Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Wed, 16 May 2012 21:05:24 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=2011088507&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.2011088507.1337202324.1337202324.1337202324.1%3B%2B__utmz%3D32867617.1337202324.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/112748/axous-csrf.txt http://packetstormsecurity.org/files/112748/axous-csrf.txt http://packetstormsecurity.org/files/112748/Axous-1.1.1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html Tue, 15 May 2012 22:42:51 GMT Axous version 1.1.1 suffers from cross site request forgery and cross site scripting vulnerabilities. http://packetstormsecurity.org/files/112747/VMRL-applequicktime.txt http://packetstormsecurity.org/files/112747/VMRL-applequicktime.txt http://packetstormsecurity.org/files/112747/Apple-Quicktime-.pct-Parsing-Memory-Corruption.html Tue, 15 May 2012 22:38:03 GMT Apple Quicktime does not properly parse .pct media files, which causes a corruption in module DllMain by opening a malformed file with an invalid value located in PoC repro01.pct at offset 0x20E. Quicktime Player version 7.7.1 (1680.42) on Windows XP SP 3 - PT_BR is confirmed affected. Other versions may also be affected. http://packetstormsecurity.org/files/112746/liferay-xsrf.tgz http://packetstormsecurity.org/files/112746/liferay-xsrf.tgz http://packetstormsecurity.org/files/112746/Liferay-6.1-Cross-Site-Request-Forgery.html Tue, 15 May 2012 22:35:19 GMT Liferay version 6.1 is vulnerable to JSON-related cross site request forgery attacks. Proof of concept code is included. http://packetstormsecurity.org/files/112745/MDVSA-2012-076.txt http://packetstormsecurity.org/files/112745/MDVSA-2012-076.txt http://packetstormsecurity.org/files/112745/Mandriva-Linux-Security-Advisory-2012-076.html Tue, 15 May 2012 22:31:42 GMT Mandriva Linux Security Advisory 2012-076 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. Various other issues have also been addressed. http://packetstormsecurity.org/files/112742/APPLE-SA-2012-05-14-2.txt http://packetstormsecurity.org/files/112742/APPLE-SA-2012-05-14-2.txt http://packetstormsecurity.org/files/112742/Apple-Security-Advisory-2012-05-14-2.html Tue, 15 May 2012 22:26:23 GMT Apple Security Advisory 2012-05-14-2 - This update disables Adobe Flash Player if it is older than 10.1.102.64 by moving its files to a new directory. This update presents the option to install an updated version of Flash Player from the Adobe website. http://packetstormsecurity.org/files/112741/svg-trigger.tgz http://packetstormsecurity.org/files/112741/svg-trigger.tgz http://packetstormsecurity.org/files/112741/SVG-Java-Execution-Trigger.html Tue, 15 May 2012 22:21:05 GMT Some SVG specifications, like SVG 1.1 and SVG tiny 1.2, allow Java code execution when the file is opened. Proof of concept code included. http://packetstormsecurity.org/files/112740/liferay-disclose.tgz http://packetstormsecurity.org/files/112740/liferay-disclose.tgz http://packetstormsecurity.org/files/112740/Liferay-6.1-Name-Email-Address-Disclosure.html Tue, 15 May 2012 22:16:54 GMT Liferay version 6.1 suffers from a vulnerability where it is possible to retrieve the names and email addresses of all users. Proof of concept code included. http://packetstormsecurity.org/files/112739/APPLE-SA-2012-05-14-1.txt http://packetstormsecurity.org/files/112739/APPLE-SA-2012-05-14-1.txt http://packetstormsecurity.org/files/112739/Apple-Security-Advisory-2012-05-14-1.html Tue, 15 May 2012 22:14:21 GMT Apple Security Advisory 2012-05-14-1 - This update runs a malware removal tool that will remove the most common variants of the Flashback malware. If the Flashback malware is found, it presents a dialog notifying the user that malware was removed. There is no indication to the user if malware is not found. http://packetstormsecurity.org/files/112738/MDVSA-2012-075.txt http://packetstormsecurity.org/files/112738/MDVSA-2012-075.txt http://packetstormsecurity.org/files/112738/Mandriva-Linux-Security-Advisory-2012-075.html Tue, 15 May 2012 22:11:57 GMT Mandriva Linux Security Advisory 2012-075 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. Various other issues were also addressed. http://packetstormsecurity.org/files/112737/liferay6-xss.txt http://packetstormsecurity.org/files/112737/liferay6-xss.txt http://packetstormsecurity.org/files/112737/Liferay-5.x-6.x-Cross-Site-Scripting.html Tue, 15 May 2012 22:10:42 GMT Liferay versions 5.x and 6.x suffer from multiple cross site scripting vulnerabilities. http://packetstormsecurity.org/files/112736/tuninfo-sql.txt http://packetstormsecurity.org/files/112736/tuninfo-sql.txt http://packetstormsecurity.org/files/112736/TunInfo-SQL-Injection.html Tue, 15 May 2012 22:08:37 GMT TunInfo suffers from a remote SQL injection vulnerability. http://packetstormsecurity.org/files/112735/liferay-bypass.tgz http://packetstormsecurity.org/files/112735/liferay-bypass.tgz http://packetstormsecurity.org/files/112735/Liferay-6.1-No-Account-Access-Bypass.html Tue, 15 May 2012 22:06:26 GMT Liferay version 6.1 suffers from a circumvention issue when restricting access to ip blocks. Proof of concept exploit included. http://packetstormsecurity.org/files/112734/multimediabuilder-dos.txt http://packetstormsecurity.org/files/112734/multimediabuilder-dos.txt http://packetstormsecurity.org/files/112734/Multimedia-Builder-4.9.8-Denial-Of-Service.html Tue, 15 May 2012 22:01:32 GMT Multimedia Builder version 4.9.8 denial of service exploit that creates a malicious .mef file. http://packetstormsecurity.org/files/112733/opendnssec-1.3.8.tar.gz http://packetstormsecurity.org/files/112733/opendnssec-1.3.8.tar.gz http://packetstormsecurity.org/files/112733/OpenDNSSEC-1.3.8.html Tue, 15 May 2012 21:59:41 GMT OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security. http://packetstormsecurity.org/files/112732/USN-1441-1.txt http://packetstormsecurity.org/files/112732/USN-1441-1.txt http://packetstormsecurity.org/files/112732/Ubuntu-Security-Notice-USN-1441-1.html Tue, 15 May 2012 21:57:44 GMT Ubuntu Security Notice 1441-1 - It was discovered that Quagga incorrectly handled Link State Update messages with invalid lengths. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. It was discovered that Quagga incorrectly handled messages with a malformed Four-octet AS Number Capability. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. Various other issues were also addressed. http://packetstormsecurity.org/files/112731/RHSA-2012-0670-01.txt http://packetstormsecurity.org/files/112731/RHSA-2012-0670-01.txt http://packetstormsecurity.org/files/112731/Red-Hat-Security-Advisory-2012-0670-01.html Tue, 15 May 2012 21:57:32 GMT Red Hat Security Advisory 2012-0670-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. When a set user ID application is executed, certain personality flags for controlling the application's behavior are cleared. It was found that those flags were not cleared if the application was made privileged via file system capabilities. A local, unprivileged user could use this flaw to change the behavior of such applications, allowing them to bypass intended restrictions. Note that for default installations, no application shipped by Red Hat for Red Hat Enterprise MRG is made privileged via file system capabilities. http://packetstormsecurity.org/files/112730/RHSA-2012-0571-01.txt http://packetstormsecurity.org/files/112730/RHSA-2012-0571-01.txt