Lenovo ThinkVantage Communications Utility version 3.0.42.0 suffers from an unquoted service path privilege escalation vulnerability.
a92ca47eccd01ae4654243d47f3b098b100eb14af6a58f14d8f5b8f4bd1c1453
Red Hat Security Advisory 2012-1149-01 - The sudo utility allows system administrators to give certain users the ability to run commands as root. An insecure temporary file use flaw was found in the sudo package's post-uninstall script. A local attacker could possibly use this flaw to overwrite an arbitrary file via a symbolic link attack, or modify the contents of the "/etc/nsswitch.conf" file during the upgrade or removal of the sudo package. This update also fixes the following bugs:
beba8e6ed13cfb26fb7c7c1854aef7f93f140ed6cc736059b657a68db78e6e8f
Ubuntu Security Notice 1511-1 - Huzaifa Sidhpurwala discovered that the tiff2pdf utility incorrectly handled certain malformed TIFF images. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.
6d79518b72d5ecf13083c6ab3b54a05a6a053fc38887997dd9f4db4d024afa41
Red Hat Security Advisory 2012-1081-01 - The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way the network matching code in sudo handled multiple IP networks listed in user specification configuration directives. A user, who is authorized to run commands with sudo on specific hosts, could use this flaw to bypass intended restrictions and run those commands on hosts not matched by any of the network specifications. All users of sudo are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
2dfbfa43bde13f32ff7b638eeb910225f286b002c9fd10e5b654f6375bb16e10
Ubuntu Security Notice 1498-1 - It was discovered that the TIFF library incorrectly handled certain malformed TIFF images. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. It was discovered that the tiff2pdf utility incorrectly handled certain malformed TIFF images. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. Various other issues were also addressed.
3b79f4af0c1548cb1ed223db3afc67082ff8290dc8746f691a68cb86abbbd616
Sielco Sistemi Winlog versions 2.07.16 and below suffer from various code execution, stack overflow, and directory traversal vulnerabilities. Proof of concept utility included.
2c3d3186116ed66592e68144dac18e5288896dc07ba9846d20cbd79b708917db
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
e69fbebcebb7d9509ca9133c39b2f91991a44738d1844caf385f1f3f66f73979
Red Hat Security Advisory 2012-0958-04 - The sos package contains a set of tools that gather information from system hardware, logs and configuration files. The information can then be used for diagnostic purposes and debugging. The sosreport utility collected the Kickstart configuration file, but did not remove the root user's password from it before adding the file to the resulting archive of debugging information. An attacker able to access the archive could possibly use this flaw to obtain the root user's password. "/root/anaconda-ks.cfg" usually only contains a hash of the password, not the plain text password.
03ed5dafab5d4b2b65c9f7dda0dbbc677dca70ad262f3abffdc9d6c85f4d2ea2
Red Hat Security Advisory 2012-0841-04 - ABRT is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. The btparser utility is a backtrace parser and analyzer library, which works with backtraces produced by the GNU Project Debugger. It can parse a text file with a backtrace to a tree of C structures, allowing to analyze the threads and frames of the backtrace and process them.
bd72154a1c7c9f34d01a0388a2d739ac8d018b2bd3b877ce4278e6dd64c6a0a6
Red Hat Security Advisory 2012-0810-04 - BusyBox provides a single binary that includes versions of a large number of system commands, including a shell. This can be very useful for recovering from certain types of system failures, particularly those involving broken shared libraries. A buffer underflow flaw was found in the way the uncompress utility of BusyBox expanded certain archive files compressed using Lempel-Ziv compression. If a user were tricked into expanding a specially-crafted archive file with uncompress, it could cause BusyBox to crash or, potentially, execute arbitrary code with the privileges of the user running BusyBox.
692a17a1637832054a96a9ba834f72d74f07559261d87ec14a946255edfa3450
Samsung AllShare versions 2.1.1.0 and below suffer from a NULL pointer vulnerability. Proof of concept utility included.
83cd80b6e2edbb33b8a4976ea647724003619c7fb8d84f66b2a16fcef95d2296
DeXSS provides a SAX2 Parser to help protect against cross site scripting (XSS) attacks. DeXSS uses TagSoup to parse potentially malformed input, followed by a SAX2 filter pipeline to remove JavaScript from HTML. You can use the DeXSS parser in place of your existing SAX2 parser, or you can use the DeXSS utility to provide a string-to-string conversion.
6b2ac847ccc68a5a4b369c54df3b011afeef4702562ef4d6304a3355e16ed115
OpenSSL version 1.0.1 suffers from a local buffer overflow vulnerability in the command line utility.
a5fcc3832f2520c9e1f546ab32a9b27fdfd7926a5b3de285d09980efe0d00fff
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
54a6978fdaae8c9a83798016669aebaf82c92f549478b0be940844cd0189258e
Red Hat Security Advisory 2012-0677-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. CREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.
