Ubuntu Security Notice 499-1 - Stefan Esser discovered that mod_status did not force a character set, which could result in browsers becoming vulnerable to XSS attacks when processing the output. If a user were tricked into viewing server status output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. By default, mod_status is disabled in Ubuntu. Niklas Edmundsson discovered that the mod_cache module could be made to crash using a specially crafted request. A remote user could use this to cause a denial of service if Apache was configured to use a threaded worker. By default, mod_cache is disabled in Ubuntu. A flaw was discovered in the signal handling of Apache. A local attacker could trick Apache into sending SIGUSR1 to other processes. The vulnerable code was only present in Ubuntu Feisty.
69c2ee81e5ba3748cde201f6e604a87d176a6e5c82bbc5fb13bacec9909aa2a6iDefense Security Advisory 08.16.07 - Local exploitation of a buffer overflow vulnerability in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. This vulnerability specifically exists due to insufficient validation of the length of attacker supplied data. When an attacker specifies a specially crafted string via certain environment variables, the string is copied into a static sized buffer stored on the stack. By supplying too much data, an attacker can overflow the buffer and overwrite stack-stored execution control structures resulting in arbitrary code execution. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.
2ce73c62807c4278c40ffa0601e9af21c2b385048feb81b35475702acd8470abiDefense Security Advisory 08.16.07 - Local exploitation of multiple untrusted search path vulnerabilities in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. These vulnerabilities exist due to the execution of binaries or loading of libraries within untrusted paths. In each case, the path to a binary or library is generated based on an environment variable that is under attacker control. Additionally, the files to be executed or loaded are located in a directory under attacker control. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.
5577b8f6a48a6bedfc93172160c097112cad4770e7ab3d4afe01806091868426iDefense Security Advisory 08.16.07 - Local exploitation of a directory creation vulnerability in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. This vulnerability exists due to insecure directory creation within setuid-binaries included with DB2. While creating specific directory structures, attacker created symbolic links will be followed. This allows world-writable directories to be created anywhere on the file system. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.
6bb87043d539277fe0a85042c481ab1af91f564f464c010d4f7c3bb59bc02e98iDefense Security Advisory 08.16.07 - Local exploitation of multiple file creation vulnerabilities in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. These vulnerabilities are due to insufficient checking being performed while handling files with elevated privileges. By setting certain combinations of environment variables, an attacker is able to create or append to arbitrary files on the system. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.
68f5e988169e1a1f9703ab258eee67f2763fe92aeb1c8a4ac21ddfb06c5cd74eiDefense Security Advisory 08.16.07 - Local exploitation of a directory traversal vulnerability in IBM Corp.'s DB2 Universal Database allows attackers to cause a denial of service (DoS) condition or elevate privileges to root. Some DB2 binaries that are installed setuid-root will save event information to a log file. When creating the full path to the destination file, an environment variable is concatenated with "/tmp/". Since there is no checking for path traversal strings, such as "../", within the environment variable, an attacker is able to create arbitrary files on the system. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.
6f620eab6537c31509d20ac985ce18180b4e6d3c22825695c8acd36e676cfc76iDefense Security Advisory 08.16.07 - Local exploitation of multiple race condition vulnerabilities in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. These vulnerabilities are due to insufficient checking being performed while handling files with elevated privileges. In each case, a race condition exists between a check to see if an existing file is a symbolic link and modifying it. By quickly and repeatedly removing and recreating the file as a symbolic link, an attacker could modify arbitrary files with root privileges. iDefense confirmed the existence of these vulnerabilities in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.
def2b551a679acaa494a7c32010e039efa2e488a7698767f83081bf79c986072Gentoo Linux Security Advisory GLSA 200708-12 - Wireshark doesn't properly handle chunked encoding in HTTP responses, iSeries capture files, certain types of DCP ETSI packets, and SSL or MMS packets. An off-by-one error has been discovered in the DHCP/BOOTP dissector when handling DHCP-over-DOCSIS packets. Versions less than 0.99.6 are affected.
af6cb3a05dedc8d0f0b1cdb1bcbf0cf1cf3cdb6c487be371388dd3e7d3aecae4Gentoo Linux Security Advisory GLSA 200708-11 - Stefan Esser discovered errors with evidence of memory corruption in the code parsing the headers. Several independent researchers also reported errors involving the handling of HTTP headers, the mod_auth and mod_scgi modules, and the limitation of active connections. Versions less than 1.4.16 are affected.
4b93d00e8346ee0513619fe0cb000ab50487fcd726d600745ed90dd8a12b0ecbGentoo Linux Security Advisory GLSA 200708-10 - Dormando reported a vulnerability within the handling of password packets in the connection protocol. Andrei Elkin also found that the CREATE TABLE LIKE command didn't require SELECT privileges on the source table. Versions less than 5.0.44 are affected.
39e9b5dcb8341de0eef94ba1c55dcfed5cfb6abfd1c5592e1d020349a61457d8The ASP.NET version of Text File Search suffers from a cross site scripting vulnerability.
66263ba1b03a3bc49325c2ae5abed2036b824a42558fbb63ba016b1bcac46d90Text File Search Classic ASP suffers from a cross site scripting vulnerability.
d9304302bd0601615327d029228a49aee51781e275fd51fa35cf5596ebc7ccbdTemplate Security has discovered a root privilege escalation vulnerability in the BlueCat Networks Adonis DNS/DHCP appliance which allows the admin user to gain root privilege from the Command Line Interface (CLI). Adonis version 5.0.2.8 is susceptible. Exploit details included.
219aa7d9b7cf70a7456a29006c7032444b70633a33926ddf828895ebe52d9a93Olate Download version 3.4.1 suffers from an authentication bypass vulnerability in admin.php.
c653e98a19525918ae3457e1ba83227b7bd19bb919bd8740854b5dc25e99f6efWhitepaper: Oracle Forensics Part 6 - Examining Undo Segments, Flashback and the Oracle Recycle Bin.
76e1d7ed99164fa689c01f4960b40e5de09c7ff60fa91c3fe4fcaabf1c4422f2Brute force dictionary generator written as a bash shell script.
89758529c904f92045403f5012116598004a14921235d4970e273bc616233144NGS has discovered a local privilege escalation vulnerability in the Cisco VPN client. Versions below 5.0.01.0600 are affected.
436882c9a5494e1185241b6fe402d4ef752be7a51be1314974bd0e4dfed3317cEDraw Office Viewer Component version 5.1 HttpDownloadFile() insecure method exploit.
0087365c213a194631e52cec6d5a488a7e66652d404dc2be8c61f20c07488d4cSecunia Security Advisory - A vulnerability has been reported in Sun JRE, which can be exploited by malicious people to compromise a user's system.
bc5bd0fefc6939931b51cd4b71d07178432ca03b266bd9c0acaab8cda7cd0727Secunia Security Advisory - A vulnerability has been reported in Dell Remote Access Card 4, which can be exploited by malicious people to cause a DoS (Denial of Service).
e5c14aa3d23da72b7e6ffbc6e30fffdabb002eb9a7dbaab41c1c5896e2b2e8ccSecunia Security Advisory - Robert Watson has reported some vulnerabilities in Generic Software Wrappers Toolkit, which can be exploited by malicious, local users to bypass certain security restrictions.
f5ae77b98f467601879a9e35d96266682a4419f32e36597f2e4bb63bc9bdf7abSecunia Security Advisory - Multiple vulnerabilities have been reported in IBM DB2, some of which have an unknown impact, while others can potentially be exploited to bypass certain security restrictions or perform certain actions with escalated privileges.
aba8b13b5866d4d55b9e3ff680c5f92115e2e9ae3d34495296274d33d23b8843Secunia Security Advisory - Robert Watson has reported some vulnerabilities in CerbNG, which can be exploited by malicious, local users to bypass certain security restrictions.
0d43b1cf628111546ad655bb73fc09c82b66a12ddc08aac26b734063fa2801e4Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to potentially disclose sensitive information or to cause a DoS (Denial of Service).
5e6623cde4cc5847d382e804a63e58e400da874f3bdc26afd6dfcc05bb484f41Secunia Security Advisory - Robert Watson has reported some vulnerabilities in Systrace and Sysjail included in OpenBSD, which can be exploited by malicious, local users to bypass certain security restrictions.
aa29115f07f508be187472b7d69d97e72f5394eb35302299ced96dba0058bc36
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed