Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:55:25 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=2083066527&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Operating%20System%3A%20RedHat%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Fos%2Fredhat%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.2083066527.1338191725.1338191725.1338191725.1%3B%2B__utmz%3D32867617.1338191725.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/112990/RHSA-2012-0688-01.txt http://packetstormsecurity.org/files/112990/RHSA-2012-0688-01.txt http://packetstormsecurity.org/files/112990/Red-Hat-Security-Advisory-2012-0688-01.html Thu, 24 May 2012 02:22:51 GMT Red Hat Security Advisory 2012-0688-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB12-09, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the specially-crafted SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.183.19. http://packetstormsecurity.org/files/112986/sa49250.txt http://packetstormsecurity.org/files/112986/sa49250.txt http://packetstormsecurity.org/files/112986/Secunia-Security-Advisory-49250.html Wed, 23 May 2012 06:21:11 GMT Secunia Security Advisory - Red Hat has issued an update for flash-player. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. http://packetstormsecurity.org/files/112954/sa49273.txt http://packetstormsecurity.org/files/112954/sa49273.txt http://packetstormsecurity.org/files/112954/Secunia-Security-Advisory-49273.html Tue, 22 May 2012 12:36:45 GMT Secunia Security Advisory - Red Hat has issued an update for postgresql and postgresql84. This fixes multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct spoofing attacks and manipulate certain data. http://packetstormsecurity.org/files/112953/sa49272.txt http://packetstormsecurity.org/files/112953/sa49272.txt http://packetstormsecurity.org/files/112953/Secunia-Security-Advisory-49272.html Tue, 22 May 2012 12:36:42 GMT Secunia Security Advisory - Red Hat has issued an update for postgresql. This fixes two vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to manipulate certain data. http://packetstormsecurity.org/files/112952/sa49270.txt http://packetstormsecurity.org/files/112952/sa49270.txt http://packetstormsecurity.org/files/112952/Secunia-Security-Advisory-49270.html Tue, 22 May 2012 12:36:39 GMT Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Web Server. This fixes multiple weakness, two security issues, and multiple vulnerabilities, which can be exploited by malicious, local users and malicious people to disclose sensitive information, bypass certain security restrictions, or cause a DoS (Denial of Service). http://packetstormsecurity.org/files/112957/sa49269.txt http://packetstormsecurity.org/files/112957/sa49269.txt http://packetstormsecurity.org/files/112957/Secunia-Security-Advisory-49269.html Tue, 22 May 2012 06:27:03 GMT Secunia Security Advisory - Red Hat has issued an update for bind-dyndb-ldap. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/112909/RHSA-2012-0683-01.txt http://packetstormsecurity.org/files/112909/RHSA-2012-0683-01.txt http://packetstormsecurity.org/files/112909/Red-Hat-Security-Advisory-2012-0683-01.html Tue, 22 May 2012 00:24:55 GMT Red Hat Security Advisory 2012-0683-01 - The dynamic LDAP back end is a plug-in for BIND that provides back-end capabilities to LDAP databases. It features support for dynamic updates and internal caching that help to reduce the load on LDAP servers. A flaw was found in the way bind-dyndb-ldap handled LDAP query errors. If a remote attacker were able to send DNS queries to a named server that is configured to use bind-dyndb-ldap, they could trigger such an error with a DNS query leveraging bind-dyndb-ldap's insufficient escaping of the LDAP base DN. This would result in an invalid LDAP query that named would retry in a loop, preventing it from responding to other DNS queries. With this update, bind-dyndb-ldap only attempts to retry one time when an LDAP search returns an unexpected error. http://packetstormsecurity.org/files/112908/RHSA-2012-0681-01.txt http://packetstormsecurity.org/files/112908/RHSA-2012-0681-01.txt http://packetstormsecurity.org/files/112908/Red-Hat-Security-Advisory-2012-0681-01.html Tue, 22 May 2012 00:23:56 GMT Red Hat Security Advisory 2012-0681-01 - Apache Tomcat is a servlet container. JBoss Enterprise Web Server includes the Tomcat Native library, providing Apache Portable Runtime support for Tomcat. This update fixes the JBPAPP-4873, JBPAPP-6133, and JBPAPP-6852 bugs. It also resolves multiple flaws that weakened the Tomcat HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks. http://packetstormsecurity.org/files/112907/RHSA-2012-0679-01.txt http://packetstormsecurity.org/files/112907/RHSA-2012-0679-01.txt http://packetstormsecurity.org/files/112907/Red-Hat-Security-Advisory-2012-0679-01.html Tue, 22 May 2012 00:22:52 GMT Red Hat Security Advisory 2012-0679-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. JBoss Enterprise Web Server includes the Tomcat Native library, providing Apache Portable Runtime support for Tomcat. This update includes bug fixes as documented in JBPAPP-4873 and JBPAPP-6133. http://packetstormsecurity.org/files/112906/RHSA-2012-0682-01.txt http://packetstormsecurity.org/files/112906/RHSA-2012-0682-01.txt http://packetstormsecurity.org/files/112906/Red-Hat-Security-Advisory-2012-0682-01.html Tue, 22 May 2012 00:21:41 GMT Red Hat Security Advisory 2012-0682-01 - Apache Tomcat is a servlet container. JBoss Enterprise Web Server includes the Tomcat Native library, providing Apache Portable Runtime support for Tomcat. This update fixes the JBPAPP-4873, JBPAPP-6133, and JBPAPP-6852 bugs. It also addresses multiple flaws that weakened the Tomcat HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks. http://packetstormsecurity.org/files/112905/RHSA-2012-0677-01.txt http://packetstormsecurity.org/files/112905/RHSA-2012-0677-01.txt http://packetstormsecurity.org/files/112905/Red-Hat-Security-Advisory-2012-0677-01.html Tue, 22 May 2012 00:21:29 GMT Red Hat Security Advisory 2012-0677-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. CREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing. http://packetstormsecurity.org/files/112904/RHSA-2012-0680-01.txt http://packetstormsecurity.org/files/112904/RHSA-2012-0680-01.txt http://packetstormsecurity.org/files/112904/Red-Hat-Security-Advisory-2012-0680-01.html Tue, 22 May 2012 00:20:13 GMT Red Hat Security Advisory 2012-0680-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. JBoss Enterprise Web Server includes the Tomcat Native library, providing Apache Portable Runtime support for Tomcat. This update includes bug fixes as documented in JBPAPP-4873 and JBPAPP-6133. http://packetstormsecurity.org/files/112903/RHSA-2012-0676-01.txt http://packetstormsecurity.org/files/112903/RHSA-2012-0676-01.txt http://packetstormsecurity.org/files/112903/Red-Hat-Security-Advisory-2012-0676-01.html Tue, 22 May 2012 00:19:59 GMT Red Hat Security Advisory 2012-0676-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled. Calling this ioctl when at least one virtual CPU already existed could lead to a NULL pointer dereference later when the VCPU is scheduled to run. A malicious user in the kvm group on the host could use this flaw to crash the host. A flaw was found in the way device memory was handled during guest device removal. Upon successful device removal, memory used by the device was not properly unmapped from the corresponding IOMMU or properly released from the kernel, leading to a memory leak. A malicious user in the kvm group on the host who has the ability to assign a device to a guest could use this flaw to crash the host. http://packetstormsecurity.org/files/112902/RHSA-2012-0678-01.txt http://packetstormsecurity.org/files/112902/RHSA-2012-0678-01.txt http://packetstormsecurity.org/files/112902/Red-Hat-Security-Advisory-2012-0678-01.html Tue, 22 May 2012 00:19:45 GMT Red Hat Security Advisory 2012-0678-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. When configured to do SSL certificate verification, PostgreSQL only checked the first 31 characters of the certificate's Common Name field. Depending on the configuration, this could allow an attacker to impersonate a server or a client using a certificate from a trusted Certificate Authority issued for a different name. http://packetstormsecurity.org/files/112731/RHSA-2012-0670-01.txt http://packetstormsecurity.org/files/112731/RHSA-2012-0670-01.txt http://packetstormsecurity.org/files/112731/Red-Hat-Security-Advisory-2012-0670-01.html Tue, 15 May 2012 21:57:32 GMT Red Hat Security Advisory 2012-0670-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. When a set user ID application is executed, certain personality flags for controlling the application's behavior are cleared. It was found that those flags were not cleared if the application was made privileged via file system capabilities. A local, unprivileged user could use this flaw to change the behavior of such applications, allowing them to bypass intended restrictions. Note that for default installations, no application shipped by Red Hat for Red Hat Enterprise MRG is made privileged via file system capabilities. http://packetstormsecurity.org/files/112730/RHSA-2012-0571-01.txt http://packetstormsecurity.org/files/112730/RHSA-2012-0571-01.txt http://packetstormsecurity.org/files/112730/Red-Hat-Security-Advisory-2012-0571-01.html Tue, 15 May 2012 21:57:17 GMT Red Hat Security Advisory 2012-0571-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's journal_unmap_buffer() function handled buffer head states. On systems that have an ext4 file system with a journal mounted, a local, unprivileged user could use this flaw to cause a denial of service. A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled. Calling this ioctl when at least one virtual CPU already existed could lead to a NULL pointer dereference later when the VCPU is scheduled to run. A local, unprivileged user on a KVM host could use this flaw to crash the host. http://packetstormsecurity.org/files/112631/RHSA-2012-0570-01.txt http://packetstormsecurity.org/files/112631/RHSA-2012-0570-01.txt http://packetstormsecurity.org/files/112631/Red-Hat-Security-Advisory-2012-0570-01.html Fri, 11 May 2012 21:47:37 GMT Red Hat Security Advisory 2012-0570-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the php-cgi executable processed command line arguments when running in CGI mode. A remote attacker could send a specially-crafted request to a PHP script that would result in the query string being parsed by php-cgi as command line options and arguments. This could lead to the disclosure of the script's