.txt ] 44fa1d697744e132be169f52056d105b Viral Marketing suffers from a remote SQL injection vulnerability in tr.php. [ urlrotator-sql.txt ] 9605f615952a3465228006dbb029493c URL Rotator suffers from a remote SQL injection vulnerability in tr.php. [ stylishtextads-sql.txt ] ad02593400bad7da711909d76dedd26b Stylish Text Ads suffers from a remote SQL injection vulnerability in tr1.php. [ shorturl-sql.txt ] e0451c54ac23fb56c17ef5509e23de5e Short URL and URL Tracker suffer from a remote SQL injection vulnerability in tr.php. [ scrolltext-sql.txt ] 615b24d4484c9a0604b5f90719a201fa Scrolling Text Ads suffers from a remote SQL injection vulnerability in tr1.php. [ reminder-sql.txt ] 0395e44b57ae1a97d9521393120afdca Reminder Service suffers from a remote SQL injection vulnerability in tr.php. [ autoreshost-sql.txt ] 5bd08e64dfb1eb827b18a1426420d3e6 Autoresponder Hosting suffers from a remote SQL injection vulnerability in tr.php. [ downlinebuilder-sql.txt ] ec6a26dd506aafe10b48c7cded52bfd4 Downline Builder suffers from a remote SQL injection vulnerability in tr.php. [ classhost-sql.txt ] 8df8ba7842b15c11b3d7da8fcebc9fc8 Classifieds Hosting suffers from a remote SQL injection vulnerability in tr.php. [ classblast-sql.txt ] e2a05cb7305db3828e730a6c7b908a7e Classifieds Blaster suffers from a remote SQL injection vulnerability in tr.php. [ blogblaster-sql.txt ] e550bb32fed7af6b9708134c31621a1e Blog Blaster suffers from a remote SQL injection vulnerability in tr.php. [ vanilla-xss.txt ] 552e94d8d070f33db34993d1978ff265 Vanilla versions 1.1.4 and below suffer from cross site scripting vulnerabilities. [ bms-sql.txt ] fec14c9f524854f68ad4f827a4d008d3 Banner Management Script suffers from a remote SQL injection vulnerability in tr.php. [ marinetcms-sql.txt ] 5f28a355f499c887da080aa688c80218 Marinet CMS suffers from a remote SQL injection vulnerability. [ SSRT080117-2.txt ] eff92d137ada0a63b95a01b33d2c7643 HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin. [ breakingstack.txt ] b4328f2c7b3f800582602b7bf3872e77 Breaking The Windows Server 2003 SP2 Stack. [ freebsd-sh.txt ] 32fbf76e197301da25c6285355c92589 48 byte freebsd/x86 encrypted shellcode for /bin/sh. [ linux-nullfree.txt ] ccc2ee76092d19db1d83de79196f4a2e linux/x86 shellcode generator that is NULL-free. [ linux-geteuid.txt ] ddb1f084f0fefa9f04be7bae5d7b0195 setreuid(geteuid, geteuid) + execve(/bin/sh) shellcode for linux/x86. [ dsa-1629-2.txt ] d5905b0f7ab31785748e93c41a799586 Debian Security Advisory 1629-2 - Due to a version numbering problem, the Postfix update for DSA 1629 was not installable on the i386 (Intel ia32) architecture. This update increases the version number to make it installable on i386 as well. [ Reverse_Engineering_Smashing_the_Signature.pdf ] 43f521ede3d50d76692795985f731328 Reverse Engineering: Anti-Cracking Techniques. [ twiki-disclose.txt ] 2815940c07c450c4954785902cf1a012 TWiki version 4.2.0 suffers from a remote file disclosure vulnerability. [ sunshop414-sql.txt ] d7f5536589db1381f92aeb91ac136e5b SunShop versions 4.1.4 and below suffer from a remote SQL injection vulnerability. [ affildir-sql.txt ] fbe236e037033d7d9afe2464a1864f82 Affiliate Directory suffers from a remote SQL injection vulnerability in directory.php. [ adboard-sql.txt ] cdcae6f9a06ca06997b2c00ef8a8ec4a Ad Board suffers from a remote SQL injection vulnerability in trr.php. [ SSRT080039-2.txt ] 532beb0aee3e979142e353425bdaf021 HP Security Bulletin - A potential security vulnerability has been identified with HP System Management Homepage (SMH) for Linux and Windows. This vulnerability could by exploited remotely to allow cross site scripting (XSS). [ DSECRG-08-036.txt ] 5b7d4cd901bfd8340ac4a81e7fbf189d Freeway eCommerce version 1.4.1.171 suffers from remote file inclusion, multiple local file inclusion, and cross site scripting vulnerabilities. [ wirelesslan.pdf ] 7419b692e5dd4208687c98de6b8d59fe Wireless LAN Attacks - What you need to know or a simple guide to WEP/WPA-PSK cracking. Written in German. [ sybase-bypass.pdf ] 2b5e62af1a1d46a6e397815bc096a922 Whitepaper discussing Sybase SQL injection and bypassing mod_security. Written in German. [ seh-paper.txt ] 679821c48bb8441a75d5ed76b003bd45 Playing around with SEH (the Structured Exception Handler). [ linux-set.txt ] c49be7c5c211fc98e2f50d0ca004b778 79 byte linux/x86 (Fedora 8) shellcode that performs setuid(0) + setgid(0) + execve("echo 0 > / proc/sys/kernel/randomize_va_space"). [ dsa-1629-1.txt ] 5a5029498e47c3b0c8f6caa98004975c Debian Security Advisory 1629-1 - Sebastian Krahmer discovered that Postfix, a mail transfer agent, incorrectly checks the ownership of a mailbox. In some configurations, this allows for appending data to arbitrary files as root. [ ovidentia-xss.txt ] 004238d872d27a2758b783e5b3579a32 Ovidentia version 6.6.5 appears to suffer from a cross site scripting vulnerability. [ linux-block.txt ] a3e9e217ba78bca84f50656751c095b0 32 byte linux/x86 rm -rf / shellcode that attempts to block the process from being stopped. [ linux-connectback.txt ] 4e51efc1a787ae985aa1356808e308fa 508 byte php connectback shell for linux/x86. [ vmwarework-dos.txt ] 320aa34b4d322e6e71996ccea6becb7d VMware Workstation suffers from a local denial of service vulnerability in hcmon.sys version 6.0.0.45731. [ vidiscript-upload.txt ] 963235821788b2c131a410d417b24ca2 VidiScript suffers from a remote arbitrary file upload vulnerability. [ webphotopro-sql.txt ] bbe93179757931dcfeabb0eb9edc9872 WebPhotoPro suffers from remote SQL injection vulnerabilities. [ cyberbb-sql.txt ] 7d982491948f590e89897598501cfeae cyberBB version 0.6 suffers from multiple remote SQL injection vulnerabilities. [ mp3nema-v0_01.tar.gz ] 7752520d8f9720647f17243fdb06d0e9 MP3nema is a tool aimed at analyzing and capturing data that is hidden between frames in an MP3 file or stream, otherwise noted as "out of band" data. This utility also supports adding data between frames and capturing streaming audio. [ samhain-2.4.5a.tar.gz ] b78bd04ff0661e94a1387fe0e84586b9 Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris. [ vuplayer_bof.pl.txt ] 83aff9a3e14b6f07e730335df39f551d VUPlayer version 2.49 M3U playlist file remote buffer overflow exploit. Shellcode spawns calc.exe. [ newshowler-sql.txt ] 5e69c2ae4414fa01095bffd798556c37 NewsHOWLER version 1.03 BETA suffers a cookie handling vulnerability that allows for SQL injection attacks. [ freeway-lfixss.txt ] 47ecab4b558c7567187ed4b4ac02b871 Freeway version 1.4.2.197 suffers from local file inclusion and cross site scripting vulnerabilities. [ xnova-rfi.txt ] 9404ef8f69346fd66d5fcdaab4c7efb2 XNova version 0.8 sp1 suffers from a remote file inclusion vulnerability. [ wsftp-format.txt ] 5bcf296469e39253ece504fe5d26c51f WS_FTP Home / WS_FTP Professional FTP client remote format string proof of concept exploit. [ linksyswrt54g-execve.txt ] 099d8a768846f1c3b73e6f73108529aa linux/mips execve 60 bytes shellcode for the Linksys WRT54G/GL. [ linksyswrt54g-bind.txt ] 3490448079386c49a0b0a6ec1a73406d linux/mips port bind 276 bytes shellcode for the Linksys WRT54G/GL. [ backsendexit.txt ] 02bf52c688e02cb7d22644203f01b0ee linux/x86 connect back.send.exit /etc/shadow 155 bytes shellcode. [ itmedia-sql.txt ] dd6bf236ddef7caa5185cd2f574d33d9 itMedia suffers from multiple remote SQL injection vulnerabilities. [ phpbasket-sql.txt ] 3b5d4c29cc9de4b0886752893f74e9b3 PHP Basket suffers from a remote SQL injection vulnerability. [ kwebcms-sql.txt ] a42de60a674923afb3e7bc377b958e1f K Web CMS suffers from a remote SQL injection vulnerability. [ nokia-spoof.txt ] 6fe5764e9fc32ab6c654198f30665234 The Nokia 6131 NFC mobile phone suffers from URI/URL spoofing vulnerabilities. [ phplivehelper-sqlexec.txt ] c466c5e1dbec1078f714b0ae1d32d5c0 PHP Live Helper versions 2.0.1 and below suffer from SQL injection and code execution vulnerabilities. [ vlcfileparse-overflow.txt ] 397b74a460271a5b3f5d6b8f039354af VLC version 0.8.6i tta file parsing heap overflow proof of concept exploit. [ eset-escalate.txt ] 1900f0c79a340ced59e42df8a0424710 ESET Smart Security version 3.0.667.0 privilege escalation proof of concept exploit. [ phparcadescript4-sql.txt ] 93b692a6ae6e5b8523ca4ea20c720add phpArcadeScript version 4 suffers from a remote SQL injection vulnerability in index.php. [ eovideo-overflow.txt ] c3b747fbc99993856ce41f46a4207bb6 EO Video version 1.36 local heap overflow proof of concept denial of service exploit. [ flashget1901012-overflow.txt ] c2367229a025a96afbfd521cfc3f9cbb FlashGet version 1.9.0.1012 FTP PWD Response remote proof of concept buffer overflow exploit. [ porkbind-1.3.tar.gz ] 0f9eba661fd9187b6c488c8f6e587bc8 Porkbind is a robust and recursive DNS server vulnerability scanner which retrieves version.bind information for the nameservers and produces a report. [ PLSA-2008-25.txt ] e57d0cc8a2f7fccc61fb079bf6de7bda Pardus Linux Security Advisory - Sebastian Krahmer has reported some security issues in Postfix, which can be exploited by malicious, local users to disclose potentially sensitive information and perform certain actions with escalated privileges. [ MDVSA-2008-172.txt ] 35b9f3396f2f1dad47d3cfe0d6aee45f Mandriva Linux Security Advisory - A flaw in Amarok prior to 1.4.10 would allow local users to overwrite arbitrary files via a symlink attack on a temporary file that Amarok created with a predictable name. The updated packages have been patched to correct this issue. [ MDVSA-2008-171.txt ] 48044f8eb8d0f450a53f132789027535 Mandriva Linux Security Advisory - Sebastian Krahmer of the SUSE Security Team discovered a flaw in the way Postfix dereferenced symbolic links. If a local user had write access to a mail spool directory without a root mailbox file, it could be possible for them to append arbitrary data to files that root had write permissions to. The updated packages have been patched to correct this issue. [ quickpoll-sql.txt ] df4662ed9d85bf9cec55716b209dc742 Quick Poll suffers from a remote SQL injection vulnerability in code.php. [ promoproducts-sql.txt ] 1208b30c4d20d45546252d965dff9db2 PromoProducts suffers from a remote SQL injection vulnerability. [ phpizabi-traverse.txt ] 58a256c358625b1b59e1d05cd186254d PHPizabi version 0.848b suffers from directory traversal and cross site scripting vulnerabilities. [ vsclam-0.9.0.tar.gz ] 6b545d3904627a37f4f3af11e12b9fc9 ClamSAP consists of two C shared libraries that link between ClamAV and the Virus Scan Interface (VSI) of SAP (official name: NW-VSI). A SAP application can use the ClamAV engine to scan for malicious uploads in HTTP uploads, for example. [ flashget190-overflow.txt ] 42ab1603f2c6f695f6c482069e9c70fa FlashGet version 1.9.0.1012 FTP PWD