Packet Storm's last 100 added files.
Last Updated: Mon Nov 24 20:56:03 EST 2008


[ BrowserRider.20081124.tar.bz2 ] 100cf2d314bc206665fd1c2106361fdd Browser Rider is a hacking framework to build payloads that exploit the browser. The project aims to provide a powerful, simple and flexible interface to any client side exploit. Browser Rider is not a new concept. Similar tools such as BeEF or Backframe exploited the same concept. However most of the other existing tools out there are unmaintained, not updated and not documented. Browser Rider wants to fill those gaps by providing a better alternative.  
[ pieweb-rfi.txt ] b362730df7f1e1b94b627a08354c04f4 Pie Web M{a,e}sher version 0.5.3 suffers from multiple remote file inclusion vulnerabilities.  
[ FreeBSD-SA-08.11.arc4random.txt ] 4a2f51cd3f6f285b3558b19b838fc534 FreeBSD Security Advisory - When the arc4random random number generator is initialized, there may be inadequate entropy to meet the needs of kernel systems which rely on arc4random; and it may take up to 5 minutes before arc4random is reseeded with secure entropy from the Yarrow random number generator.  
[ USN-677-1.txt ] bb1c0dab25f41efe7bd6174533a21a4c Ubuntu Security Notice USN-677-1 - Multiple memory overflow flaws were discovered in OpenOffice.org's handling of WMF and EMF files. If a user were tricked into opening a specially crafted document, a remote attacker might be able to execute arbitrary code with user privileges. Dmitry E. Oboukhov discovered that senddoc, as included in OpenOffice.org, created temporary files in an insecure way. Local users could exploit a race condition to create or overwrite files with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS.  
[ dsa-1671-1.txt ] efcd4519b2622e35698cc8d619b32911 Debian Security Advisory 1671-1 - Several remote vulnerabilities have been discovered in the Iceweasel webbrowser, an unbranded version of the Firefox browser.  
[ dsa-1670-1.txt ] 29b9efceacad844712852d015884ce63 Debian Security Advisory 1670-1 - Several vulnerabilities have been discovered in Enscript, a converter from ASCII text to Postscript, HTML or RTF.  
[ quicksilverforums-rce.txt ] 3baff887d110edf27339831eabf146fc Quicksilver Forums versions 1.4.2 and below suffer from local file inclusion and malicious avatar upload vulnerabilities.  
[ webstudio-sql.txt ] 6d6c406ae2f1aa0d4d3b29b9d051137b WebStudio CMS suffers from a blind SQL injection vulnerability in index.php.  
[ siemens-dos.txt ] f1f871fb2e46d69c22d1cebb9a3a698d The Siemens C450IP and C475IP devices suffer from a remote denial of service vulnerability.  
[ nitrotech-rfisql.txt ] b8a98b26dd112f86e104e5f2e5690281 Nitrotech version 0.0.3a suffers from remote file inclusion and SQL injection vulnerabilities.  
[ bandwebsite-sqlxss.txt ] f996e1ff1650d6af32bc4b6fe65d9819 Bandwebsite version 1.5 suffers from SQL injection and cross site scripting vulnerabilities.  
[ ftpzik-xsslfi.txt ] 78c4c54b66f9b7d0058b1b1231f577cd FTPzik suffers from cross site scripting and local file inclusion vulnerabilities.  
[ tvp-crash.txt ] 3717269251defb461f6fe0743ce6a144 Total Video Player remote heap overflow crash exploit that makes use of vcen.dll.  
[ mp3nema-v0_2.tar.gz ] e337a7d716549a648a8986c0aa251b78 MP3nema is a tool aimed at analyzing and capturing data that is hidden between frames in an MP3 file or stream, otherwise noted as "out of band" data. This utility also supports adding data between frames and capturing streaming audio. 
[ squid-nufw-helper-1.1.3.tar.gz ] cca0d60557dacbde89a68c7aeb0dad29 squid-nufw-helper is an external ACL helper for Squid that provides Single Sign On capabilities. It uses the NuFW firewall suite and supports the NuFW users SQL logging scheme. The module allows for strict SSO identification and authentication of users on any Squid proxy, including transparent proxies. 
[ tcpip_lib51.zip ] d6087fee246c6c42bc4ec3c0b3d481c2 This is an open source TCP/IP library with asynchronous BlowFish and SSL support.  
[ googlechrome-obfuscate.tgz ] f26473051cd14f19ff80806f58c603dd Google Chrome versions 0.2.149.30, 0.2.149.29, and 0.2.149.27 all suffer from a metacharacter URI obfuscation vulnerability. Proof of concept html included.  
[ w3camayaid-overflow.txt ] 77897fb9645b636d36a8b02e6af13e52 The W3C Amaya web browser version 10.1 remote stack overflow exploit that relates to the id tag.  
[ w3camayaurl-overflow.txt ] 1eec223521ad030ba7b2df70ef8184c8 The W3C Amaya web browser version 10.1 remote stack overflow exploit that relates to the URL bar.  
[ USN-676-1.txt ] 8a5e5897d00eb93d9617fef391c6490f Ubuntu Security Notice USN-676-1 - It was discovered that WebKit did not properly handle Cascading Style Sheets (CSS) import statements. If a user were tricked into opening a malicious website, an attacker could cause a browser crash and possibly execute arbitrary code with user privileges.  
[ USN-675-2.txt ] ea94d1b091bd8ea5261270fa7ee60c66 Ubuntu Security Notice USN-675-2 - It was discovered that Gaim did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges.  
[ USN-675-1.txt ] 0098420282844427f88f652caa74059f Ubuntu Security Notice USN-675-1 - It was discovered that Pidgin did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges. It was discovered that Pidgin did not properly handle file transfers containing a long filename and special characters in the MSN protocol handler. A remote attacker could send a specially crafted filename in a file transfer request and cause Pidgin to crash, leading to a denial of service. It was discovered that Pidgin did not impose resource limitations in the UPnP service. A remote attacker could cause Pidgin to download arbitrary files and cause a denial of service from memory or disk space exhaustion. It was discovered that Pidgin did not validate SSL certificates when using a secure connection. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. This update alters Pidgin behaviour by asking users to confirm the validity of a certificate upon initial login.  
[ USN-674-2.txt ] 170c37b69df0b3ced14308124d8d61aa Ubuntu Security Notice USN-674-2 - USN-674-1 provided packages to fix vulnerabilities in HPLIP. Due to an internal archive problem, the updates for Ubuntu 7.10 would not install properly. This update provides fixed packages for Ubuntu 7.10. We apologize for the inconvenience. Original advisory details: It was discovered that the hpssd tool of hplip did not validate privileges in the alert-mailing function. A local attacker could exploit this to gain privileges and send e-mail messages from the account of the hplip user. This update alters hplip behaviour by preventing users from setting alerts and by moving alert configuration to a root-controlled /etc/hp/alerts.conf file. It was discovered that the hpssd tool of hplip did not correctly handle certain commands. A local attacker could use a specially crafted packet to crash hpssd, leading to a denial of service.  
[ SVRT-05-08.txt ] b6a3dd8bece7b239ec00f39b7876c1e8 SVRT-Bkis has detected a serious buffer overflow vulnerability in ffdshow which affects all available internet browsers. Taking advantage of the flaw, hackers can perform remote attack, inject viruses, steal sensitive information and even take control of the victim's system. Versions below rev2347 20081123 are affected.  
[ videoscript-unofficialshell.txt ] 495c6bf1401fa706a308c8a068e82f93 VideoScript versions 3.0 through 4.1.5.55 unofficial shell injection exploit.  
[ videoscript-officialshell.txt ] 770dae6a8b6447d112dc65413ab59d61 VideoScript versions 3.0 through 4.0.1.50 official shell injection exploit.  
[ gooplecms-upload.txt ] 73f52ace9ad2e5c032f14727795b0be0 Goople CMS version 1.7 suffers from a remote shell upload vulnerability.  
[ pgjobsite-sql.txt ] fda66e74ab6f9575645589c981c0a6fa PG Job Site suffers a blind SQL injection vulnerability.  
[ pgroommate-sql.txt ] 04f960a4e6e3b271fa22df0353b7f4c0 PG Roomate Finder Solution suffers a SQL injection vulnerability that allows for authentication bypass.  
[ pgrealestate-sql.txt ] b900980ffcc6ee1c67c41b759c62626e PG Real Estate suffers a SQL injection vulnerability that allows for authentication bypass.  
[ ms08-069.txt ] 8441d49b0a83622e2aaabb81dfad45c2 Microsoft XML Core Services DTD cross-domain scripting proof of concept exploit that makes use of the vulnerability noted in MS08-069.  
[ linuxrsa-shellcode.txt ] 7f6fd8532537a3a53db31db20e2d1c2e 295 bytes of Linux/x86 shellcode that appends a RSA key to /root/.ssh/authorized_keys2.  
[ linuxcb-shellcode.txt ] 4596448404a8dcbee0473119c419a33e 151 bytes of Linux/x86 connect-back shellcode that uses UDP port 54321 and executes tcpdump.  
[ coms-xss.txt ] ecfa6892ab159ecc02bb956ef668bb0a COMS, or Contents and Object Management System, suffers from a cross site scripting vulnerability.  
[ prozillahi-sql.txt ] a20129e7cd230281fc1d520c69f55ff6 Prozilla Hosting Index suffers from a remote SQL injection vulnerability.  
[ netartblog-sql.txt ] b38290c6dc247c3b877dee36f22304c4 NetArtMedia Blog System suffers from a remote SQL injection vulnerability in image.php.  
[ netartcars-sql.txt ] fd6bcbb00ba646fdcf10d6249e0922e0 NetArtMedia Cars Portal suffers from a remote SQL injection vulnerability in image.php.  
[ showtime_bof.pl.txt ] 9f4e3fd9b6454a2beda5e40befb8be5d Nero ShowTime version 5.0.15.0 m3u playlist file remote buffer overflow denial of service proof of concept exploit.  
[ 25bytes-execve.txt ] 9197e164612d5148eda8c0365bc07890 25 bytes small GNU/Linux x86 setuid(0) && execve("/bin/sh",0,0) shellcode without NULLs.  
[ xplico-0.1_deft4.tgz ] 28224629eec57ae010ab78cfe5e162f1 Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. 
[ 2008-01-flash.txt ] 7cea6024361339703cd6da7ff0d68b52 iSEC applied targeted fuzzing to the ActionScript 2 virtual machine used by the Adobe Flash player, and identified several issues which could lead to denial of service, information disclosure or code execution when parsing a malicious SWF file. Adobe Flash Player versions 9.0.124.0 and below, AIR 1.1, Flash CS3/CS4 Professional, and Flex 3 are all affected.  
[ dsa-1669-1.txt ] 0c16e2c561d0903c7a269ad7a2f7979a Debian Security Advisory 1669-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.  
[ MDVSA-2008-234.txt ] bc51ad6f78e1b9397696992e499677e3 Mandriva Linux Security Advisory 2008-234 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. These include a buffer overflow and a denial of service vulnerability.  
[ lovecms-password.txt ] 994f13f317658a74f39a9197ee8a9414 LoveCMS version 1.6.2 Final (Simple Forum 3.1d) change administrator password exploit.  
[ ezringtone-disclose.txt ] 4cc1017e9916aac3cf5dafff81e0e99e Ez Ringtone Manager suffers from local file inclusion and remote file disclosure vulnerabilities.  
[ execve-shellcode.txt ] b887dbad3fd9fde84ec6ee4233c42086 24 bytes Linux/x86 execve(/bin/sh,0,0) shellcode without NULLs.  
[ getaauto-upload.txt ] 5b58710ba082c14e2ee3aee64679cc6a getaphpsite Auto Dealers suffers from a remote file upload vulnerability.  
[ getarealestate-upload.txt ] a55b966288e374e8d20bde6405fae6f0 getaphpsite Real Estate suffers from a remote file upload vulnerability.  
