Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 05:59:40 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1999906302&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0907-advisories%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1999906302.1338184780.1338184780.1338184780.1%3B%2B__utmz%3D32867617.1338184780.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/79851/dsa-1834-2.txt http://packetstormsecurity.org/files/79851/dsa-1834-2.txt http://packetstormsecurity.org/files/79851/Debian-Linux-Security-Advisory-1834-2.html Thu, 30 Jul 2009 22:11:42 GMT Debian Security Advisory 1834-2 - The previous update caused a regression for apache2 in Debian 4.0 "etch". Using mod_deflate together with mod_php could cause segfaults when a client aborts a connection. This update corrects this flaw. A denial of service flaw was found in the Apache mod_proxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume large amounts of CPU time. This issue did not affect Debian 4.0 "etch". A denial of service flaw was found in the Apache mod_deflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file. A similar flaw related to HEAD requests for compressed content was also fixed. http://packetstormsecurity.org/files/79835/HPSBUX02421-SSRT090047.txt http://packetstormsecurity.org/files/79835/HPSBUX02421-SSRT090047.txt http://packetstormsecurity.org/files/79835/HP-Security-Bulletin-HPSBUX02421-SSRT090047.html Thu, 30 Jul 2009 15:51:46 GMT HP Security Bulletin - Potential security vulnerabilities have been identified on HP-UX running Kerberos. These vulnerabilities could be exploited by remote unauthenticated users to create a Denial of Service (DoS) or to execute arbitrary code. http://packetstormsecurity.org/files/79831/cisco-sa-20090729-bgp.txt http://packetstormsecurity.org/files/79831/cisco-sa-20090729-bgp.txt http://packetstormsecurity.org/files/79831/Cisco-Security-Advisory-20090729-bgp.html Thu, 30 Jul 2009 15:40:53 GMT Cisco Security Advisory - Recent versions of Cisco IOS Software support RFC4893 ("BGP Support for Four-octet AS Number Space") and contain two remote denial of service (DoS) vulnerabilities when handling specific Border Gateway Protocol (BGP) updates. These vulnerabilities affect only devices running Cisco IOS Software with support for four-octet AS number space (here after referred to as 4-byte AS number) and BGP routing configured. The first vulnerability could cause an affected device to reload when processing a BGP update that contains autonomous system (AS) path segments made up of more than one thousand autonomous systems. The second vulnerability could cause an affected device to reload when the affected device processes a malformed BGP update that has been crafted to trigger the issue. http://packetstormsecurity.org/files/79829/MDVSA-2009-181.txt http://packetstormsecurity.org/files/79829/MDVSA-2009-181.txt http://packetstormsecurity.org/files/79829/Mandriva-Linux-Security-Advisory-2009-181.html Thu, 30 Jul 2009 15:38:49 GMT Mandriva Linux Security Advisory 2009-181 - The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009. This update provides fixes for this vulnerability. http://packetstormsecurity.org/files/79828/MDVSA-2009-180.txt http://packetstormsecurity.org/files/79828/MDVSA-2009-180.txt http://packetstormsecurity.org/files/79828/Mandriva-Linux-Security-Advisory-2009-180.html Thu, 30 Jul 2009 15:38:29 GMT Mandriva Linux Security Advisory 2009-180 - Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service (crash) via a long declaration in a.xbm file. This update provides fixes for this vulnerability. http://packetstormsecurity.org/files/79827/MDVSA-2009-179.txt http://packetstormsecurity.org/files/79827/MDVSA-2009-179.txt http://packetstormsecurity.org/files/79827/Mandriva-Linux-Security-Advisory-2009-179.html Thu, 30 Jul 2009 15:36:02 GMT Mandriva Linux Security Advisory 2009-179 - Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information. This update provides fixes for this vulnerability. http://packetstormsecurity.org/files/79826/MDVSA-2009-178.txt http://packetstormsecurity.org/files/79826/MDVSA-2009-178.txt http://packetstormsecurity.org/files/79826/Mandriva-Linux-Security-Advisory-2009-178.html Thu, 30 Jul 2009 15:35:44 GMT Mandriva Linux Security Advisory 2009-178 - Due to incorrect buffer limits and related bound checks Squid is vulnerable to a denial of service attack when processing specially crafted requests or responses. Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted responses. This update provides fixes for these vulnerabilities. http://packetstormsecurity.org/files/79856/sa36081.txt http://packetstormsecurity.org/files/79856/sa36081.txt http://packetstormsecurity.org/files/79856/Secunia-Security-Advisory-36081.html Thu, 30 Jul 2009 14:20:47 GMT Secunia Security Advisory - Moudi has discovered some vulnerabilities in Miniweb, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. http://packetstormsecurity.org/files/79850/sa36067.txt http://packetstormsecurity.org/files/79850/sa36067.txt http://packetstormsecurity.org/files/79850/Secunia-Security-Advisory-36067.html Thu, 30 Jul 2009 14:11:29 GMT Secunia Security Advisory - Moudi has reported a vulnerability in x10 Adult Media Script, which can be exploited by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/79849/sa36066.txt