Response SEH stack overflow exploit. [ dotcms-lfi.txt ] 3538f937032b299d320be6e2e08d9f7f dotCMS version 1.6 suffers from local file inclusion vulnerabilities. [ deeemmcms-multi.txt ] a960afe5f691a74a216d34293f055eb2 DeeEmm CMS version 0.7.4 suffers from remote file inclusion and SQL injection vulnerabilities. [ zeelyrics-sql.txt ] 4d1588251bb3ea3c64b1ef6f50a6e69e ZEELYRICS version 2.0 suffers from a remote SQL injection vulnerability in bannerclick.php. [ zeejobsite-sql.txt ] a03917fd408573261924aa92281dfae3 ZEEJOBSITE version 2.0 suffers from a remote SQL injection vulnerability in bannerclick.php. [ shaadiclone-sql.txt ] ef8b15ad9a40bf711f4c8bdefb892ba3 ShaadiClone version 2.0 suffers from a remote SQL injection vulnerability in bannerclick.php. [ ptcinvest-sql.txt ] fb3532c789b0429f01f301918432f174 PTCinvestment version 1.2 suffers from a remote SQL injection vulnerability. [ acgsurf-sql.txt ] 4d8ff5134a12d66d3095dc5d5f8b4386 ACG-Surf version 1.0 suffers from a remote SQL injection vulnerability. [ acgptp-sql.txt ] 97bd63a9494843d84efbcb9da191a204 ACG-PTP version 1.0.6 suffers from a remote SQL injection vulnerability. [ acgscriptshop-sql.txt ] 8d133fc8a89a07575940e5ac62f48b86 ACG-ScriptShop suffers from a remote SQL injection vulnerability. [ flexcms-xss.txt ] 9a0be86265c50de43a3ed51f0243fa4b FlexCMS versions 2.5 and below suffer from a cross site scripting vulnerability. [ mailscan-multi.txt ] 127cfd5afcc6fa75030d4453bef425dd MailScan for Mail Servers version 5.6.a suffers from directory traversal, authentication bypass, cross site scripting, and log file access vulnerabilities. [ munkybliki-lfi.txt ] b1153cfa4b80b628caf2677a20cde224 munky-bliki suffers from a local file inclusion vulnerability. [ mambo462-morexss.txt ] 83a65efbd41054cb7d65f188bff5444a Mambo versions 4.6.2 and below appear susceptible to more cross site scripting vulnerabilities. [ PLSA-2008-24.txt ] fc8bca31f37dffda0b3a0d3f2f9656f1 Pardus Linux Security Advisory - A security issue has been reported in Amarok, which can be exploited by malicious, local users to perform certain actions with escalated privileges. [ cisco-sa-20080814-webex.txt ] b37ad9f1f0ade1da7287081770808eb6 Cisco Security Advisory - An ActiveX control (atucfobj.dll) that is used by the Cisco WebEx Meeting Manager contains a buffer overflow vulnerability that may result in a denial of service or remote code execution. The WebEx Meeting Manager is a client-side program that is provided by the Cisco WebEx meeting service. The Cisco WebEx meeting service automatically downloads, installs, and configures Meeting Manager the first time a user begins or joins a meeting. When users connect to the WebEx meeting service, the WebEx Meeting Manager is automatically upgraded to the latest version. There is a manual workaround available for users who are not able to connect to the WebEx meeting service. [ zorum-blindsql.txt ] 9b6f27436dacda767d3a8a93fb4463b2 Zorum version 3.5 blind SQL injection exploit. [ cfs-cfp.txt ] c382918bdfce3e8a601308621c840909 Forensic Trade Shows, LLC is proud to announce two events for 2009. The Computer Forensics Show will meet the needs of industry professionals by providing detailed information regarding the changes and advancements in the IT security marketplace. Each event will highlight exhibits from some of the leading companies in the industry, complemented by a comprehensive conference program to provide attendees with important information about the latest technological advancement, ideas and practical information available today.