Packet Storm's last 20 added files. Last Updated: Sun Oct 12 16:36:51 EDT 2008 [ emf_MS08-046.rar ] c4289869ff9a6d71f21cb8d81ceba238 Microsoft Windows EMR_SETICMPROFILEA heap overflow denial of service exploit. [ minipub03-multi.txt ] b45f5a70ef5f931fbac4a17d52c9f24b mini-pub versions 0.3 and below suffer from local directory traversal and file disclosure vulnerabilities. [ apm-sql.txt ] cf487f2d827950a7047d52750e013765 Absolute Poll Manager XE version 4.1 suffers from a remote SQL injection vulnerability in xlacomments.asp. [ cubecartcms-sql.txt ] 901bd6b5ab81e07d465b727228451401 This is an old SQL injection vulnerability for CubeCart CMS that has further details on exploitation since the original report surfaced years back. [ dsa-1652-1.txt ] 4520f2c53bb975e87a87c6d05c09fa11 Debian Security Advisory 1652-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. [ dsa-1651-1.txt ] 63d28120a31c0be95f7949e1de96a531 Debian Security Advisory 1651-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. [ dsa-1650-1.txt ] 548a3c635a49653c55dcc7248955421f Debian Security Advisory 1650-1 - Cameron Hotchkies discovered that the OpenLDAP server slapd, a free implementation of the Lightweight Directory Access Protocol, could be crashed by sending malformed ASN1 requests. [ MDVSA-2008-210-1.txt ] 06dd87708ce37a3441979abe0dfdb2c1 Mandriva Linux Security Advisory - CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string. The updated packages have been patched to fix the issue. This update was too late for inclusion in Mandriva Linux 2009, so it is being released now for that version. [ MDVSA-2008-211.txt ] 869230af219e9221f53868047fa06838 Mandriva Linux Security Advisory - A buffer overflow in the SGI image format decoding routines used by the CUPS image converting filter imagetops was discovered. An attacker could create malicious SGI image files that could possibly execute arbitrary code if the file was printed. An integer overflow flaw leading to a heap buffer overflow was found in the Text-to-PostScript texttops filter. An attacker could create a malicious text file that could possibly execute arbitrary code if the file was printed. Finally, an insufficient buffer bounds checking flaw was found in the HP-GL/2-to-PostScript hpgltops filter. An attacker could create a malicious HP-GL/2 file that could possibly execute arbitrary code if the file was printed. The updated packages have been patched to prevent this issue; for Mandriva Linux 2009.0 the latest CUPS version (1.3.9) is provided that corrects these issues and also provides other bug fixes. [ dsa-1646-2.txt ] db72af7c11346b839c9aaceb342e2df5 Debian Security Advisory 1646-2 - In DSA 1646-1, an update was announced for a denial of service vulnerability in squid, a caching proxy server. Due to an error in packaging and in testing, the updated packages did not correct the weakness. An updated release is available which corrects the error. A weakness has been discovered in squid, a caching proxy server. The flaw was introduced upstream in response to CVE-2007-6239, and announced by Debian in DSA-1482-1. The flaw involves an over-aggressive bounds check on an array resize, and could be exploited by an authorized client to induce a denial of service condition against squid. [ cabrightstor-exec.txt ] 69624d203a69ee3ff823212da88e2365 CA BrightStor ARCServe BackUp is an overall data backup solution. The RPC interface of CA BrightStor ARCServe BackUp does not handle user's input exactly that allows anonymous attacker to inject any command, a remote code execution attack may achieved through this way. Details are provided. CA BrightStor ARCServe BackUp version R11.5 is affected. [ joomlajeux-sql.txt ] 547973dcd068393998bff7ce8537a3c3 The Joomla Jeux component version 1.0.0 suffers from a remote SQL injection vulnerability. [ joomlavideos-sql.txt ] 68294a5af4ac34c805d4c3c970c66997 The Joomla Videos component version 1.0.0 suffers from a remote SQL injection vulnerability. [ joomlaphotos-sql.txt ] fba62c45aae33e98387cb60a99da79df The Joomla Photos component version 1.0.0 suffers from a remote SQL injection vulnerability. [ joomlaflash-sql.txt ] 1cd4fd875f6b2d420f96137f2904d182 The Joomla Flash component version 1.0.0 suffers from a remote SQL injection vulnerability. [ joomlaownbiblio-sql.txt ] 02f0c578d5317a89f9e93a633d059252 The Joomla ownbiblio component version 1.5.3 suffers from a remote SQL injection vulnerability. [ eebcms-xss.txt ] 77b9cb0b8ec92353e4aaf877403723a3 EEB-CMS version 0.95 suffers from a cross site scripting vulnerability. [ slimcms-escalate.txt ] cffe1244aa00974fd691e407e35f88fc SlimCMS versions 1.0.0 and below privilege escalation exploit that uses redirect.php. [ ZDI-08-067.txt ] 9926adae42bd4b463869d0112262dd6b A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple CUPS. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Hewlett-Packard Graphics Language filter. Inadequate bounds checking on the pen width and pen color opcodes result in an arbitrary memory overwrite allowing for the execution of arbitrary code as the "hgltops" process uid. [ CVE-2008-3271.txt ] a9c8cfb4dcf837a9ee60e24750725363 Apache Tomcat versions 4.1.0 to 4.1.31 and 5.5.0 suffer from an information disclosure vulnerability.