Files ≈ Packet Storm

Files ≈ Packet Storm Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Sun, 27 May 2012 23:17:57 GMT Packet Storm 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1753814919&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0507-advisories%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1753814919.1338160677.1338160677.1338160677.1%3B%2B__utmz%3D32867617.1338160677.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) Gentoo Linux Security Advisory 200507-29 http://packetstormsecurity.org/files/39027/glsa-200507-29.txt http://packetstormsecurity.org/files/39027/glsa-200507-29.txt http://packetstormsecurity.org/files/39027/Gentoo-Linux-Security-Advisory-200507-29.html Fri, 05 Aug 2005 05:57:25 GMT Gentoo Linux Security Advisory GLSA 200507-29 - Max Vozeler reported that pstotext calls the GhostScript interpreter on untrusted PostScript files without specifying the -dSAFER option. Versions less than 1.8g-r1 are affected. openbook122.txt http://packetstormsecurity.org/files/39023/openbook122.txt http://packetstormsecurity.org/files/39023/openbook122.txt http://packetstormsecurity.org/files/39023/openbook122.txt.html Fri, 05 Aug 2005 05:51:59 GMT OpenBook version 1.2.2 suffers from a SQL injection vulnerability. Gentoo Linux Security Advisory 200507-28 http://packetstormsecurity.org/files/39022/glsa-200507-28.txt http://packetstormsecurity.org/files/39022/glsa-200507-28.txt http://packetstormsecurity.org/files/39022/Gentoo-Linux-Security-Advisory-200507-28.html Fri, 05 Aug 2005 05:50:52 GMT Gentoo Linux Security Advisory GLSA 200507-28 - Earlier versions of emul-linux-x86-baselibs contain a vulnerable version of zlib, which may lead to a buffer overflow. Versions less than 2.2 are affected. pcexpCMS.txt http://packetstormsecurity.org/files/39021/pcexpCMS.txt http://packetstormsecurity.org/files/39021/pcexpCMS.txt http://packetstormsecurity.org/files/39021/pcexpCMS.txt.html Fri, 05 Aug 2005 05:50:18 GMT PC-EXPERIENCE/TOPPE CMS suffers from cross site scripting and login bypass flaws. trillianClear.txt http://packetstormsecurity.org/files/39017/trillianClear.txt http://packetstormsecurity.org/files/39017/trillianClear.txt http://packetstormsecurity.org/files/39017/trillianClear.txt.html Fri, 05 Aug 2005 05:43:49 GMT Trillian Pro 3.1 Build 121 saves a user password in clear text in a temporary file that is world readable when attempting to connect to Yahoo mail. Technical Cyber Security Alert 2005-210A http://packetstormsecurity.org/files/39015/TA05-210A.txt http://packetstormsecurity.org/files/39015/TA05-210A.txt http://packetstormsecurity.org/files/39015/Technical-Cyber-Security-Alert-2005-210A.html Fri, 05 Aug 2005 05:41:02 GMT Technical Cyber Security Alert TA05-210A - Cisco IOS IPv6 processing functionality contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service. Debian Linux Security Advisory 770-1 http://packetstormsecurity.org/files/39011/dsa-770-1.txt http://packetstormsecurity.org/files/39011/dsa-770-1.txt http://packetstormsecurity.org/files/39011/Debian-Linux-Security-Advisory-770-1.html Fri, 05 Aug 2005 05:33:36 GMT Debian Security Advisory DSA 770-1 - John Goerzen discovered that gopher, a client for the Gopher Distributed Hypertext protocol, creates temporary files in an insecure fashion. Cisco Security Advisory 20050729-ipv6 http://packetstormsecurity.org/files/39010/cisco-sa-20050729-ipv6.txt http://packetstormsecurity.org/files/39010/cisco-sa-20050729-ipv6.txt http://packetstormsecurity.org/files/39010/Cisco-Security-Advisory-20050729-ipv6.html Fri, 05 Aug 2005 05:33:00 GMT Cisco Security Advisory - Cisco Internetwork Operating System (IOS) Software is vulnerable to a Denial of Service (DoS) and potentially an arbitrary code execution attack from a specifically crafted IPv6 packet. The packet must be sent from a local network segment. Only