Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:54:53 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1113048670&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Operating%20System%3A%20Mandriva%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Fos%2Fmandriva%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1113048670.1338191693.1338191693.1338191693.1%3B%2B__utmz%3D32867617.1338191693.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/113012/MDVSA-2012-081.txt http://packetstormsecurity.org/files/113012/MDVSA-2012-081.txt http://packetstormsecurity.org/files/113012/Mandriva-Linux-Security-Advisory-2012-081.html Thu, 24 May 2012 15:20:53 GMT Mandriva Linux Security Advisory 2012-081 - Security issues were identified and fixed in mozilla firefox. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. Security research firm iDefense reported that researcher wushi of team509 discovered a memory corruption on Windows Vista and Windows 7 systems with hardware acceleration disabled or using incompatible video drivers. Various other issues have also been addressed. http://packetstormsecurity.org/files/113006/MDVSA-2012-080.txt http://packetstormsecurity.org/files/113006/MDVSA-2012-080.txt http://packetstormsecurity.org/files/113006/Mandriva-Linux-Security-Advisory-2012-080.html Thu, 24 May 2012 02:53:06 GMT Mandriva Linux Security Advisory 2012-080 - It may be possible to make Wireshark hang for long or indefinite periods by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark which is not vulnerable to these issues. http://packetstormsecurity.org/files/112950/MDVSA-2012-079.txt http://packetstormsecurity.org/files/112950/MDVSA-2012-079.txt http://packetstormsecurity.org/files/112950/Mandriva-Linux-Security-Advisory-2012-079.html Tue, 22 May 2012 03:54:01 GMT Mandriva Linux Security Advisory 2012-079 - A flaw exists in the IP network matching code in sudo versions 1.6.9p3 through 1.8.4p4 that may result in the local host being matched even though it is not actually part of the network described by the IP address and associated netmask listed in the sudoers file or in LDAP. As a result, users authorized to run commands on certain IP networks may be able to run commands on hosts that belong to other networks not explicitly listed in sudoers. The updated packages have been patched to correct this issue. http://packetstormsecurity.org/files/112857/MDVSA-2012-078.txt http://packetstormsecurity.org/files/112857/MDVSA-2012-078.txt http://packetstormsecurity.org/files/112857/Mandriva-Linux-Security-Advisory-2012-078.html Fri, 18 May 2012 14:36:05 GMT Mandriva Linux Security Advisory 2012-078 - Multiple vulnerabilities has been found and corrected in imagemagick. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop. Various other issues have also been addressed. http://packetstormsecurity.org/files/112825/MDVSA-2012-077.txt http://packetstormsecurity.org/files/112825/MDVSA-2012-077.txt http://packetstormsecurity.org/files/112825/Mandriva-Linux-Security-Advisory-2012-077.html Thu, 17 May 2012 19:29:35 GMT Mandriva Linux Security Advisory 2012-077 - Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop. Various other issues have also been addressed. http://packetstormsecurity.org/files/112745/MDVSA-2012-076.txt http://packetstormsecurity.org/files/112745/MDVSA-2012-076.txt http://packetstormsecurity.org/files/112745/Mandriva-Linux-Security-Advisory-2012-076.html Tue, 15 May 2012 22:31:42 GMT Mandriva Linux Security Advisory 2012-076 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. Various other issues have also been addressed. http://packetstormsecurity.org/files/112738/MDVSA-2012-075.txt http://packetstormsecurity.org/files/112738/MDVSA-2012-075.txt http://packetstormsecurity.org/files/112738/Mandriva-Linux-Security-Advisory-2012-075.html Tue, 15 May 2012 22:11:57 GMT Mandriva Linux Security Advisory 2012-075 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. Various other issues were also addressed. http://packetstormsecurity.org/files/112719/MDVSA-2012-074.txt http://packetstormsecurity.org/files/112719/MDVSA-2012-074.txt http://packetstormsecurity.org/files/112719/Mandriva-Linux-Security-Advisory-2012-074.html Tue, 15 May 2012 03:16:08 GMT Mandriva Linux Security Advisory 2012-074 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. Various other issues have also been addressed. http://packetstormsecurity.org/files/112625/MDVSA-2012-073.txt http://packetstormsecurity.org/files/112625/MDVSA-2012-073.txt http://packetstormsecurity.org/files/112625/Mandriva-Linux-Security-Advisory-2012-073.html Fri, 11 May 2012 15:38:26 GMT Mandriva Linux Security Advisory 2012-073 - A flaw in the OpenSSL handling of CBC mode ciphersuites in DTLS can be exploited in a denial of service attack on both clients and