Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 08:02:33 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=2119322021&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Vulnerability%20Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Ftags%2Fvulnerability%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.2119322021.1338192153.1338192153.1338192153.1%3B%2B__utmz%3D32867617.1338192153.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/113064/b2epms10-sql.txt http://packetstormsecurity.org/files/113064/b2epms10-sql.txt http://packetstormsecurity.org/files/113064/b2ePMS-1.0-SQL-Injection.html Sun, 27 May 2012 18:56:18 GMT b2ePMS version 1.0 suffers from multiple remote SQL injection vulnerabilities. http://packetstormsecurity.org/files/113062/santilga-sqlxsrf.txt http://packetstormsecurity.org/files/113062/santilga-sqlxsrf.txt http://packetstormsecurity.org/files/113062/Santilga-CMS-1.2.6.3-Cross-Site-Request-Forgery-SQL-Injection.html Sun, 27 May 2012 18:50:12 GMT Santilga CMS version 1.2.6.3 suffers from cross site request forgery and remote SQL injection vulnerabilities. http://packetstormsecurity.org/files/113061/azdgdatingmedium-xssxsrfexec.txt http://packetstormsecurity.org/files/113061/azdgdatingmedium-xssxsrfexec.txt http://packetstormsecurity.org/files/113061/AzDGDatingMedium-1.9.3-XSS-CSRF-SQL-Injection-Directory-Traversal.html Sun, 27 May 2012 18:48:31 GMT AzDGDatingMedium version 1.9.3 suffers from cross site request forgery, cross site scripting, php code execution, remote SQL injection, and directory traversal vulnerabilities. http://packetstormsecurity.org/files/113057/sa49302.txt http://packetstormsecurity.org/files/113057/sa49302.txt http://packetstormsecurity.org/files/113057/Secunia-Security-Advisory-49302.html Sat, 26 May 2012 07:07:18 GMT Secunia Security Advisory - Multiple vulnerabilities have been reported in EMC AutoStart, which can be exploited by malicious people to compromise a vulnerable system. http://packetstormsecurity.org/files/113056/sa49275.txt http://packetstormsecurity.org/files/113056/sa49275.txt http://packetstormsecurity.org/files/113056/Secunia-Security-Advisory-49275.html Sat, 26 May 2012 07:07:15 GMT Secunia Security Advisory - Debian has issued an update for request-tracker3.8. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information, conduct SQL injection attacks, and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks, cross-site request forgery attacks, and compromise a vulnerable system. http://packetstormsecurity.org/files/113055/sa49293.txt http://packetstormsecurity.org/files/113055/sa49293.txt http://packetstormsecurity.org/files/113055/Secunia-Security-Advisory-49293.html Sat, 26 May 2012 07:07:12 GMT Secunia Security Advisory - Ubuntu has issued an update for openssl. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service) of the application using the library. http://packetstormsecurity.org/files/113053/sa49267.txt http://packetstormsecurity.org/files/113053/sa49267.txt http://packetstormsecurity.org/files/113053/Secunia-Security-Advisory-49267.html Sat, 26 May 2012 07:07:06 GMT Secunia Security Advisory - Walied Assar has discovered two vulnerabilities in ResEdit, which can be exploited by malicious people to potentially compromise a user's system. http://packetstormsecurity.org/files/113037/CSA-12005.txt http://packetstormsecurity.org/files/113037/CSA-12005.txt http://packetstormsecurity.org/files/113037/LogAnalyzer-3.4.2-Cross-Site-Scripting-SQL-Injection-File-Read.html Fri, 25 May 2012 20:26:06 GMT LogAnalyzer version 3.4.2 suffers from cross site scripting, arbitrary file reading, and remote SQL injection vulnerabilities. http://packetstormsecurity.org/files/113036/pligg121-lfixss.txt http://packetstormsecurity.org/files/113036/pligg121-lfixss.txt http://packetstormsecurity.org/files/113036/Pligg-CMS-1.2.1-Cross-Site-Scripting-Local-File-Inclusion.html Fri, 25 May 2012 20:24:38 GMT Pligg CMS version 1.2.1 suffers from cross site scripting and local file inclusion vulnerabilities. http://packetstormsecurity.org/files/113048/dynpage-xsrfshell.txt http://packetstormsecurity.org/files/113048/dynpage-xsrfshell.txt http://packetstormsecurity.org/files/113048/DynPage-1.0-Cross-Site-Request-Forgery-Shell-Upload.html Fri, 25 May 2012 19:11:11 GMT DynPage version 1.0 suffers from cross site request forgery and shell upload vulnerabilities. http://packetstormsecurity.org/files/113028/sa49271.txt http://packetstormsecurity.org/files/113028/sa49271.txt http://packetstormsecurity.org/files/113028/Secunia-Security-Advisory-49271.html Fri, 25 May 2012 11:52:01 GMT Secunia Security Advisory - Tiago Natel de Moura has discovered multiple vulnerabilities in SocialEngine, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and request forgery attacks. http://packetstormsecurity.org/files/113027/sa49236.txt http://packetstormsecurity.org/files/113027/sa49236.txt http://packetstormsecurity.org/files/113027/Secunia-Security-Advisory-49236.html Fri, 25 May 2012 11:51:59 GMT Secunia Security Advisory - Multiple vulnerabilities have been reported in the Search API module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. http://packetstormsecurity.org/files/113024/sa49277.txt http://packetstormsecurity.org/files/113024/sa49277.txt http://packetstormsecurity.org/files/113024/Secunia-Security-Advisory-49277.html Fri, 25 May 2012 11:51:50 GMT Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to compromise a user's system. http://packetstormsecurity.org/files/113047/sa49265.txt http://packetstormsecurity.org/files/113047/sa49265.txt http://packetstormsecurity.org/files/113047/Secunia-Security-Advisory-49265.html Fri, 25 May 2012 01:00:38 GMT Secunia Security Advisory - SUSE has issued an update for cobbler. This fixes two vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site request forgery attacks. http://packetstormsecurity.org/files/113023/dsa-2480-1.txt http://packetstormsecurity.org/files/113023/dsa-2480-1.txt http://packetstormsecurity.org/files/113023/Debian-Security-Advisory-2480-1.html Thu, 24 May 2012 22:20:39 GMT Debian Linux Security Advisory 2480-1 - Several vulnerabilities were discovered in Request Tracker, an issue tracking system. http://packetstormsecurity.org/files/113015/socialengine-xssxsrf.txt http://packetstormsecurity.org/files/113015/socialengine-xssxsrf.txt http://packetstormsecurity.org/files/113015/Social-Engine-4.2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html Thu, 24 May 2012 15:27:22 GMT Social Engine version 4.2.2 suffers from cross site request forgery and cross site scripting vulnerabilities. http://packetstormsecurity.org/files/113013/ESA-2012-020.txt http://packetstormsecurity.org/files/113013/ESA-2012-020.txt http://packetstormsecurity.org/files/113013/EMC-AutoStart-Multiple-Buffer-Overflows.html Thu, 24 May 2012 15:22:39 GMT EMC AutoStart contains multiple buffer overflow vulnerabilities which can be exploited to potentially cause a denial of service, or possibly, execute arbitrary code within the context of the affected application. Versions 5.3.x and 5.4.x are affected. http://packetstormsecurity.org/files/113009/wiresharkdis-dos.tgz http://packetstormsecurity.org/files/113009/wiresharkdis-dos.tgz http://packetstormsecurity.org/files/113009/Wireshark-Dissector-Denial-Of-Service.html Thu, 24 May 2012 15:12:32 GMT Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 suffer from multiple dissector related denial of service vulnerabilities. http://packetstormsecurity.org/files/112999/sa49235.txt http://packetstormsecurity.org/files/112999/sa49235.txt http://packetstormsecurity.org/files/112999/Secunia-Security-Advisory-49235.html Wed, 23 May 2012 06:39:53 GMT Secunia Security Advisory - Multiple vulnerabilities have been discovered in RuubikCMS, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/112984/sa49259.txt http://packetstormsecurity.org/files/112984/sa49259.txt http://packetstormsecurity.org/files/112984/Secunia-Security-Advisory-49259.html Wed, 23 May 2012 06:21:05 GMT Secunia Security Advisory - Multiple vulnerabilities have been reported in RT, which can be exploited by malicious users to disclose potentially sensitive information, conduct SQL injection attacks, and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks, cross-site request forgery attacks, and compromise a vulnerable system. http://packetstormsecurity.org/files/112983/sa49226.txt http://packetstormsecurity.org/files/112983/sa49226.txt http://packetstormsecurity.org/files/112983/Secunia-Security-Advisory-49226.html Wed, 23 May 2012 06:21:02 GMT Secunia Security Advisory - Mutliple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/112981/sa49257.txt http://packetstormsecurity.org/files/112981/sa49257.txt http://packetstormsecurity.org/files/112981/Secunia-Security-Advisory-49257.html Wed, 23 May 2012 06:20:57 GMT Secunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in Pligg CMS, which can be exploited by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/112976/sa49201.txt http://packetstormsecurity.org/files/112976/sa49201.txt http://packetstormsecurity.org/files/112976/Secunia-Security-Advisory-49201.html Wed, 23 May 2012 06:20:40 GMT Secunia Security Advisory - Some vulnerabilities have been reported in the Profile Builder plugin for WordPress, where some have unknown impacts and another can be exploited by malicious people to bypass certain security restrictions. http://packetstormsecurity.org/files/112974/sa49223.txt http://packetstormsecurity.org/files/112974/sa49223.txt http://packetstormsecurity.org/files/112974/Secunia-Security-Advisory-49223.html Wed, 23 May 2012 06:20:34 GMT Secunia Security Advisory - Codseq has discovered multiple vulnerabilities in Adiscon LogAnalyzer, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/112973/sa49268.txt http://packetstormsecurity.org/files/112973/sa49268.txt http://packetstormsecurity.org/files/112973/Secunia-Security-Advisory-49268.html Wed, 23 May 2012 06:20:30 GMT Secunia Security Advisory - Mobile Defense has reported two vulnerabilities in Xelex MobileTrack, which can be exploited by malicious people to disclose sensitive information and bypass certain security restrictions.