Next Page >>
Unix systems
Affected Products:
Admin r8.1 SP2
Advantage Data Transformer r2.2
Allfusion Harvest Change Manager r7.1
CA ARCserve Backup for Unix r11.1, r11.5 GA/SP1/SP2/SP3
CA ARCserve Backup for Linux r11.1, r11.5 GA/SP1/SP2/SP3
CA Directory r8.1
CA Job Management Option R11.0
CA Single Sign-On r8.1
CleverPath Aion BPM r10.1, r10.2
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01362465
Version: 1
HPSBTU02311 SSRT080001 rev.1 - HP Tru64 UNIX running Perl, Remote Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-02-19
Last Updated: 2008-02-19
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01599836
Version: 1
HPSBTU02382 SSRT080132 rev.1 - HP Secure Web Server for Tru64 UNIX or Internet Express for Tru64 UNIX running PHP, Remote Denial of Service (DoS) or Arbitrary Code Execution
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-11-25
Last Updated: 2008-11-25
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01154600
Version: 1
HPSBTU02256 SSRT071449 rev.1 - HP Tru64 UNIX or HP Tru64 Internet Express running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-29
Last Updated: 2007-08-29
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01599842
Version: 1
HPSBTU02383 SSRT080098 rev.1 - HP Tru64 UNIX running AdvFS "showfile" command, Local Gain Extended Privileges
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-11-05
Last Updated: 2008-11-05
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01527346
Version: 1
HPSBTU02358 SSRT080058 rev.1 - HP Tru64 UNIX running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-08-12
Last Updated: 2008-08-13
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01404118
Version: 1
HPSBTU02322 SSRT080011 rev.1 - HP Tru64 UNIX running SSH/SFTP Server, Remote Execution of Arbitrary Code or Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-03-19
Last Updated: 2008-03-25
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01310389
Version: 1
HPSBTU02300 SSRT071452 rev.1 - HP Tru64 UNIX running FFM, Local Denial of Service (Dos)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-12-19
Last Updated: 2007-12-19
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01839839
Version: 1
HPSBTU02454 SSRT080172 rev.1 - HP Internet Express for Tru64 UNIX Running Samba, Remote Information Disclosure
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-11
Last Updated: 2009-08-11
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01420154
Version: 1
HPSBTU02325 SSRT080006 rev.1 - HP Internet Express for Tru64 UNIX running PostgreSQL, Arbitrary Code Execution, Privilege Elevation, or Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-04-01
Last Updated: 2008-04-01
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01837667
Version: 2
HPSBTU02453 SSRT091037 rev.2 - HP Tru64 UNIX or HP Tru64 Internet Express Running BIND Server, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-24
Last Updated: 2009-08-24
On some systems an attacker can hardlink a root-owned symlink to
for example /var/mail, and cause Postfix to append mail to existing
files that are owned by root or non-root accounts. This can happen
on operating systems with specific non-standard behavior.
Symlinks (symbolic links) implement aliasing for UNIX pathnames.
They were introduced with 4.2BSD UNIX in 1983, and were adopted by
other UNIX systems in the course of time. Hardlinks are older and
implement the primary mechanism for accessing file system objects.
In some UNIX systems, the link(symlink, newpath) operation has
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01192554
Version: 1
HPSBTU02276 SSRT071472 rev.1 - HP Tru64 UNIX Running Apache Tomcat, Remote Unauthorized Access, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-10-15
Last Updated: 2007-10-15
Advisory URL: http://securityreason.com/achievement_securityalert/46
Vendor: http://httpd.apache.org
- --- 0.Description ---
The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards.
Apache has been the most popular web server on the Internet since April 1996. The November 2005 Netcraft Web Server Survey found that more than 70% of the web sites on the Internet are using Apache, thus making it more widely used than all other web servers combined.
- --- 1. Apache2 XSS Undefined Charset UTF-7 XSS Vulnerability ---
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01961950
Version: 1
HPSBTU02496 SSRT090245 rev.1 - HP Tru64 UNIX Running NTP, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-10-04
Last Updated: 2010-10-04
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01837667
Version: 1
HPSBTU02453 SSRT091037 rev.1 - HP Tru64 UNIX BIND Server, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-06
Last Updated: 2009-08-06
Hash: SHA1
Executive Summary
- -----------------
Unprivileged local users can obtain root access on Unix systems where
the DISA SRR scripts are run. If a remote user can introduce a file
into the filesystem (e.g. anonymous ftp, http upload, cdrom, samba
share, etc.), root access may be obtained by remote, and potentially
anonymous, users.
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01837667
Version: 1
HPSBTU02453 SSRT091037 rev.1 - HP Tru64 UNIX BIND Server, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-06
Last Updated: 2009-08-06
server and issues a series of shell command, using send-expect technique.
The system allows users to submit passwords containing control
characters including new line (ASCII 0x0A). The implementation of
send-expect mechanism fails to handle such passwords correctly. This
flaw allows an unprivileged Sun IDM user to execute an arbitrary UNIX
shell command by requesting a password to be changed to a specially
crafted value. The injected command will be executed with root
privileges on all UNIX systems the user is provisioned on.
3) Details
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 09, 2008
I. BACKGROUND
The Common UNIX Printing System, more commonly referred to as CUPS,
provides a standard printer interface for various Unix based operating
systems. "imagetops" is a part of CUPS responsible for creating
PostScript representations of different graphic file formats. For more
information, visit the vendor's website at the following URL.
==
== Summary: When the "winbind nss info" parameter in
== smb.conf is set to either "sfu" or "rfc2307",
== Windows users are incorrectly assigned
== a primary gid of 0 in the absence of the
== RFC2307 or Services or Unix (SFU) primary
== group attributes.
==
==========================================================
===========
The files are named phpXXXX.tmp (where X's charset is 'a'-'z', 'A'-'Z',
'0'-'9'). Example: php1A00.tmp
This 4 char random number is a limitation of PHP on Windows.
PHP on Unix is using 6 chars for its temporary filenames so it doesn't
reach this condition.
12:31 - attack is aborted
12:39 - CPU usage is still 100%, web server is not responsive.
13:08 - CPU usage is still 100%, web server is responsive.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
After the issue in CVE-2009-4211 was made public, the Unix SRR script
was removed from http://iase.disa.mil/stigs/SRR/unix.html with a note
saying:
?Due to a recently identified security issue, please do not run any
version of the UNIX SRR scripts until further notice. The UNIX SRR
scripts will be corrected and posted as soon as possible. Please check
In general, a standard system upgrade is sufficient to effect the
necessary changes.
ATTENTION: This update changes the default samba behaviour. For security
reasons, it is no longer possible to use wide links and UNIX extensions at
the same time. After applying this security update, wide links will be
disabled automatically as UNIX extensions are turned on by default. If
wide links are required, you can re-enable them by adding
"unix extensions = no" to the [global] section of the /etc/samba/smb.conf
configuration file.
A potential security vulnerability has been identified in HP OpenView Operations (OVO) Agents running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code.
References: CVE-2007-3872
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP OpenView OVO Agents OVO8.x HTTPS agents on AIX, HP-UX (IA and PA), HP Tru64 Unix, Solaris, and Windows running Shared Trace Service.
BACKGROUND
Note: HP OpenView Operations (OVO) requires HP OpenView Network Node Manager (OV NNM) on the OVO server. OVO will install OV NNM if it is not already present. OV NNM requires the installation of certain patches to be compatible with the resolution discussed below. To insure correct operation the recommendations of Security Bulletin HPSBMA02242 SSRT061260 must be implemented before the recommendations of this Security Bulletin.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I - TITLE
Security advisory: McAfee Virus Scan for Linux and Unix v5.10.0 Local
Buffer Overflow
II - SUMMARY
Description: Local buffer overflow vulnerability in McAfee Virus Scan
A potential security vulnerability has been identified in HP OpenView Operations (OVO) Agents running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code.
References: -> CVE-2007-3872
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP OpenView OVO Agents OVO8.x HTTPS agents on AIX, HP-UX (IA and PA), HP Tru64 Unix, Solaris, and Windows running Shared Trace Service.
BACKGROUND
- -> Note: HP OpenView Operations (OVO) requires HP OpenView Network Node Manager (OV NNM) on the OVO server. OVO will install OV NNM if it is not already present. OV NNM requires the installation of certain patches to be compatible with the resolution discussed below. To insure correct operation the recommendations of Security Bulletin HPSBMA02242 SSRT061260 must be implemented before the recommendations of this Security Bulletin.
There have been cases and quite a few.
My first thoughts were about Word Perfect. Actually it is just a
representative of a wider class of apps there. The semantics of locking
on Windows and Unix differ and when apps get ported (especially using a
toolkit) people do not account for the advisory nature of Unix flock().
As a result files that were reasonably safe in the original environment
due to OS-level exclusive locking stop being so on the Unix port.
Also, while it is a wonderful position to stand up and proclaim that
> Traversing symlinks on the server/share, or creation of "wide"
symlinks
> by the client on the server/share?
>
> Since Windows 2000 NTFS supports "junctions", which pretty much
> resemble Unix symlinks, but only for directories.
> See <http://support.microsoft.com/kb/205524/en-us>
And at least since Vista, it also supports symlinks, which are designed
to mimic Unix symlinks, and can point to files or directories. Junctions
and symlinks can cross volumes; symlinks can also refer to files or
that doesn't exist, really works.
This is because of the many (evil) normalization instructions and
routines implemented in PHP in conjunction with a feature: include_path.
include_path is a feature of PHP similar to the PATH on unix systems,
when an include, include_once, require or require_once call is made if
the file is relative (eg: doesn't begin with a slash or a drive letter
on Windows) a lookup will happen in every path defined in include_path.
include_path is defined both at ./configure time and in the php.ini or
Next Page>>
|