devices that have been explicitly configured to process IPv6 traffic are affected. Upon successful exploitation, the device may reload or be open to further exploitation. Ubuntu Security Notice 156-1 http://packetstormsecurity.org/files/39007/USN-156-1.txt http://packetstormsecurity.org/files/39007/USN-156-1.txt http://packetstormsecurity.org/files/39007/Ubuntu-Security-Notice-156-1.html Fri, 05 Aug 2005 05:20:35 GMT Ubuntu Security Notice USN-156-1 - Wouter Hanegraaff discovered that the TIFF library did not sufficiently validate the YCbCr subsampling value in TIFF image headers. Decoding a malicious image with a zero value resulted in an arithmetic exception, which caused the program that uses the TIFF library to crash. This leads to a Denial of Service in server applications that use libtiff (like the CUPS printing system) and can cause data loss in, for example, the Evolution email client. Debian Linux Security Advisory 769-1 http://packetstormsecurity.org/files/39005/dsa-769-1.txt http://packetstormsecurity.org/files/39005/dsa-769-1.txt http://packetstormsecurity.org/files/39005/Debian-Linux-Security-Advisory-769-1.html Fri, 05 Aug 2005 05:14:05 GMT Debian Security Advisory DSA 769-1 - Szymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in libgadu (from ekg, console Gadu Gadu client, an instant messaging program) which is included in gaim, a multi-protocol instant messaging client, as well. This can not be exploited on the x86 architecture but on others, e.g. on Sparc and lead to a bus error, in other words a denial of service. SPI-0001-07282005.txt http://packetstormsecurity.org/files/39003/SPI-0001-07282005.txt http://packetstormsecurity.org/files/39003/SPI-0001-07282005.txt http://packetstormsecurity.org/files/39003/SPI-0001-07282005.txt.html Fri, 05 Aug 2005 05:10:44 GMT SPI Dynamics Security Bulletin SPI-0001-07282005 - There exists a potential WebInspect cross application scripting vulnerability for versions below 5.5.386. Hardened-PHP Project Security Advisory 2005-12.60 http://packetstormsecurity.org/files/39002/advisory_122005.60.txt http://packetstormsecurity.org/files/39002/advisory_122005.60.txt http://packetstormsecurity.org/files/39002/Hardened-PHP-Project-Security-Advisory-2005-12.60.html Fri, 05 Aug 2005 05:09:13 GMT UseBB versions 0.5.1 and below suffer from multiple SQL injection and cross site scripting vulnerabilities. websiteBaker.txt http://packetstormsecurity.org/files/38999/websiteBaker.txt http://packetstormsecurity.org/files/38999/websiteBaker.txt http://packetstormsecurity.org/files/38999/websiteBaker.txt.html Fri, 05 Aug 2005 04:59:12 GMT The Website Baker Project is susceptible to path disclosure and cross site scripting vulnerabilities. Secunia Security Advisory 15756 http://packetstormsecurity.org/files/38949/sa15756.txt http://packetstormsecurity.org/files/38949/sa15756.txt http://packetstormsecurity.org/files/38949/Secunia-Security-Advisory-15756.html Thu, 28 Jul 2005 17:02:32 GMT Secunia Security Advisory - Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks and retrieve a user's files. NRVA05-03.txt http://packetstormsecurity.org/files/38945/NRVA05-03.txt http://packetstormsecurity.org/files/38945/NRVA05-03.txt http://packetstormsecurity.org/files/38945/NRVA05-03.txt.html Thu, 28 Jul 2005 16:55:46 GMT HAURI live update suffers from remote file download and execution vulnerabilities. Gentoo Linux Security Advisory 200507-27 http://packetstormsecurity.org/files/38944/glsa-200507-27.txt http://packetstormsecurity.org/files/38944/glsa-200507-27.txt http://packetstormsecurity.org/files/38944/Gentoo-Linux-Security-Advisory-200507-27.html Thu, 28 Jul 2005 16:54:02 GMT Gentoo Linux Security Advisory GLSA 200507-27 - Ethereal is vulnerable to numerous vulnerabilities potentially resulting in the execution of arbitrary code or abnormal termination. Versions less than 0.10.12 are affected. Secunia Security Advisory 16231 http://packetstormsecurity.org/files/38943/sa16231.txt http://packetstormsecurity.org/files/38943/sa16231.txt http://packetstormsecurity.org/files/38943/Secunia-Security-Advisory-16231.html Thu, 28 Jul 2005 15:48:02 GMT Secunia Security Advisory - Leandro Meiners has reported a security issue in Lotus Domino, which can be exploited by malicious users to disclose certain sensitive information. Secunia Security Advisory 15870 http://packetstormsecurity.org/files/38941/sa15870.txt http://packetstormsecurity.org/files/38941/sa15870.txt http://packetstormsecurity.org/files/38941/Secunia-Security-Advisory-15870.html Thu, 28 Jul 2005 15:47:03 GMT Secunia Security Advisory - Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files. Secunia Security Advisory 16228 http://packetstormsecurity.org/files/38938/sa16228.txt http://packetstormsecurity.org/files/38938/sa16228.txt http://packetstormsecurity.org/files/38938/Secunia-Security-Advisory-16228.html Thu, 28 Jul 2005 15:47:03 GMT Secunia Security Advisory - Yun Jonglim has reported a vulnerability in UnixWare, which can be exploited by malicious people to cause a DoS (Denial of Service). Secunia Security Advisory 16251 http://packetstormsecurity.org/files/38939/sa16251.txt http://packetstormsecurity.org/files/38939/sa16251.txt http://packetstormsecurity.org/files/38939/Secunia-Security-Advisory-16251.html Thu, 28 Jul 2005 15:47:03 GMT Secunia Security Advisory - A vulnerability has been reported in FileZilla Server, which can be exploited by malicious people to conduct a DoS (Denial of Service) or potentially compromise a vulnerable system. Secunia Security Advisory 16253 http://packetstormsecurity.org/files/38940/sa16253.txt http://packetstormsecurity.org/files/38940/sa16253.txt http://packetstormsecurity.org/files/38940/Secunia-Security-Advisory-16253.html Thu, 28 Jul 2005 15:47:03 GMT Secunia Security Advisory - Joxean Koret has reported some vulnerabilities in GForge, which can be exploited by malicious people to conduct cross-site scripting attacks. Secunia Security Advisory 16255 http://packetstormsecurity.org/files/38942/sa16255.txt http://packetstormsecurity.org/files/38942/sa16255.txt http://packetstormsecurity.org/files/38942/Secunia-Security-Advisory-16255.html Thu, 28 Jul 2005 15:47:03 GMT Secunia Security Advisory - A vulnerability has been reported in MySQL Eventum, which can be exploited by malicious people to compromise a vulnerable system. Debian Linux Security Advisory 768-1 http://packetstormsecurity.org/files/38931/dsa-768-1.txt http://packetstormsecurity.org/files/38931/dsa-768-1.txt http://packetstormsecurity.org/files/38931/Debian-Linux-Security-Advisory-768-1.html Thu, 28 Jul 2005 07:05:30 GMT Debian Security Advisory DSA 768-1 - A cross-site scripting vulnerability has been detected in phpBB2 that allows remote attackers to inject arbitrary web script or HTML via nested tags. Debian Linux Security Advisory 767-1 http://packetstormsecurity.org/files/38930/dsa-767-1.txt http://packetstormsecurity.org/files/38930/dsa-767-1.txt http://packetstormsecurity.org/files/38930/Debian-Linux-Security-Advisory-767-1.html Thu, 28 Jul 2005 07:04:33 GMT Debian Security Advisory DSA 767-1 - Marcin Slusarz discovered two integer overflow vulnerabilities in libgadu, a library provided and used by ekg, a console Gadu Gadu client, an instant messaging program, that could lead to the execution of arbitrary code. cleverAccess.txt http://packetstormsecurity.org/files/38929/cleverAccess.txt http://packetstormsecurity.org/files/38929/cleverAccess.txt http://packetstormsecurity.org/files/38929/cleverAccess.txt.html Thu, 28 Jul 2005 07:03:19 GMT Clever Copy contains a flaw that allows for unauthorized reading and deletion of private message from other users. Versions 2.0 and 2.0a are affected.