[ dsa-1668-1.txt ] 81a7d8916a40b9fc44886a37de404801 Debian Security Advisory 1668-1 - Steve Kemp discovered that hf, an amateur-radio protocol suite using a soundcard as a modem, insecurely tried to execute an external command which could lead to the elevation of privileges for local users.  
[ wireshark104-dos.txt ] 401708f306339cc01aefc117c845308f WireShark versions 1.0.4 and below suffer from a denial of service vulnerability in the SMTP parsing function.  
[ ksplice-0.9.4-src.tar.gz ] c454d67280ff03a292cd623f9b5ba7ad Ksplice is practical technology for updating the Linux kernel without rebooting. It enables you to avoid the disruptive process of rebooting for kernel security updates and bugfixes. By making it easy to keep your systems up to date, Ksplice helps you avoid the security and stability risks of running out-of-date software. 
[ MDVSA-2008-235.txt ] 280cea3465787e4b79f262237d2b2f00 Mandriva Linux Security Advisory 2008-235 - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.18. This update provides the latest Thunderbird to correct these issues.  
[ cambridge-sql.txt ] fe7381569ee7882cae4563d0d345edba VisitCambridge.org suffers from a remote SQL injection vulnerability.  
[ verlihub-exec.txt ] fe10bb0dda05e03644f8dfd006b8caab Verlihub versions 0.9.8d-RC2 and below suffer from a remote command execution vulnerability due to a lack of input sanitization.  
[ DDIVRT-2008-15.txt ] 07526dbd17f8e037041006f8815ffe08 The iPhone Configuration Web Utility 1.0 for Windows web interface is vulnerable to a common web directory traversal attack. Successful exploitation will result in arbitrary read-onlyfile access outside of the iPhone Configuration Web Utility 1.0 web root.  
[ openssh-cbc-adv.txt ] fd5747017f671893685b31e6ccae7e6e The OpenSSH team has been made aware of an attack against the SSH protocol version 2 by researchers at the University of London. Unfortunately, due to the report lacking any detailed technical description of the attack and CPNI's unwillingness to share necessary information, they are unable to properly assess its impact.  
[ joomlathyme-sql.txt ] 71bf55c7600d4a2e9b55df029ae5b2cd The Joomla Thyme component version 1.0 suffers from a remote SQL injection vulnerability.  
[ BitDefenderDOS.zip ] 281dee247691fbcd2f34a063ce5d526a Proof of concept malicious pdf file that causes a denial of service and infinite loop in BitDefender using the pdf.xmd module.  
[ fwknop-1.9.9.tar.gz ] 3e5d47e14a26071ba4cce04dfcb3bebd fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap. Added support to fwknop for the Linux 'any' interface. Added support for interfacing fwknop with third party software through the addition of three new variables in the access.conf file.Various other fixes and additions.  
[ kvirc-exec.txt ] 9e7af6fa05ea76f0edbed3bb01f87685 KVIrc version 3.4.2 Shiny URI handler remote code execution exploit.  
[ vcalendar-disclose.txt ] de3c3c63d554069f9c47cd5516878a85 VCalendar suffers from a remote database disclosure vulnerability.  
[ ZDI-08-076.txt ] 674545c3d3f0885dd630ad4bf3b66bd8 A vulnerability allows remote attackers to retrieve arbitrary files on systems with vulnerable installations of EMC Control Center SAN Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the SAN Manager Master Agent service (msragent.exe) which listens by default on TCP port 10444. While processing SST_SENDFILE requests the service does not validate the requestor allowing any remote attacker to download arbitrary files.  
[ ZDI-08-075.txt ] baf5fcd61ddfffefe825752a5e5f8532 A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of EMC Control Center SAN Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the SAN Manager Master Agent service (msragent.exe) which listens by default on TCP port 10444. While processing SST_CTGTRANS requests the process copies packet data into a fixed length stack buffer. Exploitation allows for arbitrary code execution under the context of the SYSTEM user.  
