http://packetstormsecurity.org/ 20 Most Recent Packet Storm File Additions en-us http://packetstormsecurity.org/0805-advisories/ZDI-08-025.txt A vulnerability allows attackers to remotely obtain domain credentials on vulnerable installations of Symantec Altiris Deployment Solution. User interaction is not required to exploit this vulnerability. Authentication is not required to exploit this vulnerability. The specific flaw exists within the axengine.exe service listening by default on TCP port 402. The service allows a remote client to request encrypted domain credentials without authentication. The encryption lacks a salt allowing an attacker with a local installation of Altiris Deployment Solution to easily decrypt the credentials. http://packetstormsecurity.org/0805-advisories/ZDI-08-024.txt A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Symantec Altiris Deployment Solution. User interaction is not required to exploit this vulnerability. The specific flaw exists within the axengine.exe process listening by default on TCP port 402. A lack of proper sanitation while parsing requests allows for a remote attacker to inject arbitrary SQL statements into the database. Exploitation of this vulnerability can result in arbitrary code execution under the context of the SYSTEM user. http://packetstormsecurity.org/0805-exploits/sunshop-blindsql.txt SunShop version 3.5.1 remote blind SQL injection exploit. http://packetstormsecurity.org/0805-advisories/aid-051408.asc Aruba Networks Security Advisory - A user authentication vulnerability was discovered during standard bug reporting procedures in the Aruba Mobility Controller. This vulnerability only affects customers using TACACS authentication for Controller management users. Cross-site scripting vulnerabilities were discovered during standard bug reporting procedures in the Aruba Mobility Controller. Certain malformed inputs to the web UI allow the injection of cross-site scripting (XSS) components, leading to a potential compromise of client web session integrity. http://packetstormsecurity.org/papers/attack/altiris.pdf Whitepaper discussing privilege escalation vulnerability in the Symantec Altiris Deployment Solution. http://packetstormsecurity.org/0805-exploits/68classifieds-sql.txt 68 Classifieds version 4.0 suffers from a SQL injection vulnerability in category.php. http://packetstormsecurity.org/0805-exploits/newsmanager-rfisql.txt Newsmanager version 2.09 suffers from remote file inclusion, remote file disclosure, SQL injection, and permission bypass vulnerabilities. http://packetstormsecurity.org/0805-exploits/kostenloses-sql.txt Kostenloses Linkmanagementscript suffers from multiple SQL injection vulnerabilities. http://packetstormsecurity.org/0805-exploits/symantec-escalate.txt Symantec Altiris Client Service versions 6.5.248, 6.5.299, and 6.8.378 local privilege escalation exploit. Based on the vulnerability noted in MS04-019. http://packetstormsecurity.org/0805-advisories/cisco-sa-20080514-cup.txt Cisco Security Advisory - Administrators of systems running all Cisco Unified Presence versions can determine the software version by viewing the main page of the Cisco Unified Presence Administration interface. The software version can be determined by running the command show version active via the Command Line Interface (CLI). http://packetstormsecurity.org/0805-advisories/cisco-sa-20080514-cucmdos.txt Cisco Security Advisory - Cisco Unified Communications Manager, formerly Cisco CallManager, contains multiple denial of service (DoS) vulnerabilities that may cause an interruption in voice services, if exploited. These vulnerabilities were discovered internally by Cisco. http://packetstormsecurity.org/0805-advisories/cisco-sa-20080514-csm.txt Cisco Security Advisory - The Cisco Content Switching Module (CSM) and Cisco Content Switching Module with SSL (CSM-S) contain a memory leak vulnerability that can result in a denial of service condition. The vulnerability exists when the CSM or CSM-S is configured for layer 7 load balancing. An attacker can trigger this vulnerability when the CSM or CSM-S processes TCP segments with a specific combination of TCP flags while servers behind the CSM/CSM-S are overloaded and/or fail to accept a TCP connection. http://packetstormsecurity.org/0805-exploits/debian-sploit.txt A nice walk through discussing step by step how to brute force ssh logins using the recent Debian OpenSSL random number generator vulnerability. http://packetstormsecurity.org/papers/call_for/EC2ND-2008-CFP.txt Call For Papers for EC2ND. The fourth annual EC2ND conference will take place on December 11th and 12th 2008 in the Faculty of Engineering and Computing at Dublin City University. http://packetstormsecurity.org/fuzzer/sqlfuzzer.py.txt SQL Injector version 1.0 is a fuzzing utility written in Python. http://packetstormsecurity.org/fuzzer/xsschecker.py.txt Cross site scripting fuzzing utility written in Python. http://packetstormsecurity.org/0805-exploits/msie-crosszone.txt Microsoft Internet Explorer is prone to a cross-zone scripting vulnerability in its Print Table of Links feature. http://packetstormsecurity.org/0805-exploits/idautomation-activex.txt The IDAutomation Bar Code ActiveX controller suffers from multiple vulnerabilities. http://packetstormsecurity.org/0805-advisories/AD20080514.txt The Microsoft Malware Protection Engine is susceptible to two denial of service vulnerabilities. http://packetstormsecurity.org/shellcode/win32-generator.txt win32 Download and Execute shellcode generator (browsers edition).