<< Previous
system administrators
* System logging is enabled (command logging enable)
* The device is configured in any way to generate system log
message 302015 (refer to the following examples)
System log message 302015 has a default severity level of 6
(informational) so, assuming that the system administrator has not
changed this default severity level, the vulnerability can be
triggered if the device is logging to any destination at level 6 or
level 7 (debug). As an example, the following configuration is
vulnerable:
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
h. Service Console package sudo updated to 1.6.9p17-6.el5_4
Sudo (su "do") allows a system administrator to delegate authority
to give certain users (or groups of users) the ability to run some
(or all) commands as root or another user while providing an audit
trail of the commands and their arguments.
When a pseudo-command is enabled, sudo permits a match between the
attackers to obtain plaintext HTTP traffic via a blockwise
chosen-boundary attack (BCBA) on an HTTPS session. Technically this is
no lighttpd vulnerability. However, lighttpd offers a workaround to
mitigate this problem by providing a possibility to disable CBC ciphers.
This updates includes this option by default. System administrators
are advised to read the NEWS file of this update (as this may break older
clients).
For the oldstable distribution (lenny), this problem has been fixed in
===============
From vendor's website:
"The Powerful Management Console of eScan provides options for system
administrators to remotely administer a vast network of clients. It
also allows them to remotely install eScan, deploy upgrades and updates
and enforce an Integrated Security Policy for the entire Enterprise."
#######################################################################
: you can saw the letter which was posted last week by one developer of
: one such vulnerable web application ---
from my reading of that exchange, i "thought" the author a 'system
administrator', rather THAN, the programmer of the flawed application.
from my experience, a sysadmin seldom enjoys the freedom programmers
enjoy.
: it's only way to draw attention of web developers to these issues.
== Description ==
Open Computer and Software (OCS) Inventory Next Generation (NG) is an
application designed to help a network or system administrator keep track
of the computers configuration and software that are installed on the network.
The vulnerability is a sql injection which exists in header.php file.
Attacker could pass a special sql string which can used to create/modify
information stored in the database or authenticated in any user.
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.
I. Background
The jail(2) system call allows a system administrator to lock a process
and all of its descendants inside an environment with a very limited
ability to affect the system outside that environment, even for
processes with superuser privileges. It is an extension of, but
far more powerful than, the traditional UNIX chroot(2) system call.
- Details
PacerCMS is susceptible to both persistent cross-site scripting and
SQL injection attacks. An attacker could use the public
'Write a Letter'(submit.php) form to send a message to the System
Administrator or staff member containing Javascript. The name,
headline, or text POST variables are not sufficiently sanitized.
The system administrator of the CMS sees a list of submitted
messages on siteadmin/index.php right after logging in. If an
attacker sends a message containing Javascript in the name or
restrict which systems can send NTP packets to ntpd(8).
Note that systems will only be affected if they have the "autokey" option
set in /etc/ntp.conf; FreeBSD does not ship with a default ntp.conf file,
so will not be affected unless this option has been explicitly enabled by
the system administrator.
V. Solution
Perform one of the following:
cause the decompressor to crash. It is suspected that such an attacker
can cause arbitrary code to be executed, but this is not known for certain.
Note that some utilities, including the tar archiver and the bspatch
binary patching utility (used in portsnap and freebsd-update) decompress
bzip2-compressed data internally; system administrators should assume that
their systems will at some point decompress bzip2-compressed data even if
they never explicitly invoke the bunzip2 utility.
IV. Workaround
Title: Multiple Security Bugs In Hosting Controller
Critical: Extremely critical
Impact: Full system administrator access
Vendor: Hosting Controller
Version: 6.1 Hot fix <= 3.3
Vendor URL: www.hostingcontroller.com
Solution: N/A From company - There is temporary solution in this report
Exploit: Available
Release Date: 2007 - December
Credit: www.BugReport.ir
Background
==========
VMware Workstation is a virtual machine for developers and system
administrators. VMware Player is a freeware virtualization software
that can run guests produced by other VMware products.
Affected packages
=================
<<Previous
|