http://packetstormsecurity.org/files/112730/Red-Hat-Security-Advisory-2012-0571-01.html Tue, 15 May 2012 21:57:17 GMT Red Hat Security Advisory 2012-0571-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's journal_unmap_buffer() function handled buffer head states. On systems that have an ext4 file system with a journal mounted, a local, unprivileged user could use this flaw to cause a denial of service. A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled. Calling this ioctl when at least one virtual CPU already existed could lead to a NULL pointer dereference later when the VCPU is scheduled to run. A local, unprivileged user on a KVM host could use this flaw to crash the host. http://packetstormsecurity.org/files/112729/glsa-201205-01.txt http://packetstormsecurity.org/files/112729/glsa-201205-01.txt http://packetstormsecurity.org/files/112729/Gentoo-Linux-Security-Advisory-201205-01.html Tue, 15 May 2012 21:56:35 GMT Gentoo Linux Security Advisory 201205-1 - Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Versions less than 18.0.1025.168 are affected. http://packetstormsecurity.org/files/112722/wptrackthatstat-xss.txt http://packetstormsecurity.org/files/112722/wptrackthatstat-xss.txt http://packetstormsecurity.org/files/112722/WordPress-Track-That-Stat-1.0.8-Cross-Site-Scripting.html Tue, 15 May 2012 18:00:34 GMT WordPress Track That Stat plugin version 1.0.8 suffers from a cross site scripting vulnerability. http://packetstormsecurity.org/files/112721/bluelog-1.0.3.tar.gz http://packetstormsecurity.org/files/112721/bluelog-1.0.3.tar.gz http://packetstormsecurity.org/files/112721/Bluelog-Bluetooth-Scanner-Logger-1.0.3.html Tue, 15 May 2012 03:19:40 GMT Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice. http://packetstormsecurity.org/files/112720/softhsm-1.3.3.tar.gz http://packetstormsecurity.org/files/112720/softhsm-1.3.3.tar.gz http://packetstormsecurity.org/files/112720/SoftHSM-1.3.3.html Tue, 15 May 2012 03:18:09 GMT SoftHSM is an implementation of a cryptographic store accessible through a PKCS#11 interface. You can use it to explore PKCS#11 without having a Hardware Security Module. It is being developed as a part of the OpenDNSSEC project. SoftHSM uses Botan for its cryptographic operations. http://packetstormsecurity.org/files/112719/MDVSA-2012-074.txt http://packetstormsecurity.org/files/112719/MDVSA-2012-074.txt http://packetstormsecurity.org/files/112719/Mandriva-Linux-Security-Advisory-2012-074.html Tue, 15 May 2012 03:16:08 GMT Mandriva Linux Security Advisory 2012-074 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. Various other issues have also been addressed. http://packetstormsecurity.org/files/112711/wp2clicksocialmedia-xss.txt http://packetstormsecurity.org/files/112711/wp2clicksocialmedia-xss.txt http://packetstormsecurity.org/files/112711/WordPress-2-Click-Social-Media-Buttons-0.32.2-Cross-Site-Scripting.html Tue, 15 May 2012 03:09:21 GMT WordPress 2 Click Social Media Buttons plugin version 0.32.2 suffers from a cross site scripting vulnerability. http://packetstormsecurity.org/files/112710/wpcatablog-xss.txt http://packetstormsecurity.org/files/112710/wpcatablog-xss.txt http://packetstormsecurity.org/files/112710/WordPress-CataBlog-1.6-Cross-Site-Scripting.html Tue, 15 May 2012 03:08:39 GMT WordPress CataBlog plugin version 1.6 suffers from a cross site scripting vulnerability. http://packetstormsecurity.org/files/112709/wpcodestyling-xss.txt http://packetstormsecurity.org/files/112709/wpcodestyling-xss.txt http://packetstormsecurity.org/files/112709/WordPress-CodeStyling-Localization-1.99.16-Cross-Site-Scripting.html Tue, 15 May 2012 03:05:21 GMT WordPress CodeStyling Localization plugin version 1.99.16 suffers from a cross site scripting vulnerability.