source code or arbitrary code execution with the privileges of the PHP interpreter. Red Hat is aware that a public exploit for this issue is available that allows remote code execution in affected PHP CGI configurations. This flaw does not affect the default configuration using the PHP module for Apache httpd to handle PHP scripts. http://packetstormsecurity.org/files/112606/RHSA-2012-0569-01.txt http://packetstormsecurity.org/files/112606/RHSA-2012-0569-01.txt http://packetstormsecurity.org/files/112606/Red-Hat-Security-Advisory-2012-0569-01.html Thu, 10 May 2012 21:02:26 GMT Red Hat Security Advisory 2012-0569-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the php-cgi executable processed command line arguments when running in CGI mode. A remote attacker could send a specially-crafted request to a PHP script that would result in the query string being parsed by php-cgi as command line options and arguments. This could lead to the disclosure of the script's source code or arbitrary code execution with the privileges of the PHP interpreter. Red Hat is aware that a public exploit for this issue is available that allows remote code execution in affected PHP CGI configurations. This flaw does not affect the default configuration using the PHP module for Apache httpd to handle PHP scripts. http://packetstormsecurity.org/files/112605/RHSA-2012-0568-01.txt http://packetstormsecurity.org/files/112605/RHSA-2012-0568-01.txt http://packetstormsecurity.org/files/112605/Red-Hat-Security-Advisory-2012-0568-01.html Thu, 10 May 2012 21:02:10 GMT Red Hat Security Advisory 2012-0568-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the php-cgi executable processed command line arguments when running in CGI mode. A remote attacker could send a specially-crafted request to a PHP script that would result in the query string being parsed by php-cgi as command line options and arguments. This could lead to the disclosure of the script's source code or arbitrary code execution with the privileges of the PHP interpreter. Red Hat is aware that a public exploit for this issue is available that allows remote code execution in affected PHP CGI configurations. This flaw does not affect the default configuration in Red Hat Enterprise Linux 5 and 6 using the PHP module for Apache httpd to handle PHP scripts. http://packetstormsecurity.org/files/112552/sa49087.txt http://packetstormsecurity.org/files/112552/sa49087.txt http://packetstormsecurity.org/files/112552/Secunia-Security-Advisory-49087.html Wed, 09 May 2012 07:37:22 GMT Secunia Security Advisory - Red Hat has issued an update for php53. This fixes a vulnerability, which can be exploited by malicious people to disclose certain sensitive information or compromise a vulnerable system. http://packetstormsecurity.org/files/112551/sa49068.txt http://packetstormsecurity.org/files/112551/sa49068.txt http://packetstormsecurity.org/files/112551/Secunia-Security-Advisory-49068.html Wed, 09 May 2012 07:37:19 GMT Secunia Security Advisory - Red Hat has issued an update for ImageMagick. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. http://packetstormsecurity.org/files/112550/sa49063.txt http://packetstormsecurity.org/files/112550/sa49063.txt http://packetstormsecurity.org/files/112550/Secunia-Security-Advisory-49063.html Wed, 09 May 2012 07:37:16 GMT Secunia Security Advisory - Red Hat has issued an update for ImageMagick. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. http://packetstormsecurity.org/files/112546/sa49080.txt http://packetstormsecurity.org/files/112546/sa49080.txt http://packetstormsecurity.org/files/112546/Secunia-Security-Advisory-49080.html Tue, 08 May 2012 06:07:50 GMT Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Web Server. This fixes two weaknesses and multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and gain escalated privileges and by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service). http://packetstormsecurity.org/files/112545/sa49065.txt http://packetstormsecurity.org/files/112545/sa49065.txt http://packetstormsecurity.org/files/112545/Secunia-Security-Advisory-49065.html Tue, 08 May 2012 06:07:47 GMT Secunia Security Advisory - Red Hat has issued an update for php. This fixes a vulnerability, which can be exploited by malicious people to disclose certain sensitive information or compromise a vulnerable system. http://packetstormsecurity.org/files/112508/RHSA-2012-0547-01.txt http://packetstormsecurity.org/files/112508/RHSA-2012-0547-01.txt http://packetstormsecurity.org/files/112508/Red-Hat-Security-Advisory-2012-0547-01.html Mon, 07 May 2012 20:04:50 GMT Red Hat Security Advisory 2012-0547-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the php-cgi executable processed command line arguments when running in CGI mode. A remote attacker could send a specially-crafted request to a PHP script that would result in the query string being parsed by php-cgi as command line options and arguments. This could lead to the disclosure of the script's source code or arbitrary code execution with the privileges of the PHP interpreter. Red Hat is aware that a public exploit for this issue is available that allows remote code execution in affected PHP CGI configurations. This flaw does not affect the default configuration using the PHP module for Apache httpd to handle PHP scripts.