http://packetstormsecurity.org/files/79849/sa36066.txt http://packetstormsecurity.org/files/79849/Secunia-Security-Advisory-36066.html Thu, 30 Jul 2009 14:11:26 GMT Secunia Security Advisory - A vulnerability has been reported in Model Agency Manager PRO, which can be exploited by malicious people to conduct SQL injection attacks. http://packetstormsecurity.org/files/79848/sa36063.txt http://packetstormsecurity.org/files/79848/sa36063.txt http://packetstormsecurity.org/files/79848/Secunia-Security-Advisory-36063.html Thu, 30 Jul 2009 14:11:24 GMT Secunia Security Advisory - Slackware has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/79847/sa36068.txt http://packetstormsecurity.org/files/79847/sa36068.txt http://packetstormsecurity.org/files/79847/Secunia-Security-Advisory-36068.html Thu, 30 Jul 2009 14:11:21 GMT Secunia Security Advisory - Some vulnerabilities have been reported in WebStatCaffe, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. http://packetstormsecurity.org/files/79846/sa36040.txt http://packetstormsecurity.org/files/79846/sa36040.txt http://packetstormsecurity.org/files/79846/Secunia-Security-Advisory-36040.html Thu, 30 Jul 2009 14:11:19 GMT Secunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious users to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/79845/sa36086.txt http://packetstormsecurity.org/files/79845/sa36086.txt http://packetstormsecurity.org/files/79845/Secunia-Security-Advisory-36086.html Thu, 30 Jul 2009 14:11:16 GMT Secunia Security Advisory - Sun has acknowledged a vulnerability in named included in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/79825/sa36050.txt http://packetstormsecurity.org/files/79825/sa36050.txt http://packetstormsecurity.org/files/79825/Secunia-Security-Advisory-36050.html Thu, 30 Jul 2009 07:31:19 GMT Secunia Security Advisory - rPath has issued an update for bind and bind-utils. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/79824/sa36060.txt http://packetstormsecurity.org/files/79824/sa36060.txt http://packetstormsecurity.org/files/79824/Secunia-Security-Advisory-36060.html Thu, 30 Jul 2009 07:31:17 GMT Secunia Security Advisory - Ubuntu has issued an update for bind9. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/79823/sa36031.txt http://packetstormsecurity.org/files/79823/sa36031.txt http://packetstormsecurity.org/files/79823/Secunia-Security-Advisory-36031.html Thu, 30 Jul 2009 07:31:14 GMT Secunia Security Advisory - Aung Khant has reported some vulnerabilities in TinyBrowser, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks. http://packetstormsecurity.org/files/79822/sa36056.txt http://packetstormsecurity.org/files/79822/sa36056.txt http://packetstormsecurity.org/files/79822/Secunia-Security-Advisory-36056.html Thu, 30 Jul 2009 07:31:12 GMT Secunia Security Advisory - NetBSD has issued an update for BIND. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/79821/sa36044.txt http://packetstormsecurity.org/files/79821/sa36044.txt http://packetstormsecurity.org/files/79821/Secunia-Security-Advisory-36044.html Thu, 30 Jul 2009 07:31:09 GMT Secunia Security Advisory - A vulnerability has been reported in NetBSD, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/79820/sa36026.txt http://packetstormsecurity.org/files/79820/sa36026.txt http://packetstormsecurity.org/files/79820/Secunia-Security-Advisory-36026.html Thu, 30 Jul 2009 07:31:07 GMT Secunia Security Advisory - A vulnerability has been reported in Firebird, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/79819/sa36057.txt http://packetstormsecurity.org/files/79819/sa36057.txt http://packetstormsecurity.org/files/79819/Secunia-Security-Advisory-36057.html Thu, 30 Jul 2009 07:31:04 GMT Secunia Security Advisory - Fedora has issued an update for kdelibs3. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. http://packetstormsecurity.org/files/79818/sa36061.txt http://packetstormsecurity.org/files/79818/sa36061.txt http://packetstormsecurity.org/files/79818/Secunia-Security-Advisory-36061.html Thu, 30 Jul 2009 07:31:02 GMT Secunia Security Advisory - Debian has issued an update for bind9. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/79817/sa36049.txt http://packetstormsecurity.org/files/79817/sa36049.txt http://packetstormsecurity.org/files/79817/Secunia-Security-Advisory-36049.html Thu, 30 Jul 2009 07:30:59 GMT Secunia Security Advisory - Some vulnerabilities have been reported in Adobe Shockwave Player, which can be exploited by malicious people to potentially bypass security features, gain knowledge of sensitive information, or compromise a user's system. http://packetstormsecurity.org/files/79816/sa35990.txt http://packetstormsecurity.org/files/79816/sa35990.txt http://packetstormsecurity.org/files/79816/Secunia-Security-Advisory-35990.html Thu, 30 Jul 2009 07:30:56 GMT Secunia Security Advisory - A vulnerability has been reported in HP ProLiant Onboard Administrator Powered By LO100i (formerly Lights-Out 100 Remote Management), which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/79815/sa35981.txt http://packetstormsecurity.org/files/79815/sa35981.txt http://packetstormsecurity.org/files/79815/Secunia-Security-Advisory-35981.html Thu, 30 Jul 2009 07:30:54 GMT Secunia Security Advisory - FreeBSD has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).