Mandriva Linux Security Advisory 2012-077 - Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop. Various other issues have also been addressed.
d7de3f7e0b80f09045f1b2c5f542725b115d3f5c08f7a893d8351dc7200e188aHP Security Bulletin HPSBPV02754 SSRT100803 2 - A potential security vulnerability has been identified with certain HP ProCurve 5400 zl switches using a compact flash card which may contain malware content that is a PC trojan executable. The ProCurve switch operating system is not infected with the malware and the content on the compact flash card has no impact on the operation of the switch. Reuse of the compact flash card in a personal computer and manual execution of the malware content could result in a compromise of that system's integrity. Revision 2 of this advisory.
ce91c089270db6db060c9c1d7c9215979ae30446e5abfbcc9e91e77982f91126Mandriva Linux Security Advisory 2011-169 - Security issues were identified and fixed in mozilla NSS, firefox and thunderbird. 22 weak 512-bit certificates issued by the DigiCert Sdn. Bhd certificate authority has been revoked from the root CA storage. Untrusted search path vulnerability in Mozilla Network Security Services might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. Cross-site scripting vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding. Various other issues were also addressed.
1a5863158a5fd4cd434856d62ecc7ece84182035492db44cb1f4705128b08a17Mandriva Linux Security Advisory 2011-138 - This advisory updates wireshark to the latest version (1.6.2), fixing several security issues. Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory. The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.2 does not initialize a certain structure member, which allows remote attackers to cause a denial of service via a malformed packet. Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service via a malformed capture file that leads to an invalid root tvbuff, related to a buffer exception handling vulnerability. The unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark 1.6.x before 1.6.2 does not properly validate a certain frame size, which allows remote attackers to cause a denial of service via a malformed packet. The updated packages have been upgraded to the latest 1.6.x version which is not vulnerable to these issues.
1be2ff4344b88429c4b45236683821e4090a102fcfdcdb92236828617d266698Whitepaper called Client-Side Threats - Anatomy of Reverse Trojan Attacks. Client-side vulnerabilities are among the biggest threats facing users. Attackers are going after weaknesses in desktop applications such as browsers, media players, common office applications and e-mail clients to install malicious software, often Trojan horses and rootkits. This document explains in detail these threats while how to prevent them.
2c1afb10f1f364d84902aa704ae75b54b7d538279adb0348248fba3c6e22acf9Presentation slides from "SCADA Trojans: Attacking the Grid" as it was presented at RootedCon'11 in Madrid.
b859f48eb76310750d6445553c321c3c561679e19c67b8bde7dec9455c01c929Mandriva Linux Security Advisory 2011-035 - The tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: vector 1 exists because of an incorrect fix for CVE-2005-4790.2. The updated packages have been patched to correct this issue.
bc3061e7437994cfa1e698306aec56aba5922b6fc005b13d7fec917c016f2077Mandriva Linux Security Advisory 2011-034 - The muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
0e0448c4dc79cf12f21b404cb86c345195250fa43fb7acde3e837c7b56676625ProFTPD version 1.3.3c compromised source remote root trojan code.
2b3de844c19ee4976c43fb307f8a5ad677fb8b4b2968ed884a2b2c49ff518797Mandriva Linux Security Advisory 2010-241 - gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. The affected /usr/bin/gnc-test-env file has been removed to mitigate the vulnerability as gnc-test-env is only used for tests and while building gnucash. Additionally for Mandriva 2010.1 gnucash-2.2.9 was not compatible with guile. This update adapts gnucash to the new API of guile.
f6ba7fc2153de0d6d4e2127713a15491bdc57288a34cad682323920481676a39Mandriva Linux Security Advisory 2010-240 - Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 and earlier allows local users to gain privileges via a Trojan horse shared library in the current working directory.
7f1d252e40f57defd531fbf90b1795ea402aacc78f6552c5d8e49a06c5af7fcdMandriva Linux Security Advisory 2010-203 - The distcheck rules in GNU Automake 1.11.1, 1.10.3, and release branches branch-1-4 through branch-1-9, when producing a distribution tarball for a package that uses Automake, assign insecure permissions to directories in the build tree, which introduces a race condition that allows local users to modify the contents of package files, introduce Trojan horse programs, or conduct other attacks before the build is complete.
3a077d31230594aef7aca940db8c36c6ab4de647a616eec1b67edc7fa3a96b60Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6 and 2.5) is vulnerable to multiple persistent and reflected XSS attacks. When exploited by an external/internal attacker, such identified vulnerabilities could lead to Session Hijack, Information Disclosure, force installation of malicious file or Trojan on users' PCs, etc.
7d77648766361a40b7d96f7ef892d0dab12d44b36490044262f591af031bf755Go Null Yourself E-zine Issue 1 - Topics in this issue include RTLO Spoofing, Alternate Data Streams, Derandomizing Perl's RNG, Trojaning OpenSSH and more.
da764bb263f3ff2f6073ba91670651cedf533d2c37e234ff11609dae96d20245This is a simple perl keylogger for Windows. Archive password is set to p4ssw0rd. Use at your own risk.
76d6846f0f060503c1b592ab6ef88766d6f3b09cd933aeddaee0d6e8adba9a4eWeevely is a PHP trojan that hides a backdoor for communication using a fake HTTP_REFERER header. Archive password is set to p4ssw0rd. Use at your own risk.
cf94575c893708f95eb4a55035795ab332e4ea43d663319a5d7ef61efd4d7224Unreal IRCD version 3.2.8.1 remote downloader / execute trojan.
4b48b6d7dd9b7a30c90dabc085b3db23fc600667602fe5e3f49415b7e925975eMandriva Linux Security Advisory 2010-091 - This update provides a new OpenOffice.org version 3.1.1. An integer underflow might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow. A heap-based buffer overflow might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to table parsing. A heap-based buffer overflow allows remote attackers to execute arbitrary code via a crafted EMF file. Multiple heap-based buffer overflows allow remote attackers to execute arbitrary code via a crafted EMF+ file. OpenOffice's xmlsec uses a bundled Libtool which might load.la file in the current working directory allowing local users to gain privileges via a Trojan horse file. For enabling such vulnerability xmlsec has to use --enable-crypto_dl building flag however it does not, although the fix keeps protected against this threat whenever that flag had been enabled.
8d9c5f17ff17abb01c346325d44694318ba9b0991da8314b424d66dd738fe7f5Mandriva Linux Security Advisory 2010-078 - The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ., which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. Packages for 2009.0 are provided due to the Extended Maintenance Program.
434d5ae46530ca84b4e40cec180a734b59057077f1e870dbe4462b04e8ee1772Mandriva Linux Security Advisory 2010-078 - The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for., which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
d73db4cce13f07558bb167bb1c09f7caf34a09bdb07a74b3921f8547fa6960e6Mandriva Linux Security Advisory 2010-075 - OpenOffice's xmlsec uses a bundled Libtool which might load .la file in the current working directory allowing local users to gain privileges via a Trojan horse file. For enabling such vulnerability xmlsec has to use --enable-crypto_dl building flag however it does not, although the fix keeps protected against this threat whenever that flag had been enabled.
23ab26a558f6ee10fc5753b67472cba4b55f9540928eebeb46b588ba97cdd500Whitepaper called Introduction to PHP Trojans. Written in Spanish.
8fcdc63bcd4fb561d922607d7923a7e2ab2bb726e95df7dc775a0befac9ff31dThis Metasploit module will execute an arbitrary payload against any system infected with the Arugizer trojan horse. This backdoor was shipped with the software package accompanying the Energizer Duo USB battery charger.
a1bf3f27171f32dee29233cb205cbdc4a03991a5c16306ba50e72d267e4f12e0Small whitepaper detailing simple methodologies surrounding PHP trojans.
6af6687dfb6f63aecb232c3f8a37be1090352507eda4e8000e630ee071dcc16cMandriva Linux Security Advisory 2009-341 - Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in (1) the current working directory or (2) a certain subdirectory of the current working directory. This update provides a solution to these vulnerabilities.
c7d601c0b385dee4f628e53dbf3b2c25c6d716ab9e0c2200166d63493ea4ea8f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed