Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 05:57:09 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1515866753&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0905-advisories%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1515866753.1338184629.1338184629.1338184629.1%3B%2B__utmz%3D32867617.1338184629.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/77946/TZO-28-2009.txt http://packetstormsecurity.org/files/77946/TZO-28-2009.txt http://packetstormsecurity.org/files/77946/Avira-Antivir-Generic-Evasion.html Sat, 30 May 2009 14:32:02 GMT The Avira Antivir Anti-Virus engine can by bypassed by specially crafted RAR, CAB, ZIP, and LH files. http://packetstormsecurity.org/files/77937/sa35275.txt http://packetstormsecurity.org/files/77937/sa35275.txt http://packetstormsecurity.org/files/77937/Secunia-Security-Advisory-35275.html Sat, 30 May 2009 05:57:04 GMT Secunia Security Advisory - A vulnerability has been reported in IMG-BBS, which can be exploited by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/77936/sa35268.txt http://packetstormsecurity.org/files/77936/sa35268.txt http://packetstormsecurity.org/files/77936/Secunia-Security-Advisory-35268.html Sat, 30 May 2009 05:57:01 GMT Secunia Security Advisory - A vulnerability has been reported in Microsoft DirectX, which can be exploited by malicious people to compromise a user's system. http://packetstormsecurity.org/files/77935/sa35258.txt http://packetstormsecurity.org/files/77935/sa35258.txt http://packetstormsecurity.org/files/77935/Secunia-Security-Advisory-35258.html Sat, 30 May 2009 05:56:59 GMT Secunia Security Advisory - VMware has issued an update for ESX. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. http://packetstormsecurity.org/files/77934/sa35269.txt http://packetstormsecurity.org/files/77934/sa35269.txt http://packetstormsecurity.org/files/77934/Secunia-Security-Advisory-35269.html Sat, 30 May 2009 05:56:56 GMT Secunia Security Advisory - A vulnerability has been reported in VMware products, which can be exploited by malicious, local users to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/77933/sa35238.txt http://packetstormsecurity.org/files/77933/sa35238.txt http://packetstormsecurity.org/files/77933/Secunia-Security-Advisory-35238.html Sat, 30 May 2009 05:56:54 GMT Secunia Security Advisory - A vulnerability has been discovered in Achievo, which can be exploited by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/77932/sa35251.txt http://packetstormsecurity.org/files/77932/sa35251.txt http://packetstormsecurity.org/files/77932/Secunia-Security-Advisory-35251.html Sat, 30 May 2009 05:56:51 GMT Secunia Security Advisory - A vulnerability has been reported in REP-BBS, which can be exploited by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/77931/sa35199.txt http://packetstormsecurity.org/files/77931/sa35199.txt http://packetstormsecurity.org/files/77931/Secunia-Security-Advisory-35199.html Sat, 30 May 2009 05:56:49 GMT Secunia Security Advisory - A security has been discovered in SonicWALL Global VPN Client, which can be exploited by malicious, local user to gain escalated privileges. http://packetstormsecurity.org/files/77930/sa35220.txt http://packetstormsecurity.org/files/77930/sa35220.txt http://packetstormsecurity.org/files/77930/Secunia-Security-Advisory-35220.html Sat, 30 May 2009 05:56:46 GMT Secunia Security Advisory - A vulnerability has been reported in SonicWALL Global Security Client, which can be exploited by malicious, local users to gain escalated privileges. http://packetstormsecurity.org/files/77929/sa35173.txt http://packetstormsecurity.org/files/77929/sa35173.txt http://packetstormsecurity.org/files/77929/Secunia-Security-Advisory-35173.html Sat, 30 May 2009 05:56:44 GMT Secunia Security Advisory - Russ McRee has discovered some vulnerabilities in ACollab, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and cross-site request forgery attacks. http://packetstormsecurity.org/files/77928/sa35228.txt http://packetstormsecurity.org/files/77928/sa35228.txt http://packetstormsecurity.org/files/77928/Secunia-Security-Advisory-35228.html Sat, 30 May 2009 05:56:41 GMT Secunia Security Advisory - A vulnerability has been reported in ZeeCareers, which can be exploited by malicious people to bypass certain security restrictions. http://packetstormsecurity.org/files/77927/sa35250.txt http://packetstormsecurity.org/files/77927/sa35250.txt http://packetstormsecurity.org/files/77927/Secunia-Security-Advisory-35250.html Sat, 30 May 2009 05:56:39 GMT Secunia Security Advisory - A vulnerability has been reported in SonicWALL SonicOS, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. http://packetstormsecurity.org/files/77926/sa35262.txt http://packetstormsecurity.org/files/77926/sa35262.txt http://packetstormsecurity.org/files/77926/Secunia-Security-Advisory-35262.html Sat, 30 May 2009 05:56:36 GMT Secunia Security Advisory - Some vulnerabilities have been reported in AdPeeps, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks. http://packetstormsecurity.org/files/77925/sa35272.txt http://packetstormsecurity.org/files/77925/sa35272.txt http://packetstormsecurity.org/files/77925/Secunia-Security-Advisory-35272.html Sat, 30 May 2009 05:56:33 GMT Secunia Security Advisory - Some vulnerabilities have been reported in Small Pirate, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct SQL injection attacks. http://packetstormsecurity.org/files/77924/VMSA-2009-0007.txt http://packetstormsecurity.org/files/77924/VMSA-2009-0007.txt http://packetstormsecurity.org/files/77924/VMware-Security-Advisory-2009-0007.html Fri, 29 May 2009 04:27:41 GMT VMware Security Advisory - VMware Hosted products and ESX and ESXi patches resolve a security issue. Update patch 13 for ESX 2.5.5 updates the libpng Service Console RPM. http://packetstormsecurity.org/files/77923/CORE-2009-0401.txt http://packetstormsecurity.org/files/77923/CORE-2009-0401.txt http://packetstormsecurity.org/files/77923/Core-Security-Technologies-Advisory-2009.0401.html Fri, 29 May 2009 02:00:23 GMT Core Security Technologies Advisory - Ston3D StandalonePlayer and WebPlayer are vulnerable to a command injection vulnerability, which can be exploited by malicious remote attackers. The vulnerability is due to the Ston3D scripting language. It provides the function 'system.openURL()' which does not properly sanitize the input before using it. This can be exploited to execute arbitrary commands with the privileges of the Stone3D player by opening a specially crafted file. http://packetstormsecurity.org/files/77921/forumscripts-mime.txt http://packetstormsecurity.org/files/77921/forumscripts-mime.txt http://packetstormsecurity.org/files/77921/Forum-Scripts-Sniffing-Issue.html Fri, 29 May 2009 01:10:41 GMT Forum Scripts suffers from a MIME/Content-Type-Sniffing issue in the Image Uploads functionality. http://packetstormsecurity.org/files/77920/Bkis-09-2009.txt http://packetstormsecurity.org/files/77920/Bkis-09-2009.txt http://packetstormsecurity.org/files/77920/PRTG-Traffic-Grapher-Cross-Site-Scripting.html Fri, 29 May 2009 00:58:52 GMT PRTG Traffic Grapher suffers from a cross site scripting vulnerability in Monitor_Bandwidth. Versions 6.2.2.977 and below are affected. http://packetstormsecurity.org/files/77915/ZDI-09-021.txt http://packetstormsecurity.org/files/77915/ZDI-09-021.txt http://packetstormsecurity.org/files/77915/Zero-Day-Initiative-Advisory-09-021.html Fri, 29 May 2009 00:23:10 GMT Zero Day Initiative Advisory 09-021 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when the application parses a malformed .PICT image. While decoding a tag 0x77 in the image, the application misuses a 16-bit length when allocating tag data. When copying tag data into this buffer, a heap overflow occurs. This can lead to code execution under the context of the current user. http://packetstormsecurity.org/files/77913/sa35230.txt http://packetstormsecurity.org/files/77913/sa35230.txt http://packetstormsecurity.org/files/77913/Secunia-Security-Advisory-35230.html Thu, 28 May 2009 16:20:57 GMT Secunia Security Advisory - A security issue has been reported in pam_krb5, which can be exploited by malicious people to disclose potentially sensitive information. http://packetstormsecurity.org/files/77912/sa35232.txt http://packetstormsecurity.org/files/77912/sa35232.txt http://packetstormsecurity.org/files/77912/Secunia-Security-Advisory-35232.html Thu, 28 May 2009 15:59:02 GMT Secunia Security Advisory - Some vulnerabilities have been reported in the Ajax Session module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery and cross-site scripting attacks. http://packetstormsecurity.org/files/77911/sa35249.txt http://packetstormsecurity.org/files/77911/sa35249.txt http://packetstormsecurity.org/files/77911/Secunia-Security-Advisory-35249.html Thu, 28 May 2009 15:59:00 GMT Secunia Security Advisory - A vulnerability has been reported in PRTG Traffic Grapher, which can be exploited by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/77910/sa35229.txt http://packetstormsecurity.org/files/77910/sa35229.txt http://packetstormsecurity.org/files/77910/Secunia-Security-Advisory-35229.html Thu, 28 May 2009 15:58:57 GMT Secunia Security Advisory - A security issue has been reported in Citrix Password Manager, which can be exploited by malicious users to bypass certain security restrictions and potentially disclose sensitive information. http://packetstormsecurity.org/files/77909/sa35252.txt http://packetstormsecurity.org/files/77909/sa35252.txt http://packetstormsecurity.org/files/77909/Secunia-Security-Advisory-35252.html Thu, 28 May 2009 15:58:55 GMT Secunia Security Advisory - ThE g0bL!N has reported a vulnerability in Easy PX 41 CMS, which can be exploited by malicious people to disclose sensitive information. http://packetstormsecurity.org/files/77908/sa35234.txt http://packetstormsecurity.org/files/77908/sa35234.txt http://packetstormsecurity.org/files/77908/Secunia-Security-Advisory-35234.html Thu, 28 May 2009 15:58:52 GMT Secunia Security Advisory - A vulnerability has been reported in Vanilla, which can be exploited by malicious people to conduct cross-site scripting attacks.