The Apple QuickTime player does not properly parse .fpx media files, which causes a memory corruption by opening a malformed file with an invalid value located in PoC repro.fpx at offset 0x49. Tested vulnerable are versions 7.6.8 (1675) and 7.6.6 (1671).
facb84d8419ffcf0bba2fe7f89e1f2ae1bc160d4a44a1f04b6c7f18419579e90Slackware Security Advisory - New seamonkey packages are available for Slackware 13.37 and -current to fix security issues.
0e7f91ef946bc3b298a3e525bf3374f95ba16115fb231414c495eec83ec0f72aSlackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 13.37 and -current to fix security issues.
40aae2ac9ae928d4b5512868d380d3f44f261b48cff60ff0fa08d133476e261dSlackware Security Advisory - New mozilla-firefox packages are available for Slackware 13.37 and -current to fix security issues.
0fe3a5c29502f07945a64923b1d89ec43de7af314e8be1821be25a414eba2195URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.
744bfee0933dc8f1f2432528d5f7c5ce770416146ddc67b984b5117426e99dcdRed Hat Security Advisory 2012-1098-01 - The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort.
a4403bcb8e6ea39cef9f81f3176ba1bb2782088e2076dfc97ee09e39f03e3438Red Hat Security Advisory 2012-1097-01 - The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. It was discovered that the formatted printing functionality in glibc did not properly restrict the use of alloca(). This could allow an attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort.
1c4404ac353004ea4bc37b5126608f16e0e060649ba8f8ba172c59bb8a07d6a2Simple Packet Sender (SPS) is a Linux packet crafting tool. It supports IPv4, IPv6 (but not extension headers yet), and tunneling IPv6 over IPv4. Written in C on Linux with GUI built using GTK+. Both source and binaries are included. Features include packet crafting and sending one, multiple, or flooding packets of type TCP, ICMP, or UDP. All values within ethernet frame can be modified arbitrarily. Supports TCP, ICMP and UDP data as well, with input from either keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. Various other features exist as well.
3e2b136f015fae19c61b2b118d1d58402b2d75b2f9c0c22031532788387ffcbeSlackware Security Advisory - New pidgin packages are available for Slackware 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.
a88e26046b8bc391e0c4c84f585e2c060fb72db3a90cd34e037858c1ff507966Slackware Security Advisory - New php packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.
3ff04ee32668e3d12cde5cacdf554aa5ecd59402e6b6782ca20ce833c430d0c8Google Chrome developers, while trying to be adaptive and current, added some windows 8 helper functions to aid the development of Metro style behavior, but does not include the library file itself, thus resulting in an unqualified dynamic-link library call to 'metro_driver.dll'. A user with local disk access can carefully construct a DLL that suits the pattern that is being traversed by the client and implement it somewhere along the search path and the client will load it seamlessly.
dbb9d62577ac5b978fa6419192db9f6b4808436e28a90885a8548c968b26a7d8A large amount of heap and buffer overflows along with denial of service conditions have been addressed in libexif. Versions 0.6.20 and below are affected.
7c6eb35c0114a47e761fa33fe4d24e97391d0ae94702f7a6c5114836348d9739Red Hat Security Advisory 2012-1081-01 - The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way the network matching code in sudo handled multiple IP networks listed in user specification configuration directives. A user, who is authorized to run commands with sudo on specific hosts, could use this flaw to bypass intended restrictions and run those commands on hosts not matched by any of the network specifications. All users of sudo are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
2dfbfa43bde13f32ff7b638eeb910225f286b002c9fd10e5b654f6375bb16e10Red Hat Security Advisory 2012-1080-01 - The IBM Java SE version 1.4.2 release includes the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit.
91d7fea7aa7d7b39fe7a3a9a4e3d7288cafa175bf77962bef334da06bf3382aaThis Metasploit module exploits a stack buffer overflow in ALLMediaServer 0.8. The vulnerability is caused due to a boundary error within the handling of HTTP request. While the exploit supports DEP bypass via ROP, on Windows 7 the stack pivoting isn't reliable across virtual (VMWare, VirtualBox) and physical environments. Because of this the module isn't using DEP bypass on the Windows 7 SP1 target, where by default DEP is OptIn and AllMediaServer won't run with DEP.
cd224eb091bd83cac2f6867238fdeea0e253250295ed9b0257c0173e71de0311Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).
1701fc58dc21a0ecb6c45f4836abb5e380f5e8214af1f3d389ec0e35ee46a019Secunia Security Advisory - VMware has acknowledged multiple vulnerabilities in VMware ESXi, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
394c46ea9f46bca7328b299fb6281fcd27d6ac1da51952d12333bbbe81d35ea5Shopware version 3.5 suffers from a remote SQL injection vulnerability.
5a6df1b8bd0a494ca93cc2d947cf380ac0ddc0a03aa982f3f7ca4cdd7b20e18cVMware Security Advisory 2012-0012 - VMware ESXi update addresses several security issues.
5b4b01c7d05b407f2019d9dcb62997fbe3639d1b4af2d9e365e42c1b2fc8c4acCura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).
79fd0da76674b5e455a947a43496357a83abbd086c7bf141c80764ec54afd32cSecunia Security Advisory - VMware has acknowledged multiple vulnerabilities in VMware ESXi, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
93e428c53413983bf35aca0c5787aaca597fd468e44ede6570097574a3e2ecc9This Metasploit module exploits an arbitrary PHP File Upload and Code Execution flaw in some WordPress blog software plugins. The vulnerability allows for arbitrary file upload and remote code execution POST Data to Vulnerable Script/File in the plugin.
b0f467c2f9513aea9fd89d25f94d00be23be09c42cfc54f3bbc14d023bf918cfCisco Security Advisory - Exploitation of the Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability may allow an unauthenticated, remote attacker to create a denial of service (DoS) condition, causing the product to become unresponsive to new connection requests and potentially leading to termination services and processes. Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities.
452844524965f84e286b89ccffc1bed14c53bc8b474602302070ba68650597c9Cisco Security Advisory - Exploitation of the Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability may allow an unauthenticated, remote attacker to create a denial of service (DoS) condition, causing the product to become unresponsive to new connection requests and potentially leading to termination services and processes. Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities.
557ffed24e36cacc4f3361981664dc75d9334f99a5cbd59d57af8decc4ab8878Cisco Security Advisory - Cisco TelePresence Endpoint devices contain multiple vulnerabilities. Exploitation of the API Remote Command Execution vulnerability could allow an unauthenticated, adjacent attacker to inject commands into API requests. The injected commands will be executed by the underlying operating system in an elevated context. Exploitation of the Remote Command Execution vulnerability could allow an authenticated, remote attacker to inject commands into requests made to the Administrative Web interface. The injected commands will be executed by the underlying operating system in an elevated context. Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities.
42649bcfcd3a6dd19ff048743d266c20939141c54c9347011ae3048feb8bb886Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
9e3d29cc126a1609f93c89cc4b178fb01f091d989e2b8cec117b79eadf7b611c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed