Packet Storm's last 50 added files. Last Updated: Wed Sep 8 23:33:13 EDT 2010 [ OIG_10-111_Aug10.pdf ] dd4096ea2a734a38f6e979e20eb541ae Office of Inspector General report OIG-10-1111 - DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems. [ USN-978-1.txt ] 2d45db4f2a4e1a2ed7f7af3dab4a9117 Ubuntu Security Notice 978-1 - Several dangling pointer vulnerabilities were discovered in Thunderbird. It was discovered that the XPCSafeJSObjectWrapper (SJOW) security wrapper did not always honor the same-origin policy. Matt Haggard discovered that Thunderbird did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Thunderbird processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the [ USN-975-1.txt ] 24ce7eef0734edef2ca67538df5ea039 Ubuntu Security Notice 975-1 - Several dangling pointer vulnerabilities were discovered in Firefox. Blake Kaplan and Michal Zalewski discovered several weaknesses in the XPCSafeJSObjectWrapper (SJOW) security wrapper. Matt Haggard discovered that Firefox did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Firefox processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the [ USN-985-1.txt ] bb3926c07160a32052adfd01b62c5720 Ubuntu Security Notice 985-1 - Alasdair MacGregor discovered that mountall created a udev rule file with world-writable permissions. A local attacker could exploit this under certain conditions to cause udev to execute arbitrary commands as the root user. [ ESA-2010-016.txt ] c01dd22225f6ad7b8e08c3f3829f52db RSA Access Manager Agent version 4.7.1 with RSA Adaptive Authentication Integration contains a potential vulnerability that could be exploited by malicious people to bypass authentication restrictions. [ ESA-2010-015.txt ] 0d20584fa2c2e349df2557ee817c7135 A vulnerability exists in EMC Celerra which can be exploited to gain unauthorized access to root NFS export on EMC Celerra NAS. NAS Code versions 5.6.50 and below are affected. [ ESA-2010-014.txt ] f8073f09a399af51958b70e95fe5531e RSA Access Manager Server contains a potential vulnerability that could be exploited to bypass certain security restrictions, potentially enabling unauthorized access to protected resources. [ dsa-2106-1.txt ] 2b68600653e970188ba3edbc6553146e Debian Linux Security Advisory 2106-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. [ fbsdpseudofs-nullpointer.txt ] ae95fee8dbe809a26ee1bc0179eb8bf6 FreeBSD versions 7.0 through 7.2 suffer from a pseudofs NULL pointer dereference vulnerability. Due to a spurious call to pfs_unlock() in pfs_getattr() (as defined in sys/fs/pseudofs/pseudofs_vnops.c), a null pointer is dereferenced after calling extattr_get_attribute() on pseudofs vnode. By allocating a page at address 0x0, an attacker can overwrite an arbitrarily chosen portion of kernel memory, leading to a crash or local root escalation. [ cisco-sa-20100908-wlc.txt ] 0c7a12cef77e7d44423ff149e9138987 Cisco Security Advisory - The Cisco Wireless LAN Controller (WLC) product family is affected by two denial of service, three privilege escalation and two access control list vulnerabilities. [ HPSBMA02574-SSRT100038.txt ] e24d4c8689985ba2f39360f73a01b522 HP Security Bulletin - A potential security vulnerability has been identified with HP ProLiant G6 Lights-Out 100 Remote Management. This vulnerability could be exploited remotely to create a Denial of Service (DoS) in the Lights-Out 100. [ dsa-2105-1.txt ] 82a24be2f5dc1de0acc06988c20d36a2 Debian Linux Security Advisory 2105-1 - Several vulnerabilities have been discovered in the FreeType font library. [ etax-sslignore.txt ] b82c928e7eb0c82a63cec05025da3290 ETax 2010 fails to properly verify SSL certificates. [ ieee-1394-forensics.pdf ] 6c30525e4592c46d658535b4e6dc37c9 Whitepaper called Memory Forensics over the IEEE 1394 Interface. [ DnsSpoofer.zip ] 543e3d741fdc733381f72ce0b0b19d34 DnsFucker is a DNS spoofing tool. It can be used effectively in both packet switched and hubbed networks. Written in Python. [ dsa-2098-2.txt ] 44dd729ccaacc13a4abe105424f1b08a Debian Linux Security Advisory 2098-2 - The update for TYPO3 in DSA 2098 introduced a regression which could make the backend functionality unusable. This update corrects the problem. [ moaub08-msoffice.pdf ] 99610b1dcc2abcd8868e4dca5513a96a Month Of Abysssec Undisclosed Bugs - Microsoft Office Visio suffers from a DXF file stack based overflow vulnerability. [ moaub-msoffice.txt ] 4d5699375ade33244cdbeab5f9ceb0bf Month Of Abysssec Undisclosed Bugs - Microsoft Office Visio suffers from a DXF file stack based overflow vulnerability. [ moaub08-sirang.pdf ] 30cbbacf844099f3e395a4e0aba08697 Month Of Abysssec Undisclosed Bugs - Sirang web-based D-Control versions 6.0 and below suffer from remote SQL injection and upload restriction bypass vulnerabilities. [ moaub-sirang.txt ] f7e4618f29d3562418a81caf04404d07 Month Of Abysssec Undisclosed Bugs - Sirang web-based D-Control versions 6.0 and below suffer from remote SQL injection and upload restriction bypass vulnerabilities. [ adobe_cooltype_sing.rb.txt ] a074bbb270cee3663e6a624314d93a55 This Metasploit module exploits a vulnerability in the Smart INdependent Glyplets (SING) table handling within versions 8.2.4 and 9.3.4 of Adobe Reader. Prior version are assumed to be vulnerable as well. [ java_rmi_connection_impl.rb.txt ] 0d92c0d644f75f48c339916b902897e1 This Metasploit module exploits a vulnerability in the Java Runtime Environment that allows to deserialize a MarshalledObject containing a custom classloader under a privileged context. The vulnerability affects version 6 prior to update 19 and version 5 prior to update 23. [ fbsdpmap-racecondition.txt ] 1b199d7aac81714fd93982f73df8a96d FreeBSD versions 7.3 and 8.1 suffer from a vm.pmap kernel local race condition denial of service vulnerability. [ glsa-201009-06.txt ] 9050994f9a8b868a4287648d56b05c3e Gentoo Linux Security Advisory 201009-6 - Multiple vulnerabilities have been reported in Clam AntiVirus. Versions less than 0.96.1 are affected. [ glsa-201009-05.txt ] 22a8bb303056f9b8259dd44dc93c04ca Gentoo Linux Security Advisory 201009-5 - Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. Multiple vulnerabilities were discovered in Adobe Reader. Versions less than 9.3.4 are affected. [ glsa-201009-04.txt ] 0c9e6c902658352c0b39c9ef0a1cd261 Gentoo Linux Security Advisory 201009-4 - Multiple stack-based buffer overflow vulnerabilities were discovered in SARG allowing for remote code execution. Multiple vulnerabilities were discovered in SARG. Versions less than 2.2.5-r5 are affected. [ ZSL-2010-4963.txt ] bd8b60ce7aee869caedf1e65edad6722 Textpattern CMS version 4.2.0 suffers from a cross site scripting vulnerability. [ USN-984-1.txt ] aaa7540a2d3aafe0659f148b8e9a7318 Ubuntu Security Notice 984-1 - It was discovered that LFTP incorrectly filtered filenames suggested by Content-Disposition headers. If a user or automated system were tricked into downloading a file from a malicious site, a remote attacker could create the file with an arbitrary name, such as a dotfile, and possibly run arbitrary code. [ USN-983-1.txt ] 208cd1d61b0cdf3a03dd8f94bf34ed01 Ubuntu Security Notice 983-1 - Markus Wuethrich discovered that sudo did not always verify the user when a group was specified in the Runas_Spec. A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use a program as a group when the attacker was not a part of that group. [ zenphoto-sqlxss.txt ] c62d335fae653b3b1cfc92f6d46cc010 Zenphoto version 1.3 suffers from remote SQL injection and cross site scripting vulnerabilities. [ openjournalsystem-xss.txt ] 4afa498b46d5dd7cabc96aaa6759a8fe OpenJournalSystem suffers from stored cross site scripting vulnerabilities. [ fcms-sql.txt ] c74b34bd255d422869a5f2d6edebeadd FCMS version 2.3 suffers from a remote SQL injection vulnerability. [ enanocms-sql.txt ] 026ac0b42f48fa241cee526c3d264012 EnanoCMS version 1.1.7pl1 suffers from a remote blind SQL injection vulnerability. [ luckysploit-exec.txt ] 85e8c9b4ebc0d14c3a1484e7ae6af22d LuckySploit Exploit Pack suffers from a remote php code execution vulnerability. [ chrome-extensiondetection.txt ] a76ba5e7565d1c6c8e2e8342a19d93a1 Google Chrome suffers from an installed extensions arbitrary detection vulnerability. [ coldusergroup-sql.txt ] 26ec4853bc4e172c9e51243a3094684a ColdUserGroup version 1.06 suffers from a remote blind SQL injection vulnerability. [ coldofficeview-sql.txt ] 780073af3fd813bc529d5992bc99057a ColdOfficeView version 2.04 suffers from a remote blind SQL injection vulnerability. [ micronetsoftrvdealer-sql.txt ] 2c630f95283bd4afc14e98614c864b13 Micronetsoft RV Dealer Website suffers from a remote SQL injection vulnerability. [ glsa-201009-03.txt ] 29aa52d8f9e48eb6c852449c36c4a725 Gentoo Linux Security Advisory 201009-3 - The secure path feature and group handling in sudo allow local attackers to escalate privileges. Versions less than 1.7.4_p3-r1 are affected. [ moaub07-novell.pdf ] ad83723a305777643009329903c4bf71 Month Of Abysssec Undisclosed Bugs - Novell Netware NWFTPD suffers from a RMD/RNFR/DELE argument parsing buffer overflow. [ moaub-novell.txt ] 107497b5b5f526f444f848d238fcf04f Month Of Abysssec Undisclosed Bugs - Novell Netware NWFTPD suffers from a RMD/RNFR/DELE argument parsing buffer overflow. [ beehiveforum091-xssxsrf.txt ] 4d80db509d414ab31f5b62a6c4d0c304 BeehiveForum version 0.9.1 suffers from cross site request forgery and cross site scripting vulnerabilities. [ itsecteam_shell.zip ] b30055c75b8c68a9c8b8f945ee5aad7c This is a backdoor PHP shell from ITSecTeam. [ hordeaf-xss.txt ] 4343470c4fb1d99f0abf728d32400857 Horde Application Framework versions 3.3.8 and below suffer from a cross site scripting vulnerability. [ netrecon-1.78.tgz ] dcfe141a58babc0277f7d58e4102a934 Netreconn is a collection of network scan/recon tools that are relatively small compared to their larger cousins. These include nstrobe, ipdump, and ndecode. [ glsa-201009-02.txt ] e4cc2fa7a55c4835d6565b252f840992 Gentoo Linux Security Advisory 201009-2 - Insecure permission handling in maildrop might allow local attackers to elevate their privileges. Christoph Anton Mitterer reported that maildrop does not properly drop its privileges when run as root. Versions less than 2.4.2 are affected. [ dsa-2104-1.txt ] 9a0a71a52f714254cea594f18bf3db98 Debian Linux Security Advisory 2104-1 - Several remote vulnerabilities have been discovered in the BGP implementation of Quagga, a routing daemon. [ joomlaaardvertiser-sql.txt ] 9623d1926921a22bdd4e1a2733f0c81e The Joomla Aardvertiser component version 2.1 suffers from a remote blind SQL injection vulnerability. [ ZSL-2010-4962.txt ] ee5f8a04648428bcca695ec61209a235 MySource Matrix version 3.28.3 suffers from a cross site scripting vulnerability. [ MDVSA-2010-171.txt ] af20b3ba41da2894c48b67a30d4abee2 Mandriva Linux Security Advisory 2010-171 - The cluster logical volume manager daemon in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted control commands. The updated packages have been patched to correct this issue.