Files ≈ Packet Storm

Files ≈ Packet Storm Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 06:14:16 GMT Packet Storm 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1539619288&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0801-advisories%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1539619288.1338185656.1338185656.1338185656.1%3B%2B__utmz%3D32867617.1338185656.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) Ubuntu Security Notice 573-1 http://packetstormsecurity.org/files/63187/USN-573-1.txt http://packetstormsecurity.org/files/63187/USN-573-1.txt http://packetstormsecurity.org/files/63187/Ubuntu-Security-Notice-573-1.html Fri, 01 Feb 2008 04:58:07 GMT Ubuntu Security Notice 573-1 - It was discovered that PulseAudio did not properly drop privileges when running as a daemon. Local users may be able to exploit this and gain privileges. The default Ubuntu configuration is not affected. Mandriva Linux Security Advisory 2008-030 http://packetstormsecurity.org/files/63184/MDVSA-2008-030.txt http://packetstormsecurity.org/files/63184/MDVSA-2008-030.txt http://packetstormsecurity.org/files/63184/Mandriva-Linux-Security-Advisory-2008-030.html Fri, 01 Feb 2008 04:55:24 GMT Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered by Tavis Ormandy and Will Drewry in the way that pcre handled certain malformed regular expressions. If an application linked against pcre, such as Konqueror, parses a malicious regular expression, it could lead to the execution of arbitrary code as the user running the application. Mandriva Linux Security Advisory 2008-029 http://packetstormsecurity.org/files/63183/MDVSA-2008-029.txt http://packetstormsecurity.org/files/63183/MDVSA-2008-029.txt http://packetstormsecurity.org/files/63183/Mandriva-Linux-Security-Advisory-2008-029.html Fri, 01 Feb 2008 04:54:02 GMT Mandriva Linux Security Advisory - Ruby network libraries Net::HTTP, Net::IMAP, Net::FTPTLS, Net::Telnet, Net::POP3, and Net::SMTP, up to Ruby version 1.8.6 are affected by a possible man-in-the-middle attack, when using SSL, due to a missing check of the CN (common name) attribute in SSL certificates against the server's hostname. Secunia Security Advisory 28687 http://packetstormsecurity.org/files/63182/sa28687.txt http://packetstormsecurity.org/files/63182/sa28687.txt http://packetstormsecurity.org/files/63182/Secunia-Security-Advisory-28687.html Fri, 01 Feb 2008 04:52:37 GMT Secunia Security Advisory - Dave Lewis has reported a vulnerability in Tripwire Enterprise, which can be exploited by malicious people to conduct cross-site scripting attacks. Secunia Security Advisory 28718 http://packetstormsecurity.org/files/63180/sa28718.txt http://packetstormsecurity.org/files/63180/sa28718.txt http://packetstormsecurity.org/files/63180/Secunia-Security-Advisory-28718.html Fri, 01 Feb 2008 04:52:37 GMT Secunia Security Advisory - rPath has issued an update for xorg-x11. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges. Secunia Security Advisory 28722 http://packetstormsecurity.org/files/63181/sa28722.txt http://packetstormsecurity.org/files/63181/sa28722.txt http://packetstormsecurity.org/files/63181/Secunia-Security-Advisory-28722.html Fri, 01 Feb 2008 04:52:37 GMT Secunia Security Advisory - Two vulnerabilities have been reported in VirtueMart, which can be exploited by malicious people to conduct cross-site request forgery attacks or to disclose sensitive information. livelink-utf7-xss-advisory.pdf http://packetstormsecurity.org/files/63179/livelink-utf7-xss-advisory.pdf http://packetstormsecurity.org/files/63179/livelink-utf7-xss-advisory.pdf http://packetstormsecurity.org/files/63179/livelink-utf7-xss-advisory.pdf.html Fri, 01 Feb 2008 04:52:30 GMT LiveLink versions 9.7.0 and below suffer from a cross site