99eb758e26ad01db7e3e088f497dd8ec98005e8f4fdef7cb43e51787e609733a
Red Hat Security Advisory 2012-0678-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. When configured to do SSL certificate verification, PostgreSQL only checked the first 31 characters of the certificate's Common Name field. Depending on the configuration, this could allow an attacker to impersonate a server or a client using a certificate from a trusted Certificate Authority issued for a different name.
a11a5493acd610cf7f4bfdc27b2eba1d9d44ea753011012d38733b38292f077e
Zone-H posting utility that is multi-threaded.
b66e0936308863c1f7d366e259b553da4eb8876a94121e392bd577f7c622e4b7
oclHashcat+ Advanced GPU hash cracking utility that includes the World's fastest md5crypt and phpass crackers and has the first GPGPU-based rule engine. Focuses on highly iterated modern hashes, single dictionary-based attacks, and more. 32-bit version.
619a15cfcb80ab0c595c05dd9771cef8edb986716110df6007e589fb9313db05
oclHashcat+ Advanced GPU hash cracking utility that includes the World's fastest md5crypt and phpass crackers and has the first GPGPU-based rule engine. Focuses on highly iterated modern hashes, single dictionary-based attacks, and more. 64-bit version.
216e918ae767ffdc89f9582d7d8b22672195a20158c9d05a9d674edb52ea5325
SHA-1 MySQL database brute forcing utility. Written in Python.
0068129733662bae54b4b7a0b553891a45edd277617355e6aec8c7aae793b8ad
Ubuntu Security Notice 1416-1 - Alexander Gavrun discovered that the TIFF library incorrectly allocated space for a tile. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a denial of service. It was discovered that the tiffdump utility incorrectly handled directory data structures with many directory entries. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. This issue only applied to Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. Various other issues were also addressed.
681cde6032e82ac9b21d67f935de062ade203b655ea767682858a6b7da05457c
cryptmount is a utility for creating and managing secure filing systems on GNU/Linux systems. After initial setup, it allows any user to mount or unmount filesystems on demand, solely by providing the decryption password, with any system devices needed to access the filing system being configured automatically. A wide variety of encryption schemes (provided by the kernel dm-crypt system and the libgcrypt library) can be used to protect both the filesystem and the access key. The protected filing systems can reside in either ordinary files or disk partitions. The package also supports encrypted swap partitions, and automatic configuration on system boot-up.
d55c0d9a11ef35fbbf7fd3a4557f43d670069ca55b97907fda8e756b11c3812d
Mandriva Linux Security Advisory 2012-035 - Multiple out-of heap-based buffer read flaws and invalid pointer dereference flaws were found in the way file, utility for determining of file types processed header section for certain Composite Document Format files. A remote attacker could provide a specially-crafted CDF file, which once inspected by the file utility of the victim would lead to file executable crash. The updated packages for Mandriva Linux 2011 have been upgraded to the 5.11 version and the packages for Mandriva Linux 2010.2 has been patched to correct these issues.
4047982958ece3e56808e6732bee8a5b66fdecf385ac7aecc0043d63cb942a06
Simple Fuzz is a simple fuzzer. It has two network modes of operation, an output mode for developing command line fuzzing scripts, as well as taking fuzzing strings from literals and building strings from sequences. It is built to fill a need - the need for a quickly configurable black box testing utility that does not require intimate knowledge of the inner workings of C or require specialized software rigs. The aim is to just provide a simple interface, clear inputs/outputs, and reusability.
a65bb4d048c713dd9ecc4b42b98cc124516fd5c1df19deddfc664476aad7caac
Red Hat Security Advisory 2012-0309-03 - The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the sudo password checking logic. In configurations where the sudoers settings allowed a user to run a command using sudo with only the group ID changed, sudo failed to prompt for the user's password before running the specified command with the elevated group privileges. Various other issues have also been addressed in this advisory.
a827591da4fea2ba8c870bb76c75ed69cda355d31fcd569f1ba1cd76fc27be43
Red Hat Security Advisory 2012-0153-03 - Sos is a set of tools that gather information about system hardware and configuration. The sosreport utility incorrectly included Certificate-based Red Hat Network private entitlement keys in the resulting archive of debugging information. An attacker able to access the archive could use the keys to access Red Hat Network content available to the host. This issue did not affect users of Red Hat Network Classic. This updated sos package also includes numerous bug fixes and enhancements.
72f02d3ff7245ab41813002e88e09e0957605f7db822e4b33daab5eebda5e2ed