Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:55:20 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1631143924&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Operating%20System%3A%20Mac%20OS%20X%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Fos%2Fosx%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1631143924.1338191720.1338191720.1338191720.1%3B%2B__utmz%3D32867617.1338191720.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/112789/APPLE-SA-2012-05-15-1.txt http://packetstormsecurity.org/files/112789/APPLE-SA-2012-05-15-1.txt http://packetstormsecurity.org/files/112789/Apple-Security-Advisory-2012-05-15-1.html Wed, 16 May 2012 23:16:27 GMT Apple Security Advisory 2012-05-15-1 - QuickTime 7.7.2 is now available and addresses multiple security issues. Multiple stack overflows existed in QuickTime's handling of TeXML files. A heap overflow existed in QuickTime's handling of text tracks. A heap buffer overflow existed in the handling of H.264 encoded movie files. An uninitialized memory access issue existed in the handling of MP4 encoded files. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.3. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2012-001. Various other issues were also addressed. http://packetstormsecurity.org/files/112595/APPLE-SA-2012-05-09-1.txt http://packetstormsecurity.org/files/112595/APPLE-SA-2012-05-09-1.txt http://packetstormsecurity.org/files/112595/Apple-Security-Advisory-2012-05-09-1.html Thu, 10 May 2012 15:19:38 GMT Apple Security Advisory 2012-05-09-1 - OS X Lion v10.7.4 and Security Update 2012-002 is now available and addresses multiple security issues. An issue existed in the handling of network account logins. The login process recorded sensitive information in the system log, where other users of the system could read it. A temporary file race condition issue existed in blued's initialization routine. There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. curl disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling empty fragments. A data injection issue existed in curl's handling of URLs. This issue is addressed through improved validation of URLs. This issue does not affect systems prior to OS X Lion. Various other vulnerabilities have been addressed. http://packetstormsecurity.org/files/112501/sa49039.txt http://packetstormsecurity.org/files/112501/sa49039.txt http://packetstormsecurity.org/files/112501/Secunia-Security-Advisory-49039.html Mon, 07 May 2012 12:01:03 GMT Secunia Security Advisory - A security issue has been reported in Apple Mac OS X, which can be exploited by malicious people with physical access to bypass certain security restrictions. http://packetstormsecurity.org/files/112447/strongswan-4.6.3.tar.gz http://packetstormsecurity.org/files/112447/strongswan-4.6.3.tar.gz http://packetstormsecurity.org/files/112447/strongSwan-IPsec-Implementation-4.6.3.html Thu, 03 May 2012 22:54:20 GMT strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms. http://packetstormsecurity.org/files/111912/RHSA-2012-0481-01.txt http://packetstormsecurity.org/files/111912/RHSA-2012-0481-01.txt http://packetstormsecurity.org/files/111912/Red-Hat-Security-Advisory-2012-0481-01.html Tue, 17 Apr 2012 20:01:54 GMT Red Hat Security Advisory 2012-0481-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Numerous reference count leaks were found in the Linux kernel's block layer I/O context handling implementation. This could allow a local, unprivileged user to cause a denial of service. A flaw was found in the Linux kernel's cifs_lookup() implementation. POSIX open during lookup should only be supported for regular files. When non-regular files pipe or other special files) are opened on lookup, it could cause a denial of service. http://packetstormsecurity.org/files/111871/APPLE-SA-2012-04-13-1.txt http://packetstormsecurity.org/files/111871/APPLE-SA-2012-04-13-1.txt http://packetstormsecurity.org/files/111871/Apple-Security-Advisory-2012-04-13-1.html Sat, 14 Apr 2012 15:55:55 GMT Apple Security Advisory 2012-04-13-1 - This update runs a malware removal tool that will remove the most common variants of the Flashback malware. If the Flashback malware is found, it presents a dialog notifying the user that malware was removed. There is no indication to the user if malware is not found. This update is available for OS X Lion systems that do not have Java installed. http://packetstormsecurity.org/files/111850/APPLE-SA-2012-04-12-1.txt http://packetstormsecurity.org/files/111850/APPLE-SA-2012-04-12-1.txt http://packetstormsecurity.org/files/111850/Apple-Security-Advisory-2012-04-12-1.html Fri, 13 Apr 2012 22:07:36 GMT Apple Security Advisory 2012-04-12-1 - Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8 is now available. As a security hardening measure, the Java browser plugin and Java Web Start are deactivated if they are unused for 35 days. Installing this update will automatically deactivate the Java browser plugin and Java Web Start. Users may re-enable Java if they encounter Java applets on a web page or Java Web Start applications. http://packetstormsecurity.org/files/111739/USN-1419-1.txt http://packetstormsecurity.org/files/111739/USN-1419-1.txt http://packetstormsecurity.org/files/111739/Ubuntu-Security-Notice-USN-1419-1.html Wed, 11 Apr 2012 14:22:06 GMT Ubuntu Security Notice 1419-1 - It was discovered that Puppet used a predictable filename when downloading Mac OS X package files. A local attacker could exploit this to overwrite arbitrary files. It was discovered that Puppet incorrectly handled filebucket retrieval requests. A local attacker could exploit this to read arbitrary files. It was discovered that Puppet incorrectly handled filebucket store requests. A local attacker could exploit this to perform a denial of service via resource exhaustion. Various other issues were also addressed. http://packetstormsecurity.org/files/111702/ZAP_1.4.0.1_Mac_OS_X.zip http://packetstormsecurity.org/files/111702/ZAP_1.4.0.1_Mac_OS_X.zip http://packetstormsecurity.org/files/111702/Zed-Attack-Proxy-1.4.0.1-Mac-OS-X-Release.html Tue, 10 Apr 2012 03:29:25 GMT The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release. http://packetstormsecurity.org/files/111594/APPLE-SA-2012-04-03-1.txt http://packetstormsecurity.org/files/111594/APPLE-SA-2012-04-03-1.txt http://packetstormsecurity.org/files/111594/Apple-Security-Advisory-2012-04-03-1.html Thu, 05 Apr 2012 01:14:57 GMT Apple Security Advisory 2012-04-03-1 - Java for OS X 2012-001 and Java for Mac OS X 10.6 Update 7 is now available. It addresses multiple vulnerabilities that exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. http://packetstormsecurity.org/files/111585/sa48648.txt http://packetstormsecurity.org/files/111585/sa48648.txt http://packetstormsecurity.org/files/111585/Secunia-Security-Advisory-48648.html Wed, 04 Apr 2012 04:54:52 GMT Secunia Security Advisory - Apple has issued an update for Java for Mac OS X. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. http://packetstormsecurity.org/files/111439/sa48641.txt http://packetstormsecurity.org/files/111439/sa48641.txt http://packetstormsecurity.org/files/111439/Secunia-Security-Advisory-48641.html Sun, 01 Apr 2012 09:50:17 GMT Secunia Security Advisory - A vulnerability has been reported in Cisco IOS XE, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/111330/cisco-sa-20120328-ssh.txt http://packetstormsecurity.org/files/111330/cisco-sa-20120328-ssh.txt http://packetstormsecurity.org/files/111330/Cisco-Security-Advisory-20120328-ssh.html Thu, 29 Mar 2012 05:01:15 GMT Cisco Security Advisory - The Secure Shell (SSH) server implementation in Cisco IOS Software and Cisco IOS XE Software contains a denial of service (DoS) vulnerability in the SSH version 2 (SSHv2) feature. An unauthenticated, remote attacker could exploit this vulnerability by attempting a reverse SSH login with a crafted username. Successful exploitation of this vulnerability could allow an attacker to create a DoS condition by causing the device to reload. Repeated exploits could create a sustained DoS condition. The SSH server in Cisco IOS Software and Cisco IOS XE Software is an optional service, but its use is highly recommended as a security best practice for the management of Cisco IOS devices. Devices that are not configured to accept SSHv2 connections are not affected by this vulnerability. Cisco has released free software updates that address this vulnerability. http://packetstormsecurity.org/files/111297/cisco-sa-20120328-rsvp.txt http://packetstormsecurity.org/files/111297/cisco-sa-20120328-rsvp.txt http://packetstormsecurity.org/files/111297/Cisco-Security-Advisory-20120328-rsvp.html Thu, 29 Mar 2012 03:43:40 GMT Cisco Security Advisory - Cisco IOS Software and Cisco IOS XE Software contain a vulnerability in the RSVP feature when used on a device configured with VPN routing and forwarding (VRF) instances. This vulnerability could allow an unauthenticated, remote attacker to cause an interface wedge, which can lead to loss of connectivity, loss of routing protocol adjacency, and other denial of service (DoS) conditions. This vulnerability could be exploited repeatedly to cause an extended DoS condition. A workaround is available to mitigate this vulnerability. Cisco has released free software updates that address this vulnerability. http://packetstormsecurity.org/files/111292/cisco-sa-20120328-msdp.txt http://packetstormsecurity.org/files/111292/cisco-sa-20120328-msdp.txt http://packetstormsecurity.org/files/111292/Cisco-Security-Advisory-20120328-msdp.html Thu, 29 Mar 2012 03:38:33 GMT Cisco Security Advisory - A vulnerability in the Multicast Source Discovery Protocol (MSDP) implementation of Cisco IOS Software and Cisco IOS XE Software could allow a remote, unauthenticated attacker to cause a reload of an affected device. Repeated attempts to exploit this vulnerability could result in a sustained denial of service (DoS) condition. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. http://packetstormsecurity.org/files/110684/aanval-7-latest-stable.tar.gz http://packetstormsecurity.org/files/110684/aanval-7-latest-stable.tar.gz http://packetstormsecurity.org/files/110684/Aanval-Intrusion-Detection-Tool-7.html Mon, 12 Mar 2012 23:44:55 GMT Aanval is the industry's most comprehensive snort and syslog intrusion detection, correlation and management console. Aanval is designed specifically to scale from small single sensor installations to global enterprise deployments. Aanval is browser based and designed to work on all current variants of UNIX, Linux and Mac OS X. http://packetstormsecurity.org/files/110050/strongswan-4.6.2.tar.gz http://packetstormsecurity.org/files/110050/strongswan-4.6.2.tar.gz http://packetstormsecurity.org/files/110050/strongSwan-IPsec-Implementation-4.6.2.html Wed, 22 Feb 2012 02:58:02 GMT strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms. http://packetstormsecurity.org/files/109627/os-xbind.c http://packetstormsecurity.org/files/109627/os-xbind.c http://packetstormsecurity.org/files/109627/OS-X-x86-Port-Binding-Shellcode.html Fri, 10 Feb 2012 22:15:15 GMT 97 bytes small OS X / x86 shellcode that binds a shell to port 4444. http://packetstormsecurity.org/files/109442/sa47843.txt http://packetstormsecurity.org/files/109442/sa47843.txt http://packetstormsecurity.org/files/109442/Secunia-Security-Advisory-47843.html Sat, 04 Feb 2012 04:42:13 GMT Secunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities. http://packetstormsecurity.org/files/109212/Bastille-3.2.1-0.1.noarch.rpm http://packetstormsecurity.org/files/109212/Bastille-3.2.1-0.1.noarch.rpm http://packetstormsecurity.org/files/109212/Bastille-Unix-3.2.1.html Sun, 29 Jan 2012 11:11:10 GMT The Bastille Hardening program locks down an operating system, configuring the system for increased security. It currently supports Red Hat, Fedora Core, Red Hat Enterprise, SuSE, SuSE Enterprise, Mandrake, Debian, and Gentoo, HP-UX, and Apple's Mac OS X. http://packetstormsecurity.org/files/107582/ostinato-bin-osx-universal-0.5.dmg.gz http://packetstormsecurity.org/files/107582/ostinato-bin-osx-universal-0.5.dmg.gz http://packetstormsecurity.org/files/107582/Ostinato-Traffic-Generator-0.5-Mac-OS-X.html Wed, 07 Dec 2011 01:47:04 GMT Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. This is the Mac OS X release. http://packetstormsecurity.org/files/107569/RHSA-2011-1694-03.txt http://packetstormsecurity.org/files/107569/RHSA-2011-1694-03.txt http://packetstormsecurity.org/files/107569/Red-Hat-Security-Advisory-2011-1694-03.html Wed, 07 Dec 2011 00:15:43 GMT Red Hat Security Advisory 2011-1694-03 - The libcap packages provide a library and tools for getting and setting POSIX capabilities. It was found that capsh did not change into the new root when using the "--chroot" option. An application started via the "capsh --chroot" command could use this flaw to escape the chroot restrictions. This update also fixes the following bug: Previously, the libcap packages did not contain the capsh manual page. With this update, the capsh manual page is included. http://packetstormsecurity.org/files/107366/Vega64.dmg http://packetstormsecurity.org/files/107366/Vega64.dmg http://packetstormsecurity.org/files/107366/Vega-Web-Security-Scanner-1.0-Beta-Mac-OS-X-64-Bit.html Tue, 29 Nov 2011 00:30:58 GMT Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Mac OS X 64-bit version. http://packetstormsecurity.org/files/107365/Vega.dmg http://packetstormsecurity.org/files/107365/Vega.dmg http://packetstormsecurity.org/files/107365/Vega-Web-Security-Scanner-1.0-Beta-Mac-OS-X-32-Bit.html Tue, 29 Nov 2011 00:25:59 GMT Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Mac OS X 32-bit version. http://packetstormsecurity.org/files/107332/MDVSA-2011-179.txt http://packetstormsecurity.org/files/107332/MDVSA-2011-179.txt http://packetstormsecurity.org/files/107332/Mandriva-Linux-Security-Advisory-2011-179.html Sun, 27 Nov 2011 18:02:31 GMT Mandriva Linux Security Advisory 2011-179 - The addmntent function in the GNU C Library 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296. Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071. crypt_blowfish before 1.1, as used in glibc on certain platforms, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash. The updated packages have been patched to correct these issues.