Packet Storm's last 20 added files.
Last Updated: Wed Jul 28 18:42:38 EDT 2010


[ MDVSA-2010-142.txt ] 7c99ef64bfc0338ec6f317c16f73ff04 Mandriva Linux Security Advisory 2010-142 - The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite. OpenLDAP 2.4.22 allows remote attackers to cause a denial of service via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite.  
[ uplusftp-overflow.txt ] 60a3b2b94f3545e1846005844320d4f2 UPlusFTP Server version 1.7.1.01 remote buffer overflow post authentication exploit.  
[ symantecams-flaw.txt ] 99af1c5cdd484a0a3d2744bc9ee6a38d Symantec Antivirus Corporate Edition AMS Intel Alert Handler service (hndlrsvc.exe) proof of concept command execution exploit.  
[ jira-xss.txt ] bd54a2222350829abde01d653c24d6a4 Jira version 4.0.1 suffers from a cross site scripting vulnerability.  
[ secunia-autonomykvrp.txt ] 1e07e58e799d937de79f9a8685c827aa Secunia Research has discovered two vulnerabilities in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused by boundary errors in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing certain records. This can be exploited to cause stack-based buffer overflows via specially crafted files. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.  
[ secunia-autonomykvindex.txt ] 3d559dc765a3666312900d97ec293124 Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused by an error in the SpreadSheet Lotus 123 reader (wkssr.dll) when allocating an array of pointers during the parsing of a certain record type combined with how strings are later indexed. This can be exploited to corrupt memory via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.  
[ zemana-escalate.txt ] 3c52a66eb2c31dd73df27b7a44faf0b1 Zemana AntiLogger with AntiLog32.sys versions 1.5.2.755 and below suffer from a local privilege escalation vulnerability.  
[ ceteraecommerce-sqlxss.txt ] 2eaa26eb1f22884df3d3167bc069e4b0 Cetera eCommerce versions 14.0 and below suffer from cross site scripting and remote SQL injection vulnerabilities.  
[ secunia-wkssriu.txt ] 50abca786543ffdc74a394e0ff72c086 Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused by an integer underflow error in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing the size of a specific record type. This can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.  
[ secunia-autonomywosr.txt ] 54f75386e8a64e96a4a8814d3df82ed6 Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error the WordPerfect 5.x reader (wosr.dll) when parsing data blocks and can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.  
[ secunia-autonomyrtfsigned.txt ] 051da84386777387a8d490662fbcab7b Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a signedness error when parsing the argument to the "\\ls" keyword within a list override table entry in RTF files. This can be exploited to cause a buffer overflow via a specially crafted RTF file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.  
[ secunia-autonomywkssr.txt ] b86bf4c0e20e58cec482e0807c9fbb94 Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error in the Spreadsheet Lotus 123 reader (wkssr.dll) when converting floating point values in certain record types. This can be exploited to cause a stack-based buffer overflow via a specially crafted file. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.  
[ secunia-autonomycfp.txt ] 51d0af3f78c93a798c10dd606371c9df Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error when parsing record data in compound documents. This can be exploited to cause a heap-based buffer overflow when an application using the vulnerable library parses e.g. a specially crafted Quattro Pro file. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.  
[ apachetomcat-traversal.txt ] be0f85711288d99a26465aac5493aec3 UTF-8 directory traversal /etc/passwd grabbing exploit for Apache Tomcat versions prior to 6.0.18.   
[ joomlaphotomapgallery-sql.txt ] 929ef26fbab0a2d1e5aa1b95348554d7 Joomla PhotoMap Gallery version 1.6.0 suffers from multiple remote blind SQL injection vulnerabilities.  
[ avarcade-insecure.txt ] e24295757afa6e9f6b4a25d30a5fe4e7 AV Arcade version 3 suffers from insecure cookie and SQL injection vulnerabilities.  
[ nubuilder-rfi.txt ] d451eae5886197e24dccb93485ece7ea nuBuilder version 10.04.x suffers from a remote file inclusion vulnerability.  
[ dsa-2076-1.txt ] 9e20355dee50b90ffcce599a243fd717 Debian Linux Security Advisory 2076-1 - It was discovered that GnuPG 2 uses a freed pointer when verify a signature or importing a certificate with many Subject Alternate Names, potentially leading to arbitrary code execution.  
[ dsa-2075-1.txt ] c85c7e83e978f83a8eb180e1d8a1ec32 Debian Linux Security Advisory 2075-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.  
[ MDVSA-2010-141.txt ] 61476c47e396c1762c6244eb9488a6f5 Mandriva Linux Security Advisory 2010-141 - The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request with a certain 0x8003 field value. The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \\xff\\xff security blob length in a Session Setup AndX request. The updated packages provides samba 3.4.8 which is not vulnerable to these issues.