Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 06:41:02 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1115641703&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0912-advisories%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1115641703.1338187262.1338187262.1338187262.1%3B%2B__utmz%3D32867617.1338187262.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/84641/dsa-1964-1.txt http://packetstormsecurity.org/files/84641/dsa-1964-1.txt http://packetstormsecurity.org/files/84641/Debian-Linux-Security-Advisory-1964-1.html Fri, 01 Jan 2010 02:48:20 GMT Debian Linux Security Advisory 1964-1 - Several vulnerabilities have been discovered in PostgreSQL, a database server. http://packetstormsecurity.org/files/84621/dsa-1953-2.txt http://packetstormsecurity.org/files/84621/dsa-1953-2.txt http://packetstormsecurity.org/files/84621/Debian-Linux-Security-Advisory-1953-2.html Fri, 01 Jan 2010 02:02:03 GMT Debian Linux Security Advisory 1953-2 - cases, expat would abort with the message "error in processing external entity reference". http://packetstormsecurity.org/files/84620/sa37899.txt http://packetstormsecurity.org/files/84620/sa37899.txt http://packetstormsecurity.org/files/84620/Secunia-Security-Advisory-37899.html Thu, 31 Dec 2009 06:02:35 GMT Secunia Security Advisory - Ams has reported two vulnerabilities in Wing FTP Server, which can be exploited by malicious people to conduct script insertion attacks or cause a DoS (Denial of Service). http://packetstormsecurity.org/files/84619/sa37957.txt http://packetstormsecurity.org/files/84619/sa37957.txt http://packetstormsecurity.org/files/84619/Secunia-Security-Advisory-37957.html Thu, 31 Dec 2009 06:02:32 GMT Secunia Security Advisory - A vulnerability has been reported in I-Escorts Directory, which can be exploited by malicious people to conduct SQL injection attacks. http://packetstormsecurity.org/files/84618/sa37912.txt http://packetstormsecurity.org/files/84618/sa37912.txt http://packetstormsecurity.org/files/84618/Secunia-Security-Advisory-37912.html Thu, 31 Dec 2009 06:02:29 GMT Secunia Security Advisory - LionTurk has reported a security issue in UranyumSoft Listing Service, which can be exploited by malicious people to disclose sensitive information. http://packetstormsecurity.org/files/84617/sa37979.txt http://packetstormsecurity.org/files/84617/sa37979.txt http://packetstormsecurity.org/files/84617/Secunia-Security-Advisory-37979.html Thu, 31 Dec 2009 06:02:13 GMT Secunia Security Advisory - A vulnerability has been reported in vBulletin, which can be exploited by malicious people to conduct spoofing attacks. http://packetstormsecurity.org/files/84616/sa37998.txt http://packetstormsecurity.org/files/84616/sa37998.txt http://packetstormsecurity.org/files/84616/Secunia-Security-Advisory-37998.html Thu, 31 Dec 2009 06:02:10 GMT Secunia Security Advisory - A vulnerability has been reported in Sendmail, which can be exploited by malicious people to conduct spoofing attacks. http://packetstormsecurity.org/files/84615/sa37944.txt http://packetstormsecurity.org/files/84615/sa37944.txt http://packetstormsecurity.org/files/84615/Secunia-Security-Advisory-37944.html Thu, 31 Dec 2009 06:02:07 GMT Secunia Security Advisory - A vulnerability has been reported in PicMe, which can be exploited by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/84614/sa37965.txt http://packetstormsecurity.org/files/84614/sa37965.txt http://packetstormsecurity.org/files/84614/Secunia-Security-Advisory-37965.html Thu, 31 Dec 2009 06:02:05 GMT Secunia Security Advisory - SecurityRules has reported a vulnerability in DirectAdmin, which can be exploited by malicious people to conduct cross-site request forgery attacks. http://packetstormsecurity.org/files/84613/sa37879.txt http://packetstormsecurity.org/files/84613/sa37879.txt http://packetstormsecurity.org/files/84613/Secunia-Security-Advisory-37879.html Thu, 31 Dec 2009 06:02:02 GMT Secunia Security Advisory - A vulnerability has been reported in the Autocomplete Widgets for CCK Text and Number module for Drupal, which can be exploited by malicious users to bypass certain security restrictions. http://packetstormsecurity.org/files/84612/sa37948.txt http://packetstormsecurity.org/files/84612/sa37948.txt http://packetstormsecurity.org/files/84612/Secunia-Security-Advisory-37948.html Thu, 31 Dec 2009 06:02:00 GMT Secunia Security Advisory - A vulnerability has been reported in iDevAffiliate, which can be exploited by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/84611/sa37956.txt http://packetstormsecurity.org/files/84611/sa37956.txt http://packetstormsecurity.org/files/84611/Secunia-Security-Advisory-37956.html Thu, 31 Dec 2009 06:01:57 GMT Secunia Security Advisory - A security issue has been reported in FlashChat, which can be exploited by malicious people to disclose system information. http://packetstormsecurity.org/files/84610/sa37898.txt http://packetstormsecurity.org/files/84610/sa37898.txt http://packetstormsecurity.org/files/84610/Secunia-Security-Advisory-37898.html Thu, 31 Dec 2009 06:01:54 GMT Secunia Security Advisory - A vulnerability with an unknown impact has been reported in the Run Digital Download component for Joomla!. http://packetstormsecurity.org/files/84609/sa37953.txt http://packetstormsecurity.org/files/84609/sa37953.txt http://packetstormsecurity.org/files/84609/Secunia-Security-Advisory-37953.html Thu, 31 Dec 2009 06:01:51 GMT Secunia Security Advisory - Fabian Yamaguchi has discovered a vulnerability in Pidgin, which can be exploited by malicious people to disclose sensitive information. http://packetstormsecurity.org/files/84608/sa37954.txt http://packetstormsecurity.org/files/84608/sa37954.txt http://packetstormsecurity.org/files/84608/Secunia-Security-Advisory-37954.html Thu, 31 Dec 2009 06:01:49 GMT Secunia Security Advisory - Fabian Yamaguchi has reported a vulnerability in Adium, which can be exploited by malicious people to disclose sensitive information. http://packetstormsecurity.org/files/84607/sa37985.txt http://packetstormsecurity.org/files/84607/sa37985.txt http://packetstormsecurity.org/files/84607/Secunia-Security-Advisory-37985.html Thu, 31 Dec 2009 06:01:46 GMT Secunia Security Advisory - A vulnerability has been reported in dB Masters Links Directory, which can be exploited by malicious people to bypass certain security restrictions. http://packetstormsecurity.org/files/84606/sa37939.txt http://packetstormsecurity.org/files/84606/sa37939.txt http://packetstormsecurity.org/files/84606/Secunia-Security-Advisory-37939.html Thu, 31 Dec 2009 06:01:44 GMT Secunia Security Advisory - indoushka has discovered multiple vulnerabilities in Despe FreeCell, which can be exploited by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/84605/sa37958.txt http://packetstormsecurity.org/files/84605/sa37958.txt http://packetstormsecurity.org/files/84605/Secunia-Security-Advisory-37958.html Thu, 31 Dec 2009 06:01:41 GMT Secunia Security Advisory - A vulnerability has been discovered in the Avatar Studio module for PHP-Fusion, which can be exploited by malicious users to disclose sensitive information. http://packetstormsecurity.org/files/84482/MDVSA-2009-346.txt http://packetstormsecurity.org/files/84482/MDVSA-2009-346.txt http://packetstormsecurity.org/files/84482/Mandriva-Linux-Security-Advisory-2009-346.html Wed, 30 Dec 2009 22:10:19 GMT Mandriva Linux Security Advisory 2009-346 - Mandriva Linux 2008.0 was released with KDE version 3.5.7. This update upgrades KDE in Mandriva Linux 2008.0 to version 3.5.10, which brings many bugfixes, overall improvements and many security fixes. http://packetstormsecurity.org/files/84463/secunia-aproxengine.txt http://packetstormsecurity.org/files/84463/secunia-aproxengine.txt http://packetstormsecurity.org/files/84463/AproxEngine-SQL-Injection-XSS.html Wed, 30 Dec 2009 21:02:16 GMT Secunia Research has discovered some vulnerabilities in AproxEngine, which can be exploited by malicious users to manipulate certain data, conduct spoofing, SQL injection, and script insertion attacks and by malicious people to conduct SQL injection and script insertion attacks. Versions 5.3.04 and 6.0 are affected. http://packetstormsecurity.org/files/84461/dsa-1958-1.txt http://packetstormsecurity.org/files/84461/dsa-1958-1.txt http://packetstormsecurity.org/files/84461/Debian-Linux-Security-Advisory-1958-1.html Wed, 30 Dec 2009 19:57:50 GMT Debian Linux Security Advisory 1958-1 - It was discovered that ltdl, a system-independent dlopen wrapper for GNU libtool, can be tricked to load and run modules from an arbitrary directory, which might be used to execute arbitrary code with the privileges of the user running an application that uses libltdl. http://packetstormsecurity.org/files/84452/MDVSA-2009-345.txt http://packetstormsecurity.org/files/84452/MDVSA-2009-345.txt http://packetstormsecurity.org/files/84452/Mandriva-Linux-Security-Advisory-2009-345.html Wed, 30 Dec 2009 19:28:42 GMT Mandriva Linux Security Advisory 2009-345 - The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when running in recursive (-R) mode, follow symbolic links even when the --physical (aka -P) or -L option is specified, which might allow local users to modify the ACL for arbitrary files or directories via a symlink attack. This update provides a fix for this vulnerability. http://packetstormsecurity.org/files/84450/MDVSA-2009-146-1.txt http://packetstormsecurity.org/files/84450/MDVSA-2009-146-1.txt http://packetstormsecurity.org/files/84450/Mandriva-Linux-Security-Advisory-2009-146.html Wed, 30 Dec 2009 19:25:05 GMT Mandriva Linux Security Advisory 2009-146 - Security vulnerabilities has been identified and fixed in University of Washington IMAP Toolkit. http://packetstormsecurity.org/files/84444/MDVSA-2009-189-1.txt http://packetstormsecurity.org/files/84444/MDVSA-2009-189-1.txt http://packetstormsecurity.org/files/84444/Mandriva-Linux-Security-Advisory-2009-189.html Wed, 30 Dec 2009 19:00:13 GMT Mandriva Linux Security Advisory 2009-189 - SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x allows remote attackers to execute arbitrary SQL commands via multibyte character encodings for unspecified input. This update provides fixes for this vulnerability. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. http://packetstormsecurity.org/files/84439/MITKRB5-SA-2009-003.txt http://packetstormsecurity.org/files/84439/MITKRB5-SA-2009-003.txt http://packetstormsecurity.org/files/84439/MIT-krb5-Security-Advisory-2009-003.html Wed, 30 Dec 2009 18:40:54 GMT MIT krb5 Security Advisory 2009-003 - A null pointer dereference can occur in an error condition in the KDC cross-realm referral processing code in MIT krb5-1.7. This can cause the KDC to crash. This is an implementation vulnerability in MIT krb5, and is not a vulnerability in the Kerberos protocol.