Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 06:17:24 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=2326478460&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0804-advisories%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.2326478460.1338185844.1338185844.1338185844.1%3B%2B__utmz%3D32867617.1338185844.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/67968/DDIVRT-2008-12-ServerView.txt http://packetstormsecurity.org/files/67968/DDIVRT-2008-12-ServerView.txt http://packetstormsecurity.org/files/67968/Digital-Defense-VRT-Advisory-2008.12.html Thu, 10 Jul 2008 01:37:11 GMT ServerView 04.60.07 suffers from a buffer overflow vulnerability in SnmpGetMibValues.exe. http://packetstormsecurity.org/files/67454/carcbackazz-adv.txt http://packetstormsecurity.org/files/67454/carcbackazz-adv.txt http://packetstormsecurity.org/files/67454/carcbackazz-adv.txt.html Wed, 18 Jun 2008 22:11:37 GMT CA ARCserve Backup versions 12.0.5454.0 and below suffer from a denial of service vulnerability. http://packetstormsecurity.org/files/65953/akamai-activex.txt http://packetstormsecurity.org/files/65953/akamai-activex.txt http://packetstormsecurity.org/files/65953/akamai-activex.txt.html Thu, 01 May 2008 00:50:51 GMT A security vulnerability has been discovered in versions prior to 2.2.3.5 of Akamai Download Manager. For successful exploitation, this vulnerability requires a user to be convinced to visit a malicious URL put into place by an attacker. This may then lead to an unauthorized download and automatic execution of arbitrary code run within the context of the victim user. http://packetstormsecurity.org/files/65952/dsa-1563-1.txt http://packetstormsecurity.org/files/65952/dsa-1563-1.txt http://packetstormsecurity.org/files/65952/Debian-Linux-Security-Advisory-1563-1.html Thu, 01 May 2008 00:49:01 GMT Debian Security Advisory 1563-1 - Joel R. Voss discovered that the IAX2 module of Asterisk, a free software PBX and telephony toolkit performs insufficient validation of IAX2 protocol messages, which may lead to denial of service. http://packetstormsecurity.org/files/65950/SSRT080000.txt http://packetstormsecurity.org/files/65950/SSRT080000.txt http://packetstormsecurity.org/files/65950/HP-Security-Bulletin-2008-00.0.html Thu, 01 May 2008 00:46:10 GMT HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running WBEM Services. These vulnerabilities could be exploited remotely to execute arbitrary code or to gain extended privileges. http://packetstormsecurity.org/files/65947/NGS-SNMPc.txt http://packetstormsecurity.org/files/65947/NGS-SNMPc.txt http://packetstormsecurity.org/files/65947/NGS-SNMPc.txt.html Thu, 01 May 2008 00:40:56 GMT Wade Alcorn and John Heasman of NGSSoftware have discovered a stack overflow vulnerability in Castle Rock Computing SNMPc Network Manager. Versions 7.1 and below are affected. http://packetstormsecurity.org/files/65941/MDVSA-2008-094.txt http://packetstormsecurity.org/files/65941/MDVSA-2008-094.txt http://packetstormsecurity.org/files/65941/Mandriva-Linux-Security-Advisory-2008-094.html Wed, 30 Apr 2008 00:25:28 GMT Mandriva Linux Security Advisory - A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library. http://packetstormsecurity.org/files/65940/MDVSA-2008-093.txt http://packetstormsecurity.org/files/65940/MDVSA-2008-093.txt http://packetstormsecurity.org/files/65940/Mandriva-Linux-Security-Advisory-2008-093.html Wed, 30 Apr 2008 00:24:49 GMT Mandriva Linux Security Advisory - A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library. The ogg123 application in vorbis-tools is similarly affected by this issue. http://packetstormsecurity.org/files/65939/MDVSA-2008-092.txt http://packetstormsecurity.org/files/65939/MDVSA-2008-092.txt http://packetstormsecurity.org/files/65939/Mandriva-Linux-Security-Advisory-2008-092.html Wed, 30 Apr 2008 00:24:03 GMT Mandriva Linux Security Advisory - A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library. The speex plugin in the gstreamer-plugins-good package is similarly affected by this issue. http://packetstormsecurity.org/files/65932/glsa-200804-30.txt http://packetstormsecurity.org/files/65932/glsa-200804-30.txt http://packetstormsecurity.org/files/65932/Gentoo-Linux-Security-Advisory-200804-30.html Tue, 29 Apr 2008 23:47:11 GMT Gentoo Linux Security Advisory GLSA 200804-30 - Vulnerabilities have been reported in the processing of user-controlled data by start_kdeinit, which is setuid root by default. Versions less than 4.0 are affected. http://packetstormsecurity.org/files/65915/sa29936.txt http://packetstormsecurity.org/files/65915/sa29936.txt http://packetstormsecurity.org/files/65915/Secunia-Security-Advisory-29936.html Tue, 29 Apr 2008 23:20:27 GMT Secunia Security Advisory - M.Hasran Addahroni has reported a vulnerability in Prozilla Hosting Index, which can be exploited by malicious people to conduct SQL injection attacks. http://packetstormsecurity.org/files/65921/sa29945.txt http://packetstormsecurity.org/files/65921/sa29945.txt http://packetstormsecurity.org/files/65921/Secunia-Security-Advisory-29945.html Tue, 29 Apr 2008 23:20:27 GMT Secunia Security Advisory - Debian has issued an update for kronolith. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/65927/sa29959.txt http://packetstormsecurity.org/files/65927/sa29959.txt http://packetstormsecurity.org/files/65927/Secunia-Security-Advisory-29959.html Tue, 29 Apr 2008 23:20:27 GMT Secunia Security Advisory - Debian has issued an update for ldm. This fixes a security issue, which can be exploited by malicious people to disclose sensitive information. http://packetstormsecurity.org/files/65919/sa29977.txt http://packetstormsecurity.org/files/65919/sa29977.txt http://packetstormsecurity.org/files/65919/Secunia-Security-Advisory-29977.html Tue, 29 Apr 2008 23:20:27 GMT Secunia Security Advisory - Gentoo has issued an update for kdelibs. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to potentially gain escalated privileges. http://packetstormsecurity.org/files/65928/sa29981.txt http://packetstormsecurity.org/files/65928/sa29981.txt http://packetstormsecurity.org/files/65928/Secunia-Security-Advisory-29981.html Tue, 29 Apr 2008 23:20:27 GMT Secunia Security Advisory - ProgenTR has reported a vulnerability in Jokes Site Script, which can be exploited by malicious people to conduct SQL injection attacks. http://packetstormsecurity.org/files/65920/sa29989.txt http://packetstormsecurity.org/files/65920/sa29989.txt http://packetstormsecurity.org/files/65920/Secunia-Security-Advisory-29989.html Tue, 29 Apr 2008 23:20:27 GMT Secunia Security Advisory - A vulnerability has been reported in PhpGedView, which can be exploited by malicious people to compromise a vulnerable system. http://packetstormsecurity.org/files/65926/sa29991.txt http://packetstormsecurity.org/files/65926/sa29991.txt http://packetstormsecurity.org/files/65926/Secunia-Security-Advisory-29991.html Tue, 29 Apr 2008 23:20:27 GMT Secunia Security Advisory - HaCkeR-EgY has reported a vulnerability in Joovili, which can be exploited by malicious people to conduct SQL injection attacks. http://packetstormsecurity.org/files/65922/sa29996.txt http://packetstormsecurity.org/files/65922/sa29996.txt http://packetstormsecurity.org/files/65922/Secunia-Security-Advisory-29996.html Tue, 29 Apr 2008 23:20:27 GMT Secunia Security Advisory - Core Security Technologies has reported a vulnerability in Sophos Anti-Virus, which can be exploited by malicious, local users to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/65924/sa30002.txt http://packetstormsecurity.org/files/65924/sa30002.txt http://packetstormsecurity.org/files/65924/Secunia-Security-Advisory-30002.html Tue, 29 Apr 2008 23:20:27 GMT Secunia Security Advisory - Roberto Suggi Liverani has reported a vulnerability in Sugar Community Edition, which can be exploited by malicious users to disclose sensitive information. http://packetstormsecurity.org/files/65923/sa30004.txt http://packetstormsecurity.org/files/65923/sa30004.txt http://packetstormsecurity.org/files/65923/Secunia-Security-Advisory-30004.html Tue, 29 Apr 2008 23:20:27 GMT Secunia Security Advisory - IRCRASH has discovered a vulnerability in miniBB, which can be exploited by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/65929/sa30005.txt http://packetstormsecurity.org/files/65929/sa30005.txt http://packetstormsecurity.org/files/65929/Secunia-Security-Advisory-30005.html Tue, 29 Apr 2008 23:20:27 GMT Secunia Security Advisory - Core Security Technologies has reported a vulnerability in BitDefender Antivirus 2008, which can be exploited by malicious, local users to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/65916/sa30009.txt http://packetstormsecurity.org/files/65916/sa30009.txt http://packetstormsecurity.org/files/65916/Secunia-Security-Advisory-30009.html Tue, 29 Apr 2008 23:20:27 GMT Secunia Security Advisory - Slackware has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise an application using the library. http://packetstormsecurity.org/files/65918/sa30011.txt http://packetstormsecurity.org/files/65918/sa30011.txt http://packetstormsecurity.org/files/65918/Secunia-Security-Advisory-30011.html Tue, 29 Apr 2008 23:20:27 GMT Secunia Security Advisory - A vulnerability has been reported in Imager, which potentially can be exploited by malicious people to compromise an application using the library. http://packetstormsecurity.org/files/65925/sa30012.txt http://packetstormsecurity.org/files/65925/sa30012.txt http://packetstormsecurity.org/files/65925/Secunia-Security-Advisory-30012.html Tue, 29 Apr 2008 23:20:27 GMT Secunia Security Advisory - Debian has issued an update for iceape. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system. http://packetstormsecurity.org/files/65917/sa30014.txt http://packetstormsecurity.org/files/65917/sa30014.txt http://packetstormsecurity.org/files/65917/Secunia-Security-Advisory-30014.html Tue, 29 Apr 2008 23:20:27 GMT Secunia Security Advisory - A weakness has been reported in util-linux-ng, which can be exploited by malicious people to manipulate certain data.