[ toursmanager-blindsql.txt ] 5e27a04f7e19f49abc57d2ee531d4dae ToursManager suffers from a blind SQL injection vulnerability in tourview.php.  
[ phprsgal-sql.txt ] bd4ad4f70f69fe2928ed6db18879b1ab phpRS versions 2.6.x and 2.8.x suffer from a remote SQL injection vulnerability in gallery.php.  
[ MDVSA-2008-233.txt ] 9c756b2e28e8d3771c77fdb2f9600b6d Mandriva Linux Security Advisory 2008-233 - A heap overflow was found in the CDDB retrieval code of libcdaudio, which could result in the execution of arbitrary code. In addition, the fixes for were not applied to newer libcdaudio packages as shipped with Mandriva Linux, so the patch to fix that issue has been applied to 2008.1 and 2009.0 (this was originally fixed in MDKSA-2005:075). This issue is a buffer overflow flaw found by Joseph VanAndel. Corporate 3.0 has this fix already applied. The updated packages have been patched to prevent these issues.  
[ java2-malware.pdf ] cc003c84ac29ef11a21f2991097237f1 Whitepaper entitled Java 2 Micro Edition (J2ME or Java ME) Based Computer Malware Propagation Technique.  
[ natterchat-sql.txt ] 2701b6b703102dcf9d76e5d299bf1b5c Natterchat versions 1.12 and below suffer from a remote SQL injection vulnerability that allows for authentication bypass.  
[ php526-bypass.txt ] 087c3ce557a1ecebeee0cf1aab63fb5d PHP version 5.2.6 suffers from an error_log related safe_mode bypass vulnerability.  
[ phpfusion7001-sql.txt ] d59e51b2dc5f5391687c97ac49e609f6 PHP-Fusion version 7.00.1 remote SQL injection exploit that makes use of messages.php.  
[ social-sql.txt ] 758d1b4945924dfe4bb76542988dab31 Social Engine versions 2.7 and below suffer from remote SQL injection and cookie manipulation vulnerabilities.  
[ vbulletin-xssxsrf.txt ] a4bd6a31749a23236f15aac1e67d2032 The Visitor Messages add-on for vBulletin version 3.7.3 suffers from cross site scripting and cross site request forgery vulnerabilities. This is a worm exploit that takes advantage of these issues.  
[ askpert-sql.txt ] 12573dddae1f6c71d57f5d8527f8dcc1 AskPert suffers from a remote SQL injection vulnerability that allows for authentication bypass.  
[ return-to-libc-linux.txt ] f26ae137d661666b5f6007106966c68a Brief whitepaper discussing return to LIBC exploitation on Linux.  
[ stack-overflow-linux.txt ] 543012dabf952e42181c2d4cb8c71714 Brief whitepaper discussing stack overflow exploit on Linux.  
[ backlinkspider-sql.txt ] 4a61726e2c223e482fc8c834067d96b7 The BackLinkSpider Exchange Links script suffers from remote SQL injection vulnerabilities in links.asp and links.php.  
[ exodus-injection.txt ] c0c091b687a3e2eccfb4d3201993ab31 Exodus version 0.10 suffers from an URI handler arbitrary parameter injection vulnerability.  
[ smallest_setuid_execve_sc.c ] 555182da9a4a0a07f261cc1b9a164f39 26 byte (the smaller) GNU/Linux x86 setuid/execve shellcode without NULLs.  
[ wportfolio-upload.txt ] a6d0b79dc4160fd1a42267f9f46dbf37 wPortfolio versions 0.3 and below remote arbitrary file upload exploit.  
[ boastmachine-sql.txt ] a68e3a773a51a05f93575744cf367a59 BoastMachine version 3.1 suffers from a remote SQL injection vulnerability.  
[ SSRT080059.txt ] 95772fbd64f5296b53746839ca3c082f HP Security Bulletin - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM).The vulnerabilities could be exploited remotely to allow cross site scripting (XSS).  
[ punportal-lfi.txt ] c74197b9cc2ffa66839c60e8759a6b6a PunPortal PunBB module version 0.1 local file inclusion exploit.  
