Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:54:49 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1932241060&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Operating%20System%3A%20Linux%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Fos%2Flinux%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1932241060.1338191689.1338191689.1338191689.1%3B%2B__utmz%3D32867617.1338191689.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/113067/conntrack-tools-1.2.0.tar.bz2 http://packetstormsecurity.org/files/113067/conntrack-tools-1.2.0.tar.bz2 http://packetstormsecurity.org/files/113067/Conntrack-Tools-1.2.0.html Sun, 27 May 2012 19:02:18 GMT conntrack-tools is a set of userspace tools for Linux that allow system administrators to interact with the Connection Tracking System, the module which provides stateful packet inspection for iptables. It includes the userspace daemon conntrackd and the commandline interface conntrack. http://packetstormsecurity.org/files/113066/iptables-1.4.14.tar.bz2 http://packetstormsecurity.org/files/113066/iptables-1.4.14.tar.bz2 http://packetstormsecurity.org/files/113066/Linux-IPTables-Firewall-1.4.14.html Sun, 27 May 2012 19:00:14 GMT iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling. http://packetstormsecurity.org/files/113056/sa49275.txt http://packetstormsecurity.org/files/113056/sa49275.txt http://packetstormsecurity.org/files/113056/Secunia-Security-Advisory-49275.html Sat, 26 May 2012 07:07:15 GMT Secunia Security Advisory - Debian has issued an update for request-tracker3.8. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information, conduct SQL injection attacks, and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks, cross-site request forgery attacks, and compromise a vulnerable system. http://packetstormsecurity.org/files/113055/sa49293.txt http://packetstormsecurity.org/files/113055/sa49293.txt http://packetstormsecurity.org/files/113055/Secunia-Security-Advisory-49293.html Sat, 26 May 2012 07:07:12 GMT Secunia Security Advisory - Ubuntu has issued an update for openssl. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service) of the application using the library. http://packetstormsecurity.org/files/113049/USN-1454-1.txt http://packetstormsecurity.org/files/113049/USN-1454-1.txt http://packetstormsecurity.org/files/113049/Ubuntu-Security-Notice-USN-1454-1.html Fri, 25 May 2012 21:02:04 GMT Ubuntu Security Notice 1454-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. http://packetstormsecurity.org/files/113041/resedit-overflow.tgz http://packetstormsecurity.org/files/113041/resedit-overflow.tgz http://packetstormsecurity.org/files/113041/ResEdit-1.5.11-win32-Buffer-Overflow.html Fri, 25 May 2012 20:36:33 GMT ResEdit version 1.5.11-win32 suffers from a buffer overflow. Proof of concept denial of service exploits included. http://packetstormsecurity.org/files/113040/kolkata.tgz http://packetstormsecurity.org/files/113040/kolkata.tgz http://packetstormsecurity.org/files/113040/Kolkata-Web-Application-Fingerprinting.html Fri, 25 May 2012 20:31:24 GMT Kolkata is a tool for IDS evading web application fingerprinting. It is written in perl and uses LibWhisker. http://packetstormsecurity.org/files/113034/USN-1453-1.txt http://packetstormsecurity.org/files/113034/USN-1453-1.txt http://packetstormsecurity.org/files/113034/Ubuntu-Security-Notice-USN-1453-1.html Fri, 25 May 2012 20:08:29 GMT Ubuntu Security Notice 1453-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed. http://packetstormsecurity.org/files/113033/USN-1452-1.txt http://packetstormsecurity.org/files/113033/USN-1452-1.txt http://packetstormsecurity.org/files/113033/Ubuntu-Security-Notice-USN-1452-1.html Fri, 25 May 2012 20:08:16 GMT Ubuntu Security Notice 1452-1 - A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed. http://packetstormsecurity.org/files/113032/USN-1451-1.txt http://packetstormsecurity.org/files/113032/USN-1451-1.txt http://packetstormsecurity.org/files/113032/Ubuntu-Security-Notice-USN-1451-1.html Fri, 25 May 2012 19:52:12 GMT Ubuntu Security Notice 1451-1 - Ivan Nestlerode discovered that the Cryptographic Message Syntax (CMS) and PKCS #7 implementations in OpenSSL returned early if RSA decryption failed. This could allow an attacker to expose sensitive information via a Million Message Attack (MMA). It was discovered that an integer underflow was possible when using TLS 1.1, TLS 1.2, or DTLS with CBC encryption. This could allow a remote attacker to cause a denial of service. Various other issues were also addressed. http://packetstormsecurity.org/files/113047/sa49265.txt http://packetstormsecurity.org/files/113047/sa49265.txt http://packetstormsecurity.org/files/113047/Secunia-Security-Advisory-49265.html Fri, 25 May 2012 01:00:38 GMT Secunia Security Advisory - SUSE has issued an update for cobbler. This fixes two vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site request forgery attacks. http://packetstormsecurity.org/files/113023/dsa-2480-1.txt http://packetstormsecurity.org/files/113023/dsa-2480-1.txt http://packetstormsecurity.org/files/113023/Debian-Security-Advisory-2480-1.html Thu, 24 May 2012 22:20:39 GMT Debian Linux Security Advisory 2480-1 - Several vulnerabilities were discovered in Request Tracker, an issue tracking system. http://packetstormsecurity.org/files/113012/MDVSA-2012-081.txt http://packetstormsecurity.org/files/113012/MDVSA-2012-081.txt http://packetstormsecurity.org/files/113012/Mandriva-Linux-Security-Advisory-2012-081.html Thu, 24 May 2012 15:20:53 GMT Mandriva Linux Security Advisory 2012-081 - Security issues were identified and fixed in mozilla firefox. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. Security research firm iDefense reported that researcher wushi of team509 discovered a memory corruption on Windows Vista and Windows 7 systems with hardware acceleration disabled or using incompatible video drivers. Various other issues have also been addressed. http://packetstormsecurity.org/files/113011/uncovering-zerodays-and-advanced-fuzzing.tgz http://packetstormsecurity.org/files/113011/uncovering-zerodays-and-advanced-fuzzing.tgz http://packetstormsecurity.org/files/113011/Uncovering-ZeroDays-And-Advanced-Fuzzing.html Thu, 24 May 2012 15:17:55 GMT This is a presentation called Uncovering ZeroDays and Advanced Fuzzing. It has one PDF of the presentation and one of the full script used during the presentation. This was presented at AthCon 2012. http://packetstormsecurity.org/files/113010/wiresharkdiameter-dos.tgz http://packetstormsecurity.org/files/113010/wiresharkdiameter-dos.tgz http://packetstormsecurity.org/files/113010/Wireshark-DIAMETER-Denial-Of-Service.html Thu, 24 May 2012 15:15:55 GMT Wireshark versions 1.4.0 through 1.4.12 and 1.6.0 through 1.6.7 suffer from a DIAMETER dissector denial of service vulnerability. http://packetstormsecurity.org/files/113009/wiresharkdis-dos.tgz http://packetstormsecurity.org/files/113009/wiresharkdis-dos.tgz http://packetstormsecurity.org/files/113009/Wireshark-Dissector-Denial-Of-Service.html Thu, 24 May 2012 15:12:32 GMT Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 suffer from multiple dissector related denial of service vulnerabilities. http://packetstormsecurity.org/files/113008/wiresharkmisalign-dos.tgz http://packetstormsecurity.org/files/113008/wiresharkmisalign-dos.tgz http://packetstormsecurity.org/files/113008/Wireshark-Misaligned-Memory-Denial-Of-Service.html Thu, 24 May 2012 14:53:13 GMT Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 suffer from a misaligned memory denial of service vulnerability. http://packetstormsecurity.org/files/113006/MDVSA-2012-080.txt http://packetstormsecurity.org/files/113006/MDVSA-2012-080.txt http://packetstormsecurity.org/files/113006/Mandriva-Linux-Security-Advisory-2012-080.html Thu, 24 May 2012 02:53:06 GMT Mandriva Linux Security Advisory 2012-080 - It may be possible to make Wireshark hang for long or indefinite periods by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark which is not vulnerable to these issues. http://packetstormsecurity.org/files/112990/RHSA-2012-0688-01.txt http://packetstormsecurity.org/files/112990/RHSA-2012-0688-01.txt http://packetstormsecurity.org/files/112990/Red-Hat-Security-Advisory-2012-0688-01.html Thu, 24 May 2012 02:22:51 GMT Red Hat Security Advisory 2012-0688-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB12-09, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the specially-crafted SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.183.19. http://packetstormsecurity.org/files/112989/dsa-2479-1.txt http://packetstormsecurity.org/files/112989/dsa-2479-1.txt http://packetstormsecurity.org/files/112989/Debian-Security-Advisory-2479-1.html Thu, 24 May 2012 02:22:30 GMT Debian Linux Security Advisory 2479-1 - Jueri Aedla discovered an off-by-one in libxml2, which could result in the execution of arbitrary code. http://packetstormsecurity.org/files/112988/dsa-2478-1.txt http://packetstormsecurity.org/files/112988/dsa-2478-1.txt http://packetstormsecurity.org/files/112988/Debian-Security-Advisory-2478-1.html Thu, 24 May 2012 02:22:16 GMT Debian Linux Security Advisory 2478-1 - It was discovered that sudo misparsed network masks used in Host and Host_List stanzas. This allowed the execution of commands on hosts, where the user would not be allowed to run the specified command. http://packetstormsecurity.org/files/112987/USN-1450-1.txt http://packetstormsecurity.org/files/112987/USN-1450-1.txt http://packetstormsecurity.org/files/112987/Ubuntu-Security-Notice-USN-1450-1.html Thu, 24 May 2012 02:21:13 GMT Ubuntu Security Notice 1450-1 - It was discovered that Net-SNMP incorrectly performed entry lookups in the extension table. A remote attacker could send a specially crafted request and cause the SNMP server to crash, leading to a denial of service. http://packetstormsecurity.org/files/113020/sa49243.txt http://packetstormsecurity.org/files/113020/sa49243.txt http://packetstormsecurity.org/files/113020/Secunia-Security-Advisory-49243.html Thu, 24 May 2012 02:20:31 GMT Secunia Security Advisory - Debian has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library. http://packetstormsecurity.org/files/113019/sa49191.txt http://packetstormsecurity.org/files/113019/sa49191.txt http://packetstormsecurity.org/files/113019/Secunia-Security-Advisory-49191.html Thu, 24 May 2012 02:20:28 GMT Secunia Security Advisory - A vulnerability has been reported in Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/113017/sa49244.txt http://packetstormsecurity.org/files/113017/sa49244.txt http://packetstormsecurity.org/files/113017/Secunia-Security-Advisory-49244.html Thu, 24 May 2012 02:20:22 GMT Secunia Security Advisory - Debian has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.