Next Page >>
Reporter
systems.
Besides the recommendation of a secure network architecture with strict
network access control measures, OS hardening and other sound system
administration practices a specific workaround for the vulnerability
reported in this advisory is provided below.
The vulnerability is located in the ODBC server service, vulnerable
organizations that do not require ODBC connectivity may disable the
service with no adverse effects to the CitectSCADA software.
Installations that require ODBC connectivity to SQL databases,
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01612418
Version: 1
HPSBMA02391 SSRT071481 rev.1 - HP OpenView Reporter and HP Reporter Running on Windows, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-12-08
Last Updated: 2008-12-08
. Microsoft virtualization products that are based on Hyper-V technology.
6. *Vendor Information, Solutions and Workarounds*
This issue was reported to Microsoft in August 2009. The vendor has
acknowledged the report and after extensive analysis indicated that it
plans to solve the problem in future updates to the associated products.
We recommend affected users to run all mission critical Windows
applications on non-virtualized systems or to use virtualization
Availability Impact - Complete
CVSS Temporal Score - 5.9
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
SIP Inspection Denial of Service Vulnerabilities
+-----------------------------------------------
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official Fix
Report Confidence - Confirmed
CSCsq57091 - Memory corruption and traceback when inspecting malformed SIP packets
CVSS Base Score - 7.8
Access Vector - Network
Products both on Mac OS 10.5 (Leopard) and iPhone 1.1.4,
and intends to send them in several phases to Apple Inc.
2008/03/08 Apple Inc. replies to n.runs AG providing their public
pgp key. Apple Inc. states that the Apple Inc. RFP will
be used instead of the n.runs RFP
2008/03/08 n.runs AG responds that vulnerability reporting will
only happen under n.runs AG RFP
2008/03/11 Apple Inc. confirms to n.runs AG that the n.runs AG RFP
is aligned to their RFP, and that n.runs may continue
with further communication and bug reporting
2008/03/11 n.runs AG sends PoCs for various issues to Apple Inc.
Availability Impact - Complete
CVSS Temporal Score - 8.3
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCsk21863 - DNS Response Parsing Stack Overflow
CVSS Base Score - 10.0
Access Vector - Network
Availability Impact - Complete
CVSS Temporal Score - 8.3
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCtb31685 - CGI Command Injection
CVSS Base Score - 9.0
Access Vector - Network
Availability Impact - Complete
CVSS Temporal Score - 8.3
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCtf97221 - CGI Command Injection
CVSS Base Score - 10
Access Vector - Network
Availability Impact - Complete
CVSS Temporal Score - 8.3
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCtf01253 - Unauthenticated Java Servlet Access
CVSS Base Score - 10
Access Vector - Network
SQL-Ledger – several issues
===========================
Date released: 21.12.2009
Date reported: 28.07.2009
$Revision: 1.1 $
by Alexander Klink
Fraunhofer Institute for Secure Information Technology
alexander.klink@sit.fraunhofer.de
CVSS Temporal Score - 8.3
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCsf30109 - IOS-XR SNMPv3 HMAC Authentication issue
- --------------------------------------------------------
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCsi98433 - CTLProvider leaks memory in certain scenarios
CVSS Base Score - 7.8
Access Vector - Network
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCsi98433 - CTLProvider leaks memory in certain scenarios
CVSS Base Score - 7.8
Access Vector - Network
print '[-] Must specify a filename. Remember to change the pop pop ret
address! :)'
else:
createMaliciousFile(argv[1])
*Report Timeline*
2007-09-13: Email to IBM AIX security requesting security contact
information for Lotus Notes
2007-09-14: Reply from IBM AIX security team with contact information of
the IBM Lotus Notes security team
2007-09-17: Email to IBM Lotus Notes security notifying Core’s intent to
Availability Impact Complete
CVSS Temporal Score - 8.3
Exploitability Functional
Remediation Level Official Fix
Report Confidence Confirmed
CSCtb83607 - Privilege escalation possible over HTTP protocol
CVSS Base Score - 9
Access Vector Network
Access Complexity Low
Description:
PHP, an open source scripting language, suffers from several bugs that may
pose a security risk.
The reported issues have been discovered in several API functions, issues
include buffer overflows, near null reads/writes, arbitrary memory read
and an off-by-one issue. Some of the issues have been previously reported
in older versions of PHP but they either have not been fixed or they were
re-introduced in a later time. The issues have been discovered in both
core and, in some cases, PECL functions/classes/methods.
- -----/
8. *Report Timeline*
. 2009-08-25:
Core Security Technologies ask the Autodesk Assistance Team for a
security contact to report the vulnerability.
- -----/
8. *Report Timeline*
. 2009-08-25:
Core Security Technologies ask the Autodesk Assistance Team for a
security contact to report the vulnerability.
Save scene to a file with '.mb' or '.ma' format. Next time you open
the scene, calc.exe will be run. This same behavior can be obtained
using pure MEL code.
8. *Report Timeline*
. 2009-08-25:
Core Security Technologies ask the Autodesk Assistance Team for a
security contact to report the vulnerability.
Description:
Android, an open source mobile phone platform, is affected by two bugs
that lead to denial-of-service (DoS) conditions.
Two separate DoS issues have been independently reported to oCERT.
The most recent report concerns Android handling of SMS messages: a
specific malformed SMS message can be crafted to trigger a condition that
disconnects the mobile phone from the cellular network. The malformed SMS
message consists of a badly formatted WAP Push message which causes an
Availability Impact - None
CVSS Temporal Score - 6.8
Exploitability - High
Remediation Level - Official-Fix
Report Confidence - Confirmed
* Cisco ASA may crash with certain HTTP packets (CSCsv52239)
CVSS Base Score - 7.8
Access Vector - Network
CVSS Temporal Score - 8.7
Exploitability - High
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCsq32379 - DM Default Account Credentials
CVSS Base Score - 10
Before I get into the technical details of this report, and the Horde
Team's response, I want to take a minute to explain the perceived slow
response by the Horde Team to this report. This issue was released to
Bugtraq before any notification was sent to the Horde team. The
notification sent to security@horde.org was received Thursday at
nearly 10:30PM Eastern Time , a time after which most of our
developers are no longer are active. It was also sent 4 minutes after
the Bugtraq email. There was no bug filed on our website, no prior
warning email, and no courtesy shown by HostGator to the Horde
community. The Horde Team does have established procedures for
The Web Hacking Incidents Database (WHID) annual report for 2007 is out.
The WHID 2007 annual report builds on the new metrics we recently added to
WHID, such as attack method, attack outcome, country and industry sector of
hacked organization to analyze web hacking trends in 2007.
In the report we discuss the drivers for web hacking, the vulnerabilities
exploited and the types of organization attacked. We hope that the report
can serve to highlight the web application security issue and as a base for
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCtg62855 ("Core dump when processing certain SIP packets")
CVSS Base Score - 7.8
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc47823 - CCM Core at invalid Line# in SCCP RegAvailableLines and FwdStatReq
CVSS Base Score - 7.8
3. *Vulnerability Description*
SolidDB is an in-memory relational database from IBM with over 3,000,000
deployments [1]. It is used as an embedded database by independent
software vendors of enterprise applications, telecommunications and
embedded software and systems. IBM reports SolidDB as being used in
mission-critical applications from Cisco, HP, Alcatel and Nokia Siemens.
The in-memory database is also used as core component of IBM SolidDB
Universal Cache, a performance improvement application for relational
databases such as DB2, Microsoft SQL Server, Oracle and Informix.
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCsz40392 - CCM: Coredump in sipSafeStrlen from malicious INVITE
Access Vector - Network
Access Complexity - Low
Fixed version:
libtiff, N/A (patch has been made available and it's expected to be committed
to libtiff CVS)
Credit: vulnerability report and PoC code received from Tielei Wang <wangtielei
[at] icst [dot] pku [dot] edu [dot] cn>, ICST-ERCIS.
CVE: CVE-2009-2347
Timeline:
Next Page>>
|
