Under certain conditions the SAP HANA platform is vulnerable to arbitrary injection in the audit trail, allowing remote authenticated attackers to write arbitrary fields in the SYSLOG. SAP HANA DB version 1.00.73.00.389160 is affected.
4fde45560f871d006837d95c07be63adc51799cd430904259656550cf718ae3fZero Day Initiative Advisory 12-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the .NET Framework. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within Microsoft .NET XAML Browser Application (XBAP) handling of Clipboard object data. It is possible to cause unsafe memory access within System.Windows.Forms.Clipboard, allowing an attacker to control the memory used by an object's native code. This unsafe access allows for control of a function pointer, which can be exploited to remotely execute code. In the case of Internet Explorer, execution of attacker code occurs outside of the Protected Mode sandbox.
8a9c280b793fd5689ee6d1eab372451da1a6ddfa522f51fffe5b3eeaf469a90fMandriva Linux Security Advisory 2012-135 - The DCP ETSI dissector could trigger a zero division. The MongoDB dissector could go into a large loop. The XTP dissector could go into an infinite loop. The AFP dissector could go into a large loop. The RTPS2 dissector could overflow a buffer. The CIP dissector could exhaust system memory. The STUN dissector could crash. The EtherCAT Mailbox dissector could abort. The CTDB dissector could go into a large loop. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.
ed1f626a9ec66091da1ced33f9dcf94853900a07685bff02a384520cb736cdfcMandriva Linux Security Advisory 2012-134 - The DCP ETSI dissector could trigger a zero division. The MongoDB dissector could go into a large loop. The XTP dissector could go into an infinite loop. The AFP dissector could go into a large loop. The RTPS2 dissector could overflow a buffer. The GSM RLC MAC dissector could overflow a buffer. The CIP dissector could exhaust system memory. The STUN dissector could crash. The EtherCAT Mailbox dissector could abort. The CTDB dissector could go into a large loop. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.
e7a2ce0735205d049fc69106cd58cf7bc1f4cbae6e55ed2fc256e52ad05d4759Sydbox is a ptrace-based sandbox implementation. It intercepts system calls, checks for allowed filesystem prefixes, and denies them when checks fail. It has basic support for disallowing network connections. It has basic support to sandbox execve calls. It is based in part on catbox and strace.
3c758c94c86c4ac72895c9fdaefa767f6b9256d8e658c5b70a850133a119c72bSecunia Security Advisory - Red Hat has issued an update for bind-dyndb-ldap. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
c59d0f781028e733c2717a7ba399d8e4564bd1d37b48aafe348a26fade1899e2Red Hat Security Advisory 2012-1139-01 - The dynamic LDAP back end is a plug-in for BIND that provides back-end capabilities to LDAP databases. It features support for dynamic updates and internal caching that help to reduce the load on LDAP servers. A flaw was found in the way bind-dyndb-ldap performed the escaping of names from DNS requests for use in LDAP queries. A remote attacker able to send DNS queries to a named server that is configured to use bind-dyndb-ldap could use this flaw to cause named to exit unexpectedly with an assertion failure.
21ad281bbda64e6afba7cbfbd5bb1f6bc0aa4383815fd814c5f8361a16099c79Secunia Security Advisory - A vulnerability has been reported in bind-dyndb-ldap, which can be exploited by malicious people to cause a DoS (Denial of Service).
2c955edceb38a3eb4d55c9781a05a8f2959e9280c65c6b0ba3f7ce029d7da6bbSecunia Security Advisory - Red Hat has issued an update for perl-DBD-Pg. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the module.
76987ea6aa324b45021184bc8680f5b030fae09ebce3d2727c30a847c53866cbMandriva Linux Security Advisory 2012-114 - A vulnerability has been discovered and corrected in mod_auth_openid before 0.7 for Apache uses world-readable permissions for /tmp/mod_auth_openid.db, which allows local users to obtain session ids. The updated packages have been upgraded to the latest version which is not affected by this issue.
852743b91a6fc19a2da608cfbc287d316b2388514eed739efdd5105fe90c10d4Mandriva Linux Security Advisory 2012-112 - Two format string flaws were found in the way perl-DBD-Pg. A rogue server could provide a specially-crafted database warning or specially-crafted DBD statement, which once processed by the perl-DBD-Pg interface would lead to perl-DBD-Pg based process crash. The updated packages have been patched to correct this issue.
cfc570df0e44378ae630c6244564f9a1b62cf1d12fda6e443031004d32e127ebRed Hat Security Advisory 2012-1116-01 - Perl DBI is a database access Application Programming Interface for the Perl language. perl-DBD-Pg allows Perl applications to access PostgreSQL database servers. Two format string flaws were found in perl-DBD-Pg. A specially-crafted database warning or error message from a server could cause an application using perl-DBD-Pg to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All users of perl-DBD-Pg are advised to upgrade to this updated package, which contains a backported patch to fix these issues. Applications using perl-DBD-Pg must be restarted for the update to take effect.
6b9911606556711f6d311f9701a306c24b1afc6085dfd1dde7ad91431c552f38Mandriva Linux Security Advisory 2012-108 - Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an overflow. The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors. The updated packages have been upgraded to the 5.3.15 version which is not vulnerable to these issues. Additionally the php-timezonedb packages has been upgraded to the latest version as well.
8c8bb030e17e5411417b68b186f12f4c547e4fe82b46c174807e0d6a29db2919Secunia Security Advisory - Multiple vulnerabilities have been reported in IBM DB2, which can be exploited by malicious users to disclose potentially sensitive information, bypass certain security restrictions, and compromise a vulnerable system.
f670ee1e7cd0e7c5179c2f3586cb8040d947b96c3c5d66afff5c8304b8f9a8fdUbuntu Security Notice 1505-1 - It was discovered that multiple flaws existed in the CORBA (Common Object Request Broker Architecture) implementation in OpenJDK. An attacker could create a Java application or applet that used these flaws to bypass Java sandbox restrictions or modify immutable object data. It was discovered that multiple flaws existed in the OpenJDK font manager's layout lookup implementation. A attacker could specially craft a font file that could cause a denial of service through crashing the JVM (Java Virtual Machine) or possibly execute arbitrary code. Various other issues were also addressed.
d9174e9a4ed57d8cbb518a50151cad98d40855786e4a1d98cef9256e2cf24668This Metasploit module exploits a vulnerability in HotSpot bytecode verifier where an invalid optimization of GETFIELD/PUTFIELD/GETSTATIC/PUTSTATIC instructions leads to insufficient type checks. This allows a way to escape the JRE sandbox, and load additional classes in order to perform malicious operations.
d0f87e2217146b16aef1f52fdc1199e419212c967c36b2332599cb9bbc44e022A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dpwintdb.exe process which listens by default on TCP port 3817. When parsing data within a DtbClsAddObject request, the process copies data from the network into a fixed-length buffer on the stack via an unchecked loop. This can be leveraged by attackers to execute arbitrary code under the context of the SYSTEM user.
556adc16dad6ca3f4873f33810b698ebf5dfd71151e2fd435143e01f45c5066cRed Hat Security Advisory 2012-1009-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in the CORBA implementation in Java. A malicious Java application or applet could use these flaws to bypass Java sandbox restrictions or modify immutable object data. It was discovered that the SynthLookAndFeel class from Swing did not properly prevent access to certain UI elements from outside the current application context. A malicious Java application or applet could use this flaw to crash the Java Virtual Machine, or bypass Java sandbox restrictions.
99830cdb701cb4aacf23d03be256ab6de994c9db6a37ccfd17ca394f12c296a5Secunia Security Advisory - Multiple vulnerabilities have been reported in IBM DB2, which can be exploited by malicious users to disclose potentially sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service) and by malicious people to cause a DoS (Denial of Service).
71dbc1670132131b2cdeabb67ef14622aa0843f5c7f2221af249fd37ffc14652Apple Security Advisory 2012-06-12-1 - Multiple vulnerabilities exist in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_33.
1b40d3aff1934dfdc23e7f4aff638d279d1e97e8c8cb357fe3e86a5e98d2e1b3Red Hat Security Advisory 2012-0730-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Multiple flaws were discovered in the CORBA implementation in Java. A malicious Java application or applet could use these flaws to bypass Java sandbox restrictions or modify immutable object data. It was discovered that the SynthLookAndFeel class from Swing did not properly prevent access to certain UI elements from outside the current application context. A malicious Java application or applet could use this flaw to crash the Java Virtual Machine, or bypass Java sandbox restrictions.
b1a91d78f3f538784041ecd54d8b6862c3de9a7c686315edf5269ed789f47a27Red Hat Security Advisory 2012-0729-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Multiple flaws were discovered in the CORBA implementation in Java. A malicious Java application or applet could use these flaws to bypass Java sandbox restrictions or modify immutable object data. It was discovered that the SynthLookAndFeel class from Swing did not properly prevent access to certain UI elements from outside the current application context. A malicious Java application or applet could use this flaw to crash the Java Virtual Machine, or bypass Java sandbox restrictions.
10180e92bfe85dc94ea653b2b50445f887cdcb28ef932cca455d37b4ecfc9396Secunia Security Advisory - A security issue has been reported in MariaDB, which can be exploited by malicious people to bypass certain security restrictions.
92bb4c20061a285a50c1cd2e48c8b27c121123f3fa4f617c423fd5ab491e1b0dSecunia Security Advisory - Multiple vulnerabilities have been reported in IBM DB2, which can be exploited by malicious, local users to gain escalated privileges, by malicious users to disclose potentially sensitive information, bypass certain security restrictions, gain escalated privileges, and cause a DoS (Denial of Service) and by malicious people to cause a DoS (Denial of Service).
978b46a8c6ac0af02bcf5ea5703e599d21c2bc0ab97778e2a6fe4c3eb65a52dfThis Metasploit module can be used to execute arbitrary commands on IIS servers that expose the /msadc/msadcs.dll Microsoft Data Access Components (MDAC) Remote Data Service (RDS) DataFactory service using VbBusObj or AdvancedDataFactory to inject shell commands into Microsoft Access databases (MDBs), MSSQL databases and ODBC/JET Data Source Name (DSN). Based on the msadcs.pl v2 exploit by Rain.Forest.Puppy, which was actively used in the wild in the late Ninties. MDAC versions affected include MDAC 1.5, 2.0, 2.0 SDK, 2.1 and systems with the MDAC Sample Pages for RDS installed, and NT4 Servers with the NT Option Pack installed or upgraded 2000 systems often running IIS3/4/5 however some vulnerable installations can still be found on newer Windows operating systems. Note that newer releases of msadcs.dll can still be abused however by default remote connections to the RDS is denied. Consider using VERBOSE if you're unable to successfully execute a command, as the error messages are detailed and useful for debugging. Also set NAME to obtain the remote hostname, and METHOD to use the alternative VbBusObj technique.
382234f494b3e6be1ceaa9dc39e8b06bf8faad703997a8f0eec9259b5d187113Dblog version 1.4.1 suffers from an access bypass vulnerability.
b385b6d7bfd3e487033ccfb40153e6b9b3e9d4761dab6f1dcb1a584ab7a75cd9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed