Ubuntu Security Notice 499-1 - Stefan Esser discovered that mod_status did not force a character set, which could result in browsers becoming vulnerable to XSS attacks when processing the output. If a user were tricked into viewing server status output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. By default, mod_status is disabled in Ubuntu. Niklas Edmundsson discovered that the mod_cache module could be made to crash using a specially crafted request. A remote user could use this to cause a denial of service if Apache was configured to use a threaded worker. By default, mod_cache is disabled in Ubuntu. A flaw was discovered in the signal handling of Apache. A local attacker could trick Apache into sending SIGUSR1 to other processes. The vulnerable code was only present in Ubuntu Feisty.
69c2ee81e5ba3748cde201f6e604a87d176a6e5c82bbc5fb13bacec9909aa2a6
iDefense Security Advisory 08.16.07 - Local exploitation of a buffer overflow vulnerability in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. This vulnerability specifically exists due to insufficient validation of the length of attacker supplied data. When an attacker specifies a specially crafted string via certain environment variables, the string is copied into a static sized buffer stored on the stack. By supplying too much data, an attacker can overflow the buffer and overwrite stack-stored execution control structures resulting in arbitrary code execution. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.
2ce73c62807c4278c40ffa0601e9af21c2b385048feb81b35475702acd8470ab
iDefense Security Advisory 08.16.07 - Local exploitation of multiple untrusted search path vulnerabilities in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. These vulnerabilities exist due to the execution of binaries or loading of libraries within untrusted paths. In each case, the path to a binary or library is generated based on an environment variable that is under attacker control. Additionally, the files to be executed or loaded are located in a directory under attacker control. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.
5577b8f6a48a6bedfc93172160c097112cad4770e7ab3d4afe01806091868426
iDefense Security Advisory 08.16.07 - Local exploitation of a directory creation vulnerability in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. This vulnerability exists due to insecure directory creation within setuid-binaries included with DB2. While creating specific directory structures, attacker created symbolic links will be followed. This allows world-writable directories to be created anywhere on the file system. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.
6bb87043d539277fe0a85042c481ab1af91f564f464c010d4f7c3bb59bc02e98
iDefense Security Advisory 08.16.07 - Local exploitation of multiple file creation vulnerabilities in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. These vulnerabilities are due to insufficient checking being performed while handling files with elevated privileges. By setting certain combinations of environment variables, an attacker is able to create or append to arbitrary files on the system. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.
68f5e988169e1a1f9703ab258eee67f2763fe92aeb1c8a4ac21ddfb06c5cd74e
iDefense Security Advisory 08.16.07 - Local exploitation of a directory traversal vulnerability in IBM Corp.'s DB2 Universal Database allows attackers to cause a denial of service (DoS) condition or elevate privileges to root. Some DB2 binaries that are installed setuid-root will save event information to a log file. When creating the full path to the destination file, an environment variable is concatenated with "/tmp/". Since there is no checking for path traversal strings, such as "../", within the environment variable, an attacker is able to create arbitrary files on the system. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.
6f620eab6537c31509d20ac985ce18180b4e6d3c22825695c8acd36e676cfc76
iDefense Security Advisory 08.16.07 - Local exploitation of multiple race condition vulnerabilities in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. These vulnerabilities are due to insufficient checking being performed while handling files with elevated privileges. In each case, a race condition exists between a check to see if an existing file is a symbolic link and modifying it. By quickly and repeatedly removing and recreating the file as a symbolic link, an attacker could modify arbitrary files with root privileges. iDefense confirmed the existence of these vulnerabilities in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.
def2b551a679acaa494a7c32010e039efa2e488a7698767f83081bf79c986072
Gentoo Linux Security Advisory GLSA 200708-12 - Wireshark doesn't properly handle chunked encoding in HTTP responses, iSeries capture files, certain types of DCP ETSI packets, and SSL or MMS packets. An off-by-one error has been discovered in the DHCP/BOOTP dissector when handling DHCP-over-DOCSIS packets. Versions less than 0.99.6 are affected.
af6cb3a05dedc8d0f0b1cdb1bcbf0cf1cf3cdb6c487be371388dd3e7d3aecae4
Gentoo Linux Security Advisory GLSA 200708-11 - Stefan Esser discovered errors with evidence of memory corruption in the code parsing the headers. Several independent researchers also reported errors involving the handling of HTTP headers, the mod_auth and mod_scgi modules, and the limitation of active connections. Versions less than 1.4.16 are affected.
4b93d00e8346ee0513619fe0cb000ab50487fcd726d600745ed90dd8a12b0ecb
Gentoo Linux Security Advisory GLSA 200708-10 - Dormando reported a vulnerability within the handling of password packets in the connection protocol. Andrei Elkin also found that the CREATE TABLE LIKE command didn't require SELECT privileges on the source table. Versions less than 5.0.44 are affected.
39e9b5dcb8341de0eef94ba1c55dcfed5cfb6abfd1c5592e1d020349a61457d8
The ASP.NET version of Text File Search suffers from a cross site scripting vulnerability.
66263ba1b03a3bc49325c2ae5abed2036b824a42558fbb63ba016b1bcac46d90
Text File Search Classic ASP suffers from a cross site scripting vulnerability.
d9304302bd0601615327d029228a49aee51781e275fd51fa35cf5596ebc7ccbd
Template Security has discovered a root privilege escalation vulnerability in the BlueCat Networks Adonis DNS/DHCP appliance which allows the admin user to gain root privilege from the Command Line Interface (CLI). Adonis version 5.0.2.8 is susceptible. Exploit details included.
219aa7d9b7cf70a7456a29006c7032444b70633a33926ddf828895ebe52d9a93
Olate Download version 3.4.1 suffers from an authentication bypass vulnerability in admin.php.
c653e98a19525918ae3457e1ba83227b7bd19bb919bd8740854b5dc25e99f6ef
Whitepaper: Oracle Forensics Part 6 - Examining Undo Segments, Flashback and the Oracle Recycle Bin.
76e1d7ed99164fa689c01f4960b40e5de09c7ff60fa91c3fe4fcaabf1c4422f2
Brute force dictionary generator written as a bash shell script.
89758529c904f92045403f5012116598004a14921235d4970e273bc616233144
NGS has discovered a local privilege escalation vulnerability in the Cisco VPN client. Versions below 5.0.01.0600 are affected.
436882c9a5494e1185241b6fe402d4ef752be7a51be1314974bd0e4dfed3317c
EDraw Office Viewer Component version 5.1 HttpDownloadFile() insecure method exploit.
0087365c213a194631e52cec6d5a488a7e66652d404dc2be8c61f20c07488d4c
Secunia Security Advisory - A vulnerability has been reported in Sun JRE, which can be exploited by malicious people to compromise a user's system.
bc5bd0fefc6939931b51cd4b71d07178432ca03b266bd9c0acaab8cda7cd0727
Secunia Security Advisory - A vulnerability has been reported in Dell Remote Access Card 4, which can be exploited by malicious people to cause a DoS (Denial of Service).
e5c14aa3d23da72b7e6ffbc6e30fffdabb002eb9a7dbaab41c1c5896e2b2e8cc
Secunia Security Advisory - Robert Watson has reported some vulnerabilities in Generic Software Wrappers Toolkit, which can be exploited by malicious, local users to bypass certain security restrictions.
f5ae77b98f467601879a9e35d96266682a4419f32e36597f2e4bb63bc9bdf7ab
Secunia Security Advisory - Multiple vulnerabilities have been reported in IBM DB2, some of which have an unknown impact, while others can potentially be exploited to bypass certain security restrictions or perform certain actions with escalated privileges.
aba8b13b5866d4d55b9e3ff680c5f92115e2e9ae3d34495296274d33d23b8843
Secunia Security Advisory - Robert Watson has reported some vulnerabilities in CerbNG, which can be exploited by malicious, local users to bypass certain security restrictions.
0d43b1cf628111546ad655bb73fc09c82b66a12ddc08aac26b734063fa2801e4
Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to potentially disclose sensitive information or to cause a DoS (Denial of Service).
5e6623cde4cc5847d382e804a63e58e400da874f3bdc26afd6dfcc05bb484f41
Secunia Security Advisory - Robert Watson has reported some vulnerabilities in Systrace and Sysjail included in OpenBSD, which can be exploited by malicious, local users to bypass certain security restrictions.
aa29115f07f508be187472b7d69d97e72f5394eb35302299ced96dba0058bc36