scripting vulnerability using UTF-7. Gentoo Linux Security Advisory 200801-22 http://packetstormsecurity.org/files/63174/glsa-200801-22-02.txt http://packetstormsecurity.org/files/63174/glsa-200801-22-02.txt http://packetstormsecurity.org/files/63174/Gentoo-Linux-Security-Advisory-200801-22.html Fri, 01 Feb 2008 04:23:42 GMT Gentoo Linux Security Advisory GLSA 200801-22:02 - Luigi Auriemma reported a heap-based buffer overflow within the handshakeHTTP() function when processing HTTP requests. Versions less than 0.1218 are affected. Gentoo Linux Security Advisory 200801-21 http://packetstormsecurity.org/files/63173/glsa-200801-21.txt http://packetstormsecurity.org/files/63173/glsa-200801-21.txt http://packetstormsecurity.org/files/63173/Gentoo-Linux-Security-Advisory-200801-21.html Fri, 01 Feb 2008 04:23:26 GMT Gentoo Linux Security Advisory GLSA 200801-21 - Miroslav Lichvar discovered that the xdg-open and xdg-email shell scripts do not properly sanitize their input before processing it. Versions less than 1.0.2-r1 are affected. Secunia Security Advisory 28638 http://packetstormsecurity.org/files/63165/sa28638.txt http://packetstormsecurity.org/files/63165/sa28638.txt http://packetstormsecurity.org/files/63165/Secunia-Security-Advisory-28638.html Fri, 01 Feb 2008 01:57:02 GMT Secunia Security Advisory - Some vulnerabilities have been reported in Xdg-utils, which can be exploited by malicious people to compromise a user's system. Secunia Security Advisory 28645 http://packetstormsecurity.org/files/63151/sa28645.txt http://packetstormsecurity.org/files/63151/sa28645.txt http://packetstormsecurity.org/files/63151/Secunia-Security-Advisory-28645.html Fri, 01 Feb 2008 01:56:43 GMT Secunia Security Advisory - Mandriva has issued an update for ruby. This fixes some security issues, which can be exploited by malicious people to conduct spoofing attacks. Secunia Security Advisory 28684 http://packetstormsecurity.org/files/63152/sa28684.txt http://packetstormsecurity.org/files/63152/sa28684.txt http://packetstormsecurity.org/files/63152/Secunia-Security-Advisory-28684.html Fri, 01 Feb 2008 01:56:43 GMT Secunia Security Advisory - NBBN has discovered two vulnerabilities in webSPELL, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks. Secunia Security Advisory 28702 http://packetstormsecurity.org/files/63161/sa28702.txt http://packetstormsecurity.org/files/63161/sa28702.txt http://packetstormsecurity.org/files/63161/Secunia-Security-Advisory-28702.html Fri, 01 Feb 2008 01:56:43 GMT Secunia Security Advisory - enter_the_dragon has reported a vulnerability in the WassUp plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Secunia Security Advisory 28711 http://packetstormsecurity.org/files/63160/sa28711.txt http://packetstormsecurity.org/files/63160/sa28711.txt http://packetstormsecurity.org/files/63160/Secunia-Security-Advisory-28711.html Fri, 01 Feb 2008 01:56:43 GMT Secunia Security Advisory - Cisco has acknowledged a vulnerability in Cisco Wireless Control System (WCS), which can be exploited by malicious people to compromise a vulnerable system. Secunia Security Advisory 28714 http://packetstormsecurity.org/files/63157/sa28714.txt http://packetstormsecurity.org/files/63157/sa28714.txt http://packetstormsecurity.org/files/63157/Secunia-Security-Advisory-28714.html Fri, 01 Feb 2008 01:56:43 GMT Secunia Security Advisory - Gentoo has issued an update for goffice. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, and compromise a vulnerable system. Secunia Security Advisory 28715 http://packetstormsecurity.org/files/63154/sa28715.txt http://packetstormsecurity.org/files/63154/sa28715.txt http://packetstormsecurity.org/files/63154/Secunia-Security-Advisory-28715.html Fri, 01 Feb 2008 01:56:43 GMT Secunia Security Advisory - Elazar Broad has discovered a vulnerability in MySpace Uploader Control, which can be exploited by malicious people to compromise a user's system. Secunia Security Advisory 28716 http://packetstormsecurity.org/files/63163/sa28716.txt http://packetstormsecurity.org/files/63163/sa28716.txt http://packetstormsecurity.org/files/63163/Secunia-Security-Advisory-28716.html Fri, 01 Feb 2008 01:56:43 GMT Secunia Security Advisory - Gentoo has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Secunia Security Advisory 28717 http://packetstormsecurity.org/files/63146/sa28717.txt http://packetstormsecurity.org/files/63146/sa28717.txt http://packetstormsecurity.org/files/63146/Secunia-Security-Advisory-28717.html Fri, 01 Feb 2008 01:56:43 GMT Secunia Security Advisory - A vulnerability has been reported in the OpenID module for Drupal, which can be exploited by malicious people to spoof OpenID authorities. Secunia Security Advisory 28719 http://packetstormsecurity.org/files/63164/sa28719.txt http://packetstormsecurity.org/files/63164/sa28719.txt http://packetstormsecurity.org/files/63164/Secunia-Security-Advisory-28719.html Fri, 01 Feb 2008 01:56:43 GMT Secunia Security Advisory - Gentoo has issued an update for peercast. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially to compromise a vulnerable system. Secunia Security Advisory 28720 http://packetstormsecurity.org/files/63156/sa28720.txt http://packetstormsecurity.org/files/63156/sa28720.txt http://packetstormsecurity.org/files/63156/Secunia-Security-Advisory-28720.html Fri, 01 Feb 2008 01:56:43 GMT Secunia Security Advisory - Gentoo has issued an update for kazehakase. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, and compromise a user's system. Secunia Security Advisory 28724 http://packetstormsecurity.org/files/63162/sa28724.txt http://packetstormsecurity.org/files/63162/sa28724.txt http://packetstormsecurity.org/files/63162/Secunia-Security-Advisory-28724.html Fri, 01 Feb 2008 01:56:43 GMT Secunia Security Advisory - Will Dormann has reported some vulnerabilities in SwiftView Viewer, which can be exploited by malicious people to compromise a user's system. Secunia Security Advisory 28725 http://packetstormsecurity.org/files/63150/sa28725.txt http://packetstormsecurity.org/files/63150/sa28725.txt http://packetstormsecurity.org/files/63150/Secunia-Security-Advisory-28725.html Fri, 01 Feb 2008 01:56:43 GMT Secunia Security Advisory - A vulnerability has been reported in Gnumeric, which can be exploited by malicious people to compromise a user's system. Secunia Security Advisory 28726 http://packetstormsecurity.org/files/63147/sa28726.txt http://packetstormsecurity.org/files/63147/sa28726.txt http://packetstormsecurity.org/files/63147/Secunia-Security-Advisory-28726.html Fri, 01 Feb 2008 01:56:43 GMT Secunia Security Advisory - Alexandr Polyakov and Anton Karpov have reported a vulnerability in OpenBSD bgplg, which can be exploited by malicious people to conduct cross-site scripting attacks. Secunia Security Advisory 28727 http://packetstormsecurity.org/files/63159/sa28727.txt http://packetstormsecurity.org/files/63159/sa28727.txt http://packetstormsecurity.org/files/63159/Secunia-Security-Advisory-28727.html Fri, 01 Feb 2008 01:56:43 GMT Secunia Security Advisory - Houssamix has discovered a vulnerability in PHP Links, which can be exploited by malicious people to conduct SQL injection attacks. Secunia Security Advisory 28728 http://packetstormsecurity.org/files/63158/sa28728.txt http://packetstormsecurity.org/files/63158/sa28728.txt http://packetstormsecurity.org/files/63158/Secunia-Security-Advisory-28728.html Fri, 01 Feb 2008 01:56:43 GMT Secunia Security Advisory - Gentoo has issued an update for xdg-utils. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.