Next Page >>
Sensitive Information
that specifies a small value, leading to a divide-by-zero error or
incorrect use of a signed integer. (CVE-2010-4165)
The copy_shmid_to_user function in ipc/shm.c in the Linux kernel
does not initialize a certain structure, which allows local users to
obtain potentially sensitive information from kernel stack memory
via vectors related to the shmctl system call and the old shm
interface. (CVE-2010-4072)
The ipc subsystem in the Linux kernel does not initialize certain
structures, which allows local users to obtain potentially sensitive
than CVE-2010-4164. (CVE-2010-3873)
The bcm_connect function Broadcast Manager in the Controller Area
Network (CAN) implementation in the Linux creates a publicly accessible
file with a filename containing a kernel memory address, which allows
local users to obtain potentially sensitive information about kernel
memory use by listing this filename. (CVE-2010-4565)
The install_special_mapping function in mm/mmap.c does not make an
expected security_file_mmap function call, which allows local users
to bypass intended mmap_min_addr restrictions and possibly conduct
3. CA eTrust ITM r8.1 Web Console Script Redirection
Vulnerability
4. VMware Virtual Disk Mount Service Local Denial of
Service Vulnerability
5. CA eTrust ITM r8.1 iTechnology SPIN Web Interface
Sensitive Information Disclosure Vulnerability
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03127140
Version: 1
HPSBMU02736 SSRT100699 rev.1 - HP Business Availability Center (BAC) and Business Service Management (BSM), Remote Unauthorized Access to Sensitive Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-12-18
Last Updated: 2012-01-18
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03127140
Version: 2
HPSBMU02736 SSRT100699 rev.2 - HP Business Availability Center (BAC) and Business Service Management (BSM), Remote Unauthorized Access to Sensitive Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-12-18
Last Updated: 2012-02-06
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02790298
Version: 1
HPSBMA02660 SSRT100433 rev.1 - HP Performance Insight Running on HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access to Sensitive Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-04-19
Last Updated: 2011-04-19
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ESA-2011-007: EMC Avamar sensitive information disclosure vulnerability.
EMC Identifier: ESA-2011-007
CVE Identifier: CVE-2011-0442
dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11
and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x
before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress
a script's URL in certain circumstances involving a redirect and an
error message, which allows remote attackers to obtain sensitive
information about script parameters via a crafted HTML document,
related to the window.onerror handler (CVE-2010-2754).
Mozilla Firefox permits cross-origin loading of CSS stylesheets
even when the stylesheet download has an incorrect MIME type and the
stylesheet document is malformed, which allows remote HTTP servers
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02475053
Version: 1
HPSBMA02566 SSRT100045 rev.1 - HP System Management Homepage (SMH) for Linux, Remote Disclosure of Sensitive Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-09-13
Last Updated: 2010-09-13
Multiple vulnerabilities has been found and corrected in acpid:
A certain Red Hat patch for acpid 1.0.4 effectively triggers a call
to the open function with insufficient arguments, which might allow
local users to leverage weak permissions on /var/log/acpid, and obtain
sensitive information by reading this file, cause a denial of service
by overwriting this file, or gain privileges by executing this file
(CVE-2009-4033).
acpid 1.0.4 sets an unrestrictive umask, which might allow local users
to leverage weak permissions on /var/log/acpid, and obtain sensitive
unknown impact, related to LOOKUP_FOLLOW. (CVE-2010-1088)
The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem
in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9
does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure
members, which might allow local users to obtain sensitive information
from kernel memory via unspecified vectors. (CVE-2009-3228)
The do_pages_move function in mm/migrate.c in the Linux kernel before
2.6.33-rc7 does not validate node values, which allows local users
to read arbitrary kernel memory locations, cause a denial of service
http://www.sun.com/software/solaris/
II. DESCRIPTION
Local exploitation of an integer signedness error in Sun Microsystem's
Solaris could allow attackers to disclose sensitive information from
memory.
The FIFO FS (First In First Out File System) is a service provided by
the kernel that is commonly used for IPC (InterProcess Communication).
A FIFO is represented as a node in the file system, and is similar to
Cisco ASA 5500 Series Adaptive Security Appliances are affected by a
vulnerability that could allow unauthorized users to access a file
system (flash:, disk0:, disk1:, etc. but not system:) when the
security appliance is configured as a local CA server. No
authentication is required. File systems could contain sensitive
information, such as backup device configurations (which may contain
passwords or shared secrets), Cisco ASA Software images, or digital
certificates.
This vulnerability is documented in Cisco bug ID CSCtk12352 and has been
assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2011-0396.
======================================================================
2) Severity
Rating: Less critical
Impact: Exposure of sensitive information
Where: Remote
======================================================================
3) Vendor's Description of Software
attackers could abuse such high-risk attack vector to:
- - Execute arbitrary shell commands in the victim‟s workstation.
- - Direct the embedded IE to perform arbitrary HTTP requests (CSRF)
- - Include HTML controls (links, images, forms…) in IM text messages in
order to trick users into revealing sensitive information or performing
harmful actions against their accounts/workstation/etc.
- - Run JavaScript code within IE to enhance the attacks mentioned above.
- - Instantiate ActiveX controls, which attackers could use to target
vulnerabilities in the ActiveX objects themselves or use their
functionality to, for example, read arbitrary files from the victim's
======================================================================
2) Severity
Rating: Less critical
Impact: Exposure of sensitive information
Where: Local system
======================================================================
3) Vendor's Description of Software
http://www.oralb.com/us/products/power/triumphsmartguide/
II. DESCRIPTION
Remote exploitation of an information disclosure vulnerability in Oral B’s SmartGuide management system allows attackers to obtain sensitive information.
This vulnerability exists due to a lack of authentication between the toothbrush and the monitoring device. The simple association key is easily compromised allowing the toothbrush and monitoring device to be spoofed using by a malicious attacker.
There is also a possible wireless denial of service where a malicious attacker could stop the radio feedback and monitoring.
II. DESCRIPTION
Remote exploitation of a cross site scripting vulnerability in Apple
Inc.'s MobileSafari could allow an attacker to view sensitive
information in the context of the targeted domain.
This vulnerability occurs in MobileSafari's handling of the
Content-Disposition header, which is typically used to inform the
browser that an attachment is contained in the current response. Typical
browser behavior is to prompt the user with an Open dialog, asking them
I. INTRODUCTION
"Password Manager Pro is a secure vault for storing and managing shared
sensitive information such as passwords, documents and digital
identities of enterprises."
More information is available on the official product web site at the
following URL[1]:
unknown impact, related to LOOKUP_FOLLOW. (CVE-2010-1088)
The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem
in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9
does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure
members, which might allow local users to obtain sensitive information
from kernel memory via unspecified vectors. (CVE-2009-3228)
The do_pages_move function in mm/migrate.c in the Linux kernel before
2.6.33-rc7 does not validate node values, which allows local users
to read arbitrary kernel memory locations, cause a denial of service
Users with standard access rights/roles (e.g. "Statistics Visitor") are
able to access functions or methods of the Sawmill application where
they shouldn't have access to (default permissions of installation).
"Statistics visitor" users are able to access administrative functions
or admin menus in order to gain sensitive information or even manipulate
settings, create new profiles or delete profiles. The creation of new
profiles also results in a denial-of-service (temporarily until admin
deletes profiles) if more profiles are being created than the license
currently allows.
registry/file functions ---
Since registry and file access is done in kernel mode, every registry
key/value and file can be accessed. Normally protected files like SAM
database in registry or on disk can be easily accessed - NT/LM hashes
or other sensitive information could be compromised.
SABKUTIL.sys or SASKUTIL.sys drivers do not provide WriteFile()
wrapper method and arbitrary content cannot be written to arbitrary
files. This is not true for the registry access though, since all
relevant registry method wrappers are present. Limited user account
could thus not only read sensitive information (SAM database for
II. DESCRIPTION
Remote exploitation of an information disclosure vulnerability in Sun
Microsystem's Java System Active Server Pages allows attackers to
obtain sensitive information.
This vulnerability exists due to the placement of the password and
configuration data within the application server root directory. By
making requests for specific, sensitive documents an attacker could
obtain the configuration or password hashes of allowed users.
======================================================================
2) Severity
Rating: Not critical
Impact: Disclosure of sensitive information
Where: Local system
======================================================================
3) Vendor's Description of Software
The implementation of HTTP DIGEST authentication in tomcat was
discovered to have several weaknesses (CVE-2011-1184).
Apache Tomcat, when the MemoryUserDatabase is used, creates log entries
containing passwords upon encountering errors in JMX user creation,
which allows local users to obtain sensitive information by reading
a log file (CVE-2011-2204).
Apache Tomcat, when sendfile is enabled for the HTTP APR or HTTP
NIO connector, does not validate certain request attributes, which
allows local users to bypass intended file access restrictions or
2.6.27.21. (CVE-2009-1184)
drivers/char/agp/generic.c in the agp subsystem in the Linux kernel
before 2.6.30-rc3 does not zero out pages that may later be available
to a user-space process, which allows local users to obtain sensitive
information by reading these pages. (CVE-2009-1192)
Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux
kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow
remote attackers to obtain sensitive information via a large length
value, which causes garbage memory to be sent. (CVE-2009-1265)
AFFECTED: Veritas Storage Foundation 5.0
PLATFORM: Solaris, Linux, AIX, HP-UX
CLASSIFICATION: Sensitive Information Uncleared Before Release (CWE-226)
RESEARCHER: Derek Callaway
IMPACT: Data Leakage
Multiple vulnerabilities has been found and corrected in roundcubemail:
The login form in Roundcube Webmail before 0.5.1 does not properly
handle a correctly authenticated but unintended login attempt, which
makes it easier for remote authenticated users to obtain sensitive
information by arranging for a victim to login to the attacker's
account and then compose an e-mail message, related to a login CSRF
issue (CVE-2011-1491).
steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does
not properly verify that a request is an expected request for an
1. Impact on Business
=====================
Abusing this functionality, a remote and unauthenticated attacker would be able to gain sensitive information from an SAP System.
This information would help him in the process of compromising the security of the SAP server through more advanced attacks.
- - Risk Level: Medium
PXE Encryption Privacy Vulnerabilities
+-------------------------------------
Individual PXE Encryption users are vulnerable to two message privacy
vulnerabilities that could allow an attacker to gain access to
sensitive information. All the vulnerabilities require an attacker to
first intercept a secure e-mail message as a condition for successful
exploitation. Attackers can obtain secure e-mail messages by
monitoring a network or a compromised user e-mail account.
The IronPort Encryption Appliance contains a logic error that could
Next Page>>
|