[ prejobboard-sql.txt ] cce036725cb757bbdfeadad1f0e18b75 Pre Job Board suffers from a SQL injection vulnerability that allows for authentication bypass.  
[ MDVSA-2008-220-1.txt ] d32925083aefe39798a9b266a8cf683e Mandriva Linux Security Advisory 2008-220-1 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. The issues include insecure misconfigurations, an integer overflow, and more.  
[ MDVSA-2008-232.txt ] 74d6e20e2de494366564f42bf606f8cb Mandriva Linux Security Advisory 2008-232 - The ACL plugin in dovecot prior to version 1.1.4 treated negative access rights as though they were positive access rights, which allowed attackers to bypass intended access restrictions. The ACL plugin in dovecot prior to version 1.1.6 allowed attackers to bypass intended access restrictions by using the 'k' right to create unauthorized 'parent/child/child' mailboxes.  
[ USN-674-1.txt ] 40785ad48c0633533c0dbc0debeac5a5 Ubuntu Security Notice USN-674-1 - It was discovered that the hpssd tool of hplip did not validate privileges in the alert-mailing function. A local attacker could exploit this to gain privileges and send e-mail messages from the account of the hplip user. This update alters hplip behavior by preventing users from setting alerts and by moving alert configuration to a root-controlled /etc/hp/alerts.conf file. It was discovered that the hpssd tool of hplip did not correctly handle certain commands. A local attacker could use a specially crafted packet to crash hpssd, leading to a denial of service.  
[ dsa-1667-1.txt ] fdd93fd43d34cbb3a7fa480d18402fca Debian Security Advisory 1667-1 - Several vulnerabilities have been discovered in the interpreter for the Python language.  
[ revsense-sql.txt ] 6aa053d65dd314b32171368e6bf84ae6 RevSense suffers from a remote SQL injection vulnerability that allows for authentication bypass.  
[ maurycms-upload.txt ] 63cc458d0d8e69152b1c8c27b36a2bf7 MauryCMS versions 0.53.2 and below remote shell upload exploit.  
[ linksautomation-sql.txt ] 0ff9ea758f37cbf93c812e824cb8af98 LinksAutomation Script suffers from a remote SQL injection vulnerability.  
[ linksxs-sql.txt ] 165976435e2cf54668de8896135ccc8e Linksxs Script suffers from a remote SQL injection vulnerability.  
[ ethiclinks-sql.txt ] 840182c3b5760545c2554f36f44507c5 Ethiclinks suffers from a remote SQL injection vulnerability.  
[ easyeditcms-sql.txt ] ddd126108668940b95b0c3f58edc0366 Easyedit CMS suffers from multiple remote SQL injection vulnerabilities.  
[ msvista-overflow.txt ] 8d9062372b98a602f3a22fe236506963 The Microsoft Device IO Control wrapped by the iphlpapi.dll API shipping with Windows Vista 32 bit and 64 bit contains a possibly exploitable, buffer overflow corrupting kernel memory. Proof of concept test code included.  
[ mytopix-sql.txt ] 8e0559a875dc85728184e0a26a62eb96 MyTopix versions 1.3.0 and below remote SQL injection exploit.  
[ punbb-lfi.txt ] 4e17d4daf83b92da03922224ce17aa79 PunBB (Private Messaging System versions 1.2.x) multiple local file inclusion exploit.  
[ PR08-09.txt ] 027955185dafd3359535c914e02f64fa An unauthenticated file retrieval vulnerability exists on the Sun Java System Identity Manager.  
[ PR07-40.txt ] de90de2dfb7bb15c9207cdcfb1dc6b7e The 3Com AP 8760 suffers from authentication bypass, password leakage, and SNMP injection vulnerabilities. Details provided.  
[ PR07-11.txt ] 8a27d91e43fbb3bc2fb530f8741b2c77 Sun Java System Identity suffers from a cross site request forgery vulnerability. Proof of concept code included.  
[ secunia-streamripper.txt ] 2a667b6f5ea4090920bfdfceb7fa6c61 Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user's system. Version 1.63.5 is affected.