This archive contains all of the 323 exploits added to Packet Storm in August, 2012.
62a89b44f68c720009b979e3beca117f014084b1364f955e9176d17225e49252Adobe Photoshop CS6 version 13.x suffers from a PNG parsing heap overflow vulnerability. Proof of concept PNG file include.
80a53ff72f5790f602424285c5a3993b1990d8e6e206c276ea6e96b7e79484e5Mandriva Linux Security Advisory 2012-149 - Fetchmail version 6.3.9 enabled all SSL workarounds which contains a switch to disable a countermeasure against certain attacks against block ciphers that permit guessing the initialization vectors, providing that an attacker can make the application encrypt some data for him -- which is not easily the case. A denial of service flaw was found in the way Fetchmail, a remote mail retrieval and forwarding utility, performed base64 decoding of certain NTLM server responses. Upon sending the NTLM authentication request, Fetchmail did not check if the received response was actually part of NTLM protocol exchange, or server-side error message and session abort. A rogue NTML server could use this flaw to cause fetchmail executable crash. This advisory provides the latest version of fetchmail which is not vulnerable to these issues.
ff6bd28f326c0bdc5a3cd94d56f5a10beddfa815b3ba6d4fe35ecc0b7acf34f4ISME is a small framework to test IP phones from several editors. It can gather information from IP phone infrastructures, test their web servers for default login/password combinations, and also implement attacks against the systems. ISME has been written in perl with a perl/Tk interface to provide a portable and easy to use tool. Full documentation is also provided.
052944b549e2c683c0e76cceb786430d87744dc8c6db6eb95c053a158d07f5a5Admidio version 2.3.5 suffers from cross site scripting and remote SQL injection vulnerabilities.
aaef337b3e36f2b58275e83626d4bd8d96b1b635d5408e61e4b59a8aa2eb9489Sites powered by rcart suffer from cross site scripting and default administrative credentials for admin panel access vulnerabilities. Note that this finding houses site-specific data.
4716c56a72040f6c2b083d131a6a7fbe3bfff6d01f2aacc433cdaa48a52ffb4bSecunia Security Advisory - Two vulnerabilities have been reported in Asterisk, which can be exploited by malicious users to bypass certain security restrictions and compromise a vulnerable system.
49de625cdfc347f61f0f0374eb5a1c10120f13801a2a86c72505c795a370dcf8Secunia Security Advisory - Some vulnerabilities with an unknown impact have been reported in the Carousel Slideshow plugin for WordPress.
5fcaacea7c150da6e60c2fe250281eac4bcca80603fd1b1802d6c1f1be00481bSecunia Security Advisory - VMware acknowledged multiple vulnerabilities in VMware vCenter and VMware ESX Server, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
0761d786bd103e7de18dc2b598c1891becabc489fdb97b0c9e836cdcedc88b8cSecunia Security Advisory - A security issue has been reported in Symantec PGP Universal Server, which can be exploited by malicious people to disclose certain sensitive information.
d988f039ef82af82e343c27c75f4302ad8116008e6d2cf5817cf7350a9249142Secunia Security Advisory - Debian has issued an update for otrs2. This fixes a vulnerability, which can be exploited by malicious people to conduct script insertion attacks.
778baae9b684de8457439cadf1cb0189c884c234fe86ac74298572baf32c4748Secunia Security Advisory - Brendan Coles has discovered a weakness and a vulnerability, which can be exploited by malicious people to disclose sensitive information.
d0796ff81939af8be1c3c1d5144db240dc995681990a30408f73e58d1ffdbf94Secunia Security Advisory - Ubuntu has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, and compromise a user's system.
510efe55c2d828bb7cdcc062100bd6295b33c9d56d10a6cf25cec276f6f189a1Secunia Security Advisory - Brendan Coles has discovered a weakness and some vulnerabilities in SugarCRM, which can be exploited by malicious users to conduct script insertion attacks, disclose sensitive information, and conduct SQL injection attacks and by malicious people to disclose certain system information.
a946df528af1f95f6c5b99df6b75b0ee1890dd4a3fbc2e5a912e605c4e71e8ceSecunia Security Advisory - A vulnerability has been reported in OTRS Help Desk, which can be exploited by malicious people to conduct script insertion attacks.
e180e848df59c2b457f53b9426dafd630e8876d281b9fecfa5861e2292eee974Secunia Security Advisory - Francis Provencher has discovered a vulnerability in Adobe Photoshop CS6, which can be exploited by malicious people to compromise a user's system.
87139d86294e28cadcdab6337046e96eca5ffba6d1dfb9fa8a0476b9325b80dfSecunia Security Advisory - A vulnerability and a security issue have been reported in Bugzilla, which can be exploited by malicious people to disclose potentially sensitive information and manipulate certain data.
a5cfea192d40d1bbb0e2d4ee70ce226e122c3adc7fec1a3ed96fd765a277608aSecunia Security Advisory - A vulnerability has been reported in neptuneScripts Booking System Pro, which can be exploited by malicious people to conduct cross-site request forgery attacks.
f7b5260a08727c92412e6b9ff787ba8950c5f7c786740836b83b2a4d73f9bfe1Secunia Security Advisory - A weakness has been reported in OpenStack Dashboard (Horizon), which can be exploited by malicious people to conduct spoofing attacks.
06ee40c14db97d78e94bdbe681bc199877193877555f90f81c90a113066f0fd1Secunia Security Advisory - A security issue has been reported in Magnum MNS-6K, which can be exploited by malicious, local users to gain escalated privileges.
38be1024176fadb7bb2f153a05f1eaa63b74a871f10c59b11fc59fb3116cde1cVMware Security Advisory 2012-0013 - VMware has updated several third party libraries in vSphere and vcOps to address multiple security vulnerabilities.
ab37b6926b046653acdeeef66e7c85ba
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed