http://packetstormsecurity.org/ 20 Most Recent Packet Storm File Additions en-us http://packetstormsecurity.org/0809-advisories/PLSA-2008-36.txt Pardus Linux Security Advisory - Multiple memory leaks and buffer overflows have been addressed in ffmpeg. Affected packages are mplayer versions below 0.0_20080825-92-11 and ffmpeg versions below 0.4.9_20080825-46-14. http://packetstormsecurity.org/0809-exploits/wpsimple-xss.txt WordPress Simple Tagging Widget suffers from a cross site scripting vulnerability. http://packetstormsecurity.org/0809-exploits/googlechrome-pwn.tgz Google Chrome Browser version 0.2.149.27 suffers from a SaveAs-related buffer overflow and another denial of service vulnerability. Exploits for both are included in the tarball. PoC-XPSP2.html demonstrates the overflow by launching calc.exe and PoC-Crash.html demonstrates the crash. http://packetstormsecurity.org/0809-advisories/microworld-insecure.txt Multiple MicroWorld products suffer from insecure directory permissions vulnerabilities that allow for privilege escalation. http://packetstormsecurity.org/0809-exploits/devalcms-xssexec.txt devalcms version 1.4a cross site scripting and remote code execution exploit. http://packetstormsecurity.org/0809-exploits/microtik-poc.txt MicroTik RouterOS versions 3.13 and below SNMP write proof of concept exploit. http://packetstormsecurity.org/papers/call_for/xcon2008-cfp.txt Call For Papers for XCon 2008. This conference will take place from November 18th through the 19th in Beijing, China. http://packetstormsecurity.org/0809-exploits/awstats-exec2.txt Remote code execution exploit with an interactive shell for AWStats Totals versions 1.0 through 1.14. Version 2 of this exploit. It now works with magic quotes on or off. http://packetstormsecurity.org/0809-advisories/SSRT080119.txt HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Select Identity (HPSI) Connectors running on Windows. The vulnerability could result in a local disclosure of information. http://packetstormsecurity.org/0809-exploits/wordpress-xss.txt Wordpress Forum version 1.7.4 suffers from a cross site scripting vulnerability. http://packetstormsecurity.org/0809-exploits/geocar-sql.txt Geocar CMS suffers from a remote SQL injection vulnerability. http://packetstormsecurity.org/0809-advisories/MDVSA-2008-186.txt Mandriva Linux Security Advisory - Multiple integer overflows were reported by the Google Security Team that had been fixed in Python 2.5.2. The Python packages on Corporate 3 have been updated to the latest version 2.3.7, which corrects this issue. http://packetstormsecurity.org/papers/bypass/aslr-bypass.txt Whitepaper discussing an ASLR bypassing methodology on the Linux 2.6.17/20 kernel. http://packetstormsecurity.org/0809-advisories/glsa-200809-04.txt Gentoo Linux Security Advisory GLSA 200809-04 - Sergei Golubchik reported that MySQL imposes no restrictions on the specification of DATA DIRECTORY or INDEX DIRECTORY in SQL CREATE TABLE statements. Versions less than 5.0.60-r1 are affected. http://packetstormsecurity.org/0809-advisories/glsa-200809-03.txt Gentoo Linux Security Advisory GLSA 200809-03 - Dyon Balding of Secunia Research reported an unspecified heap-based buffer overflow in the Shockwave Flash (SWF) frame handling. Versions less than 11.0.0.4028-r1 are affected. http://packetstormsecurity.org/0809-advisories/glsa-200809-02.txt Gentoo Linux Security Advisory GLSA 200809-02 - Dan Kaminsky of IOActive reported that dnsmasq does not randomize UDP source ports when forwarding DNS queries to a recursing DNS server. Carlos Carvalho reported that dnsmasq in the 2.43 version does not properly handle clients sending inform or renewal queries for unknown DHCP leases, leading to a crash. Versions below 2.45 are affected. http://packetstormsecurity.org/0809-advisories/glsa-200809-01.txt Gentoo Linux Security Advisory GLSA 200809-01 - Aaron Grattafiori reported a format string vulnerability in the window_error() function in yelp-window.c. Versions less than 2.22.1-r2 are affected. http://packetstormsecurity.org/0809-exploits/zencart138a-sql.txt Zen Cart versions 1.3.8a and below suffer from a remote SQL injection vulnerability. http://packetstormsecurity.org/0809-advisories/atheros-overflow.txt The wireless drivers in some Wi-Fi access points (such as the ATHEROS-based Linksys WRT350N) do not correctly parse the Atheros vendor specific information element included in association requests allowing for denial of service or possible code execution. http://packetstormsecurity.org/UNIX/mail/clamav-0.94.tar.gz Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.