Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 04:45:27 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1245283784&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F1005-advisories%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1245283784.1338180327.1338180327.1338180327.1%3B%2B__utmz%3D32867617.1338180327.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/90108/IS-2010-001.txt http://packetstormsecurity.org/files/90108/IS-2010-001.txt http://packetstormsecurity.org/files/90108/Netgear-WG602v4-Saved-Password-Stack-Overflow.html Sun, 30 May 2010 22:57:21 GMT The Netgear WG602v4 suffers from a saved password stack overflow vulnerability. http://packetstormsecurity.org/files/90106/websense633-bypass.txt http://packetstormsecurity.org/files/90106/websense633-bypass.txt http://packetstormsecurity.org/files/90106/Websense-Enterprise-6.3.3-Bypass.html Sun, 30 May 2010 22:54:55 GMT Websense Enterprise version 6.3.3 suffers from a bypass vulnerability using the Via: header. http://packetstormsecurity.org/files/90078/sa39921.txt http://packetstormsecurity.org/files/90078/sa39921.txt http://packetstormsecurity.org/files/90078/Secunia-Security-Advisory-39921.html Sun, 30 May 2010 12:17:57 GMT Secunia Security Advisory - John Leitch has discovered a vulnerability in Core FTP Server / SFTP Server, which can be exploited by malicious users to disclose sensitive information. http://packetstormsecurity.org/files/90077/sa39953.txt http://packetstormsecurity.org/files/90077/sa39953.txt http://packetstormsecurity.org/files/90077/Secunia-Security-Advisory-39953.html Sun, 30 May 2010 12:17:54 GMT Secunia Security Advisory - Some vulnerabilities have been reported in Heimdal, which can be exploited by malicious users to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/90076/sa39910.txt http://packetstormsecurity.org/files/90076/sa39910.txt http://packetstormsecurity.org/files/90076/Secunia-Security-Advisory-39910.html Sun, 30 May 2010 12:17:52 GMT Secunia Security Advisory - Ubuntu has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/90075/sa39965.txt http://packetstormsecurity.org/files/90075/sa39965.txt http://packetstormsecurity.org/files/90075/Secunia-Security-Advisory-39965.html Sun, 30 May 2010 12:17:49 GMT Secunia Security Advisory - A vulnerability has been reported in the Medi-QnA component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. http://packetstormsecurity.org/files/90074/sa39922.txt http://packetstormsecurity.org/files/90074/sa39922.txt http://packetstormsecurity.org/files/90074/Secunia-Security-Advisory-39922.html Sun, 30 May 2010 12:17:47 GMT Secunia Security Advisory - Two vulnerabilities have been reported in MediaWiki, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks. http://packetstormsecurity.org/files/90073/sa39977.txt http://packetstormsecurity.org/files/90073/sa39977.txt http://packetstormsecurity.org/files/90073/Secunia-Security-Advisory-39977.html Sun, 30 May 2010 12:17:44 GMT Secunia Security Advisory - VMware has acknowledged a security issue and some vulnerabilities in VMware vMA, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service) or potentially compromise a vulnerable system. http://packetstormsecurity.org/files/90072/sa39973.txt http://packetstormsecurity.org/files/90072/sa39973.txt http://packetstormsecurity.org/files/90072/Secunia-Security-Advisory-39973.html Sun, 30 May 2010 12:17:42 GMT Secunia Security Advisory - VMware has acknowledged a security issue and some vulnerabilities in various VMware ESX products, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service) or potentially compromise a vulnerable system. http://packetstormsecurity.org/files/90071/sa39978.txt http://packetstormsecurity.org/files/90071/sa39978.txt http://packetstormsecurity.org/files/90071/Secunia-Security-Advisory-39978.html Sun, 30 May 2010 12:17:39 GMT Secunia Security Advisory - VMware has acknowledged some vulnerabilities in VMware vMA, which can be exploited by malicious people to poison the DNS cache. http://packetstormsecurity.org/files/90070/sa39981.txt http://packetstormsecurity.org/files/90070/sa39981.txt http://packetstormsecurity.org/files/90070/Secunia-Security-Advisory-39981.html Sun, 30 May 2010 12:17:36 GMT Secunia Security Advisory - VMware has acknowledged some security issues in VMware vMA, which can be exploited by malicious, local users to gain escalated privileges. http://packetstormsecurity.org/files/90069/sa39974.txt http://packetstormsecurity.org/files/90069/sa39974.txt http://packetstormsecurity.org/files/90069/Secunia-Security-Advisory-39974.html Sun, 30 May 2010 12:17:34 GMT Secunia Security Advisory - VMware has acknowledged a security issue in various VMware ESX products, which can be exploited by malicious, local users to potentially gain escalated privileges. http://packetstormsecurity.org/files/90068/sa39972.txt http://packetstormsecurity.org/files/90068/sa39972.txt http://packetstormsecurity.org/files/90068/Secunia-Security-Advisory-39972.html Sun, 30 May 2010 12:17:31 GMT Secunia Security Advisory - VMware has acknowledged a vulnerability in VMware ESXi, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/90053/census-2010-001.txt http://packetstormsecurity.org/files/90053/census-2010-001.txt http://packetstormsecurity.org/files/90053/NFS-Improper-Input-Validation.html Fri, 28 May 2010 20:39:10 GMT Census Labs have discovered two improper input validation vulnerabilities in the FreeBSD kernel's NFS client-side implementation (FreeBSD 8.0-RELEASE, 7.3-RELEASE and 7.2-RELEASE) that allow local unprivileged users to escalate their privileges, or to crash the system by performing a denial of service attack. http://packetstormsecurity.org/files/90049/multiplebrowser-dos.txt http://packetstormsecurity.org/files/90049/multiplebrowser-dos.txt http://packetstormsecurity.org/files/90049/Mozilla-Firefox-Internet-Explorer-6-8-Google-Chrome-Opera-Denial-Of-Service.html Fri, 28 May 2010 20:30:51 GMT Denial of service vulnerabilities exist in the Mozilla Firefox, Internet Explorer 6, Internet Explorer 8, Google Chrome, and Opera browsers. http://packetstormsecurity.org/files/90046/VMSA-2010-0009.txt http://packetstormsecurity.org/files/90046/VMSA-2010-0009.txt http://packetstormsecurity.org/files/90046/VMware-Security-Advisory-2010-0009.html Fri, 28 May 2010 20:14:56 GMT VMware Security Advisory - ESXi update for ntp and ESX Console OS (COS) updates for COS kernel, openssl, krb5, gcc, bind, gzip, sudo. http://packetstormsecurity.org/files/90065/sa39975.txt http://packetstormsecurity.org/files/90065/sa39975.txt http://packetstormsecurity.org/files/90065/Secunia-Security-Advisory-39975.html Fri, 28 May 2010 13:40:50 GMT Secunia Security Advisory - VMware has acknowledged a vulnerability in various VMware ESX products, which can be exploited by malicious people to potentially compromise a user's system. http://packetstormsecurity.org/files/90061/sa39971.txt http://packetstormsecurity.org/files/90061/sa39971.txt http://packetstormsecurity.org/files/90061/Secunia-Security-Advisory-39971.html Fri, 28 May 2010 13:22:51 GMT Secunia Security Advisory - VMware has issued an update for VMware ESXi. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/90051/sa39979.txt http://packetstormsecurity.org/files/90051/sa39979.txt http://packetstormsecurity.org/files/90051/Secunia-Security-Advisory-39979.html Fri, 28 May 2010 12:32:42 GMT Secunia Security Advisory - VMware has acknowledged a security issue in VMware vMA, which can be exploited by malicious, local users to potentially gain escalated privileges. http://packetstormsecurity.org/files/90045/sa39980.txt http://packetstormsecurity.org/files/90045/sa39980.txt http://packetstormsecurity.org/files/90045/Secunia-Security-Advisory-39980.html Fri, 28 May 2010 12:14:11 GMT Secunia Security Advisory - VMware has acknowledged a vulnerability in VMware vMA, which can be exploited by malicious people to potentially compromise a user's system. http://packetstormsecurity.org/files/90034/sa39976.txt http://packetstormsecurity.org/files/90034/sa39976.txt http://packetstormsecurity.org/files/90034/Secunia-Security-Advisory-39976.html Fri, 28 May 2010 10:48:55 GMT Secunia Security Advisory - VMware has acknowledged a vulnerability in VMware vMA, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/90033/sa39920.txt http://packetstormsecurity.org/files/90033/sa39920.txt http://packetstormsecurity.org/files/90033/Secunia-Security-Advisory-39920.html Fri, 28 May 2010 10:48:53 GMT Secunia Security Advisory - VMware has acknowledged some vulnerabilities in VMware vMA, which can be exploited by malicious, local users to disclose certain system information, overwrite arbitrary files, bypass certain security restrictions, cause a DoS (Denial of Service) and gain escalated privileges, and by malicious people to cause a DoS. http://packetstormsecurity.org/files/90032/sa39950.txt http://packetstormsecurity.org/files/90032/sa39950.txt http://packetstormsecurity.org/files/90032/Secunia-Security-Advisory-39950.html Fri, 28 May 2010 10:48:50 GMT Secunia Security Advisory - John Leitch has discovered a vulnerability in Home FTP Server, which can be exploited by malicious people to conduct cross-site request forgery attacks. http://packetstormsecurity.org/files/90029/MDVSA-2010-110.txt http://packetstormsecurity.org/files/90029/MDVSA-2010-110.txt http://packetstormsecurity.org/files/90029/Mandriva-Linux-Security-Advisory-2010-110.html Fri, 28 May 2010 00:59:49 GMT Mandriva Linux Security Advisory 2010-110 - The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length. Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote attackers to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling. This update provides clamav 0.96.1 which is not vulnerable to these issues. http://packetstormsecurity.org/files/90026/USN-945-1.txt http://packetstormsecurity.org/files/90026/USN-945-1.txt http://packetstormsecurity.org/files/90026/Ubuntu-Security-Notice-945-1.html Fri, 28 May 2010 00:55:20 GMT Ubuntu Security Notice 945-1 - It was discovered that ClamAV did not properly reallocate memory when processing certain PDF files. A remote attacker could send a specially crafted PDF and crash ClamAV. An out of bounds memory access flaw was discovered in ClamAV. A remote attacker could send a specially crafted Portable Executable (PE) file and crash ClamAV. This issue only affected Ubuntu 10.04 LTS.