servers. The updated packages have been patched to correct this issue. http://packetstormsecurity.org/files/112599/MDVSA-2012-072.txt http://packetstormsecurity.org/files/112599/MDVSA-2012-072.txt http://packetstormsecurity.org/files/112599/Mandriva-Linux-Security-Advisory-2012-072.html Thu, 10 May 2012 15:29:13 GMT Mandriva Linux Security Advisory 2012-072 - The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account and then compose an e-mail message, related to a login CSRF issue. Various other issues have also been addressed. http://packetstormsecurity.org/files/112598/MDVSA-2012-071.txt http://packetstormsecurity.org/files/112598/MDVSA-2012-071.txt http://packetstormsecurity.org/files/112598/Mandriva-Linux-Security-Advisory-2012-071.html Thu, 10 May 2012 15:28:01 GMT Mandriva Linux Security Advisory 2012-071 - This is a bugfix and security advisory that upgrades php to the latest 5.3.13 version for Mandriva Linux Enterprise 5.2 which resolves numerous upstream bugs in php. http://packetstormsecurity.org/files/112597/MDVSA-2012-068-1.txt http://packetstormsecurity.org/files/112597/MDVSA-2012-068-1.txt http://packetstormsecurity.org/files/112597/Mandriva-Linux-Security-Advisory-2012-068-1.html Thu, 10 May 2012 15:26:54 GMT Mandriva Linux Security Advisory 2012-068 - PHP-CGI-based setups contain a vulnerability when parsing query string parameters from php files. A remote unauthenticated attacker could obtain sensitive information, cause a denial of service condition or may be able to execute arbitrary code with the privileges of the web server. It was discovered that the previous fix for the CVE-2012-1823 vulnerability was incomplete. The updated packages provides the latest version which provides a solution to this flaw. http://packetstormsecurity.org/files/112490/MDVSA-2012-070.txt http://packetstormsecurity.org/files/112490/MDVSA-2012-070.txt http://packetstormsecurity.org/files/112490/Mandriva-Linux-Security-Advisory-2012-070.html Sun, 06 May 2012 02:25:07 GMT Mandriva Linux Security Advisory 2012-070 - A file existence disclosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw to confirm existence of a file system object (file, directory or process descriptor) via error messages generated during the mount.cifs tool run. The updated packages have been patched to correct this issue. http://packetstormsecurity.org/files/112483/MDVSA-2012-069.txt http://packetstormsecurity.org/files/112483/MDVSA-2012-069.txt http://packetstormsecurity.org/files/112483/Mandriva-Linux-Security-Advisory-2012-069.html Sun, 06 May 2012 01:52:40 GMT Mandriva Linux Security Advisory 2012-069 - A file existence dislosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw to confirm existence of a file system object (file, directory or process descriptor) via error messages generated during the mount.cifs tool run. The updated packages have been patched to correct this issue. http://packetstormsecurity.org/files/112397/MDVSA-2012-067.txt http://packetstormsecurity.org/files/112397/MDVSA-2012-067.txt http://packetstormsecurity.org/files/112397/Mandriva-Linux-Security-Advisory-2012-067.html Wed, 02 May 2012 02:13:16 GMT Mandriva Linux Security Advisory 2012-067 - A vulnerability has been found and corrected in Samba. Security checks were incorrectly applied to the Local Security Authority CreateAccount, OpenAccount, AddAccountRights and RemoveAccountRights allowing any authenticated user to modify the privileges database. The updated packages have been patched to correct this issue. http://packetstormsecurity.org/files/112297/MDVSA-2012-066.txt http://packetstormsecurity.org/files/112297/MDVSA-2012-066.txt http://packetstormsecurity.org/files/112297/Mandriva-Linux-Security-Advisory-2012-066.html Fri, 27 Apr 2012 20:44:32 GMT Mandriva Linux Security Advisory 2012-066 - Security issues were identified and fixed in Mozilla Firefox and Thunderbird. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG found a heap corruption in gfxImageSurface which allows for invalid frees and possible remote code execution. Anne van Kesteren of Opera Software found a multi-octet encoding issue where certain octets will destroy the following octets in the processing of some multibyte character sets. Various other issues were also addressed. http://packetstormsecurity.org/files/112290/MDVSA-2012-065.txt http://packetstormsecurity.org/files/112290/MDVSA-2012-065.txt http://packetstormsecurity.org/files/112290/Mandriva-Linux-Security-Advisory-2012-065.html Fri, 27 Apr 2012 20:29:47 GMT Mandriva Linux Security Advisory 2012-065 - The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server. The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c. Insufficient validating of upload name leading to corrupted $_FILES indices. Various other issues have also been addressed. http://packetstormsecurity.org/files/112163/MDVSA-2012-064.txt http://packetstormsecurity.org/files/112163/MDVSA-2012-064.txt http://packetstormsecurity.org/files/112163/Mandriva-Linux-Security-Advisory-2012-064.html Wed, 25 Apr 2012 04:10:44 GMT Mandriva Linux Security Advisory 2012-064 - It was discovered that the fix for was not sufficient to correct the issue for OpenSSL 0.9.8. The updated packages have been upgraded to the 0.9.8w version which is not vulnerable to this issue. http://packetstormsecurity.org/files/112081/MDVSA-2012-063.txt http://packetstormsecurity.org/files/112081/MDVSA-2012-063.txt http://packetstormsecurity.org/files/112081/Mandriva-Linux-Security-Advisory-2012-063.html Sun, 22 Apr 2012 01:06:12 GMT Mandriva Linux Security Advisory 2012-063 - An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially-crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. libreoffice for Mandriva Linux 2011 has been upgraded to the 3.4.6 version which is not vulnerable to this issue. http://packetstormsecurity.org/files/112080/MDVSA-2012-062.txt http://packetstormsecurity.org/files/112080/MDVSA-2012-062.txt http://packetstormsecurity.org/files/112080/Mandriva-Linux-Security-Advisory-2012-062.html Sun, 22 Apr 2012 01:05:44 GMT Mandriva Linux Security Advisory 2012-062 - An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially-crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct this issue. http://packetstormsecurity.org/files/112079/MDVSA-2012-061.txt http://packetstormsecurity.org/files/112079/MDVSA-2012-061.txt http://packetstormsecurity.org/files/112079/Mandriva-Linux-Security-Advisory-2012-061.html Sun, 22 Apr 2012 01:05:13 GMT Mandriva Linux Security Advisory 2012-061 - An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially-crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct this issue. raptor2 for Mandriva Linux 2011 has been upgraded to the 2.0.7 version which is not vulnerable to this issue. http://packetstormsecurity.org/files/112004/MDVSA-2012-060.txt http://packetstormsecurity.org/files/112004/MDVSA-2012-060.txt http://packetstormsecurity.org/files/112004/Mandriva-Linux-Security-Advisory-2012-060.html Fri, 20 Apr 2012 05:50:14 GMT Mandriva Linux Security Advisory 2012-060 - A potentially exploitable vulnerability has been discovered in the OpenSSL function asn1_d2i_read_bio that affects S/MIME or CMS applications using the built in MIME parser SMIME_read_PKCS7 or SMIME_read_CMS. The updated packages have been patched to correct this issue. http://packetstormsecurity.org/files/111921/MDVSA-2012-032-1.txt http://packetstormsecurity.org/files/111921/MDVSA-2012-032-1.txt http://packetstormsecurity.org/files/111921/Mandriva-Linux-Security-Advisory-2012-032-1.html Tue, 17 Apr 2012 20:41:42 GMT Mandriva Linux Security Advisory 2012-032 - Security issues were identified and fixed in Mozilla Firefox and Thunderbird. Security researchers Blair Strang and Scott Bell of Security Assessment found that when a parent window spawns and closes a child window that uses the file open dialog, a crash can be induced in shlwapi.dll on 32-bit Windows 7 systems. This crash may be potentially exploitable. Firefox prevents the dropping of javascript: links onto a frame to prevent malicious sites from tricking users into performing a cross-site scripting attacks on themselves. Security researcher Soroush Dalili reported a way to bypass this protection. Various other issues were also addressed. http://packetstormsecurity.org/files/111903/MDVSA-2012-059.txt http://packetstormsecurity.org/files/111903/MDVSA-2012-059.txt http://packetstormsecurity.org/files/111903/Mandriva-Linux-Security-Advisory-2012-059.html Tue, 17 Apr 2012 00:15:12 GMT Mandriva Linux Security Advisory 2012-059 - It was discovered that SQLAlchemy did not sanitize values for the limit and offset keywords for SQL select statements. If an application using SQLAlchemy accepted values for these keywords, and did not filter or sanitize them before passing them to SQLAlchemy, it could allow an attacker to perform an SQL injection attack against the application. The updated packages have been patched to correct this issue. http://packetstormsecurity.org/files/111851/MDVSA-2012-058.txt http://packetstormsecurity.org/files/111851/MDVSA-2012-058.txt http://packetstormsecurity.org/files/111851/Mandriva-Linux-Security-Advisory-2012-058.html Fri, 13 Apr 2012 22:09:17 GMT Mandriva Linux Security Advisory 2012-058 - curl is vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL for the SSL/TLS layer. A work-around has been added to mitigate the problem. curl is vulnerable to a data injection attack for certain protocols through control characters embedded or percent-encoded in URLs. The updated packages have been patched to correct these issues.