http://packetstormsecurity.org/ 20 Most Recent Packet Storm File Additions en-us http://packetstormsecurity.org/papers/call_for/nullconGoa2011-CFP.txt The Call For Papers for nullcon Dwitiya 2.0 is now open. It takes place February 25th through the 26th, 2011 in Goa, India. http://packetstormsecurity.org/1009-exploits/amirocmsfaq-xss.txt Amiro.CMS version 5.8.4.0 suffers from a stored cross site scripting vulnerability. http://packetstormsecurity.org/papers/general/advanced-xss.pdf Whitepaper called Advanced XSS. Written in Arabic. http://packetstormsecurity.org/1009-advisories/moaub01-cpanel.pdf Month Of Abysssec Undisclosed Bugs - Cpanel suffers from a PHP restriction bypass vulnerability. Versions 11.25 and below are affected. http://packetstormsecurity.org/1009-advisories/moaub01-adobe.pdf Month Of Abysssec Undisclosed Bugs - Adobe Acrobat Reader and Flash Player suffer from a newclass invalid pointer vulnerability. http://packetstormsecurity.org/1009-advisories/MDVSA-2010-168.txt Mandriva Linux Security Advisory 2010-168 - Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service and possibly execute some sources refer to this as a use-after-free issue. The updated packages have been patched to correct this issue. http://packetstormsecurity.org/1009-exploits/ZSL-2010-4961.txt LEADTOOLS version 16.5.0.2 suffers from buffer overflow, integer overflow and denial of service vulnerabilities related to Active-X Common Dialogs. http://packetstormsecurity.org/1009-exploits/cpanelcp-xss.txt cPanel Customer Portal suffers from a cross site scripting vulnerability. http://packetstormsecurity.org/1009-exploits/tftpddesktop-traversal.txt TFTP Desktop version 2.5 suffers from a directory traversal vulnerability. http://packetstormsecurity.org/1009-exploits/tftpdwin-traversal.txt TFTPDWIN version 0.4.2 suffers from a directory traversal vulnerability. http://packetstormsecurity.org/1009-advisories/macosxparental-bypass.txt The parental controls built into the Mac OS X Mail client can be easily bypassed by anyone who knows the email address of the child and his/her parent. http://packetstormsecurity.org/1009-exploits/autodeskmapguide-overflow.txt Autodesk MapGuide Viewer version 6.5 suffers from an Active-X related overflow vulnerability in MGAXCTRL.DLL. http://packetstormsecurity.org/1009-exploits/moaub-adobenewclass.txt Month Of Abysssec Undisclosed Bugs - Adobe Acrobat Reader and Flash Player suffer from a newclass invalid pointer vulnerability. http://packetstormsecurity.org/1009-exploits/moaub-cpanel.txt Month Of Abysssec Undisclosed Bugs - Cpanel suffers from a PHP restriction bypass vulnerability. Versions 11.25 and below are affected. http://packetstormsecurity.org/1009-exploits/phpjokesitesbjoke-sql.txt PHP Joke Site Software suffers from a remote SQL injection vulnerability. http://packetstormsecurity.org/1009-exploits/dompdf-rfi.txt Dompdf version 0.6.0 Beta 1 suffers from a remote file inclusion vulnerability. http://packetstormsecurity.org/1009-exploits/mblogger-sql.txt mBlogger version 1.0.04 remote SQL injection exploit that leverages viewpost.php. http://packetstormsecurity.org/1008-exploits/1008-exploits.tgz This archive contains all of the 422 exploits added to Packet Storm in August, 2010. http://packetstormsecurity.org/1009-exploits/dbpoweramplocal-overflow.txt dBpowerAMP Audio Player local buffer overflow exploit (EDI overwrite method used). http://packetstormsecurity.org/1009-exploits/artgk-xss.txt ArtGK CMS suffers from cross site scripting vulnerabilities.