System Admin
Final notes:
This sql injection vulnerability has to be considerated as high risk because as ADMIN you
can inject php code by the Filter/Banning functionalities, ex:
click 'Administration Menu', then 'System Admin', then click on the Filters/Banning icon,
then 'Prohibited: Emails'
Now you can edit the /modules/system/cache/bademails.php file
Type in:
<?php eval($_GET[c]);?>
=======
CiscoWorks Common Services for both Oracle Solaris and Microsoft
Windows contains a vulnerability that could allow a remote
unauthenticated attacker to execute arbitrary code on a host device
with privileges of a system administrator.
Cisco has released free software updates that address this
vulnerability.
There are no workarounds that mitigate this vulnerability.
attackers to escalate privileges.
Background
==========
sudo allows a system administrator to give users the ability to run
commands as other users.
Affected packages
=================
v1.0 2007-01-11 Initial release.
v1.1 2007-08-01 Corrected patch for FreeBSD 5.5.
I. Background
The jail(2) system call allows a system administrator to lock a process
and all of its descendants inside an environment with a very limited
ability to affect the system outside that environment, even for
processes with superuser privileges. It is an extension of, but
far more powerful than, the traditional UNIX chroot(2) system call.
- Details
PacerCMS is susceptible to both persistent cross-site scripting and
SQL injection attacks. An attacker could use the public
'Write a Letter'(submit.php) form to send a message to the System
Administrator or staff member containing Javascript. The name,
headline, or text POST variables are not sufficiently sanitized.
The system administrator of the CMS sees a list of submitted
messages on siteadmin/index.php right after logging in. If an
attacker sends a message containing Javascript in the name or
arbitrary commands.
Background
==========
sudo allows a system administrator to give users the ability to run
commands as other users.
Affected packages
=================
restrict which systems can send NTP packets to ntpd(8).
Note that systems will only be affected if they have the "autokey" option
set in /etc/ntp.conf; FreeBSD does not ship with a default ntp.conf file,
so will not be affected unless this option has been explicitly enabled by
the system administrator.
V. Solution
Perform one of the following:
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.
I. Background
The jail(2) system call allows a system administrator to lock a process
and all of its descendants inside an environment with a very limited
ability to affect the system outside that environment, even for
processes with superuser privileges. It is an extension of, but
far more powerful than, the traditional UNIX chroot(2) system call.
> people run code on these machines because they are so expensive.
The point of the partitioning is that you can isolate semi-trusted usage so
it won't cause downtime for other semi-trusted users. The fact it
(a) marks the hardware as unusable
(b) doesn't let the system admin override/correct that
(c) requires _all_ hardware to be power cycled, not just the effected parts
is the problem. If (b) or (c) were fixed, I think the issue wouldn't be.
--
Curtis Maloney
A vulnerability in sudo may allow for privilege escalation.
Background
==========
sudo allows a system administrator to give users the ability to run
commands as other users.
Affected packages
=================
: you can saw the letter which was posted last week by one developer of
: one such vulnerable web application ---
from my reading of that exchange, i "thought" the author a 'system
administrator', rather THAN, the programmer of the flawed application.
from my experience, a sysadmin seldom enjoys the freedom programmers
enjoy.
: it's only way to draw attention of web developers to these issues.
username: '
password: test
An unrecoverable error has occurred.
Please report this message to your system administrator.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''''' at line 1
Exit
©2006 Trivantis Corporation. Trivantis and CourseMill are registered trademarks of Trivantis. All Rights Reserved.
EXPLOITATION:
-----------------------------------------------------------------------------------------
[ECHO_ADV_113$2010] BSI Hotel Booking System Admin Login Bypass Vulnerability
-----------------------------------------------------------------------------------------
Author : K-159
Date : September, 22th 2010
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=165
Critical Lvl : Moderate
Impact : Exposure of sensitive information
services by default (you can enable UDP filtering in the Advanced
settings). So no change here from the status quo.
--
brandon s. allbery [solaris,freebsd,perl,pugs,haskell] allbery@kf8nh.com
system administrator [openafs,heimdal,too many hats] allbery@ece.cmu.edu
electrical and computer engineering, carnegie mellon university KF8NH
== Description ==
Open Computer and Software (OCS) Inventory Next Generation (NG) is an
application designed to help a network or system administrator keep track
of the computers configuration and software that are installed on the network.
The vulnerability is a sql injection which exists in header.php file.
Attacker could pass a special sql string which can used to create/modify
information stored in the database or authenticated in any user.
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
h. Service Console package sudo updated to 1.6.9p17-6.el5_4
Sudo (su "do") allows a system administrator to delegate authority
to give certain users (or groups of users) the ability to run some
(or all) commands as root or another user while providing an audit
trail of the commands and their arguments.
When a pseudo-command is enabled, sudo permits a match between the
privileges and execute arbitrary code with root privileges.
Background
==========
sudo allows a system administrator to give users the ability to run
commands as other users.
Affected packages
=================
Title: Multiple Security Bugs In Hosting Controller
Critical: Extremely critical
Impact: Full system administrator access
Vendor: Hosting Controller
Version: 6.1 Hot fix <= 3.3
Vendor URL: www.hostingcontroller.com
Solution: N/A From company - There is temporary solution in this report
Exploit: Available
Release Date: 2007 - December
Credit: www.BugReport.ir
|
