Ibm Fix Pack Information For: Mac Address Restriction With Hea
- Ibm Fix Pack Information For: Mac Address Restriction With Head
- Ibm Fix Pack Information For: Mac Address Restriction With Headquarters
- Ibm Fix Pack Information For: Mac Address Restriction With Health Insurance
IBM HTTP Server Signals Processing Local Denial of Service Vulnerability Advisory ID: FrSIRT/ADV-2007-3100 CVE ID: CVE-2007-3304 Rated as: Low Risk Remotely Exploitable: No Locally Exploitable: Yes Release Date: 2007-09-10 Technical Description A vulnerability has been identified in IBM HTTP Server, which could be exploited by local attackers to cause a denial of service. This issue is caused by an error in Apache. For additional information, see: FrSIRT/ADV-2007-2357 Affected Products IBM HTTP Server versions 6.0.x IBM HTTP Server versions 6.1.x IBM HTTP Server versions 2.0.x Solution Apply patch: References http://www-1.ibm.com/support/docview.wss?uid=swg1PK50467. IBM WebSphere Application Server Edge Component Unspecified Vulnerability Advisory ID: FrSIRT/ADV-2007-3101 CVE ID: GENERIC-MAP-NOMATCH Rated as: Moderate Risk Remotely Exploitable: Yes Locally Exploitable: Yes Release Date: 2007-09-10 Technical Description A vulnerability has been identified in IBM WebSphere Application Server, which could be exploited by attackers to bypass security restrictions or gain knowledge of sensitive information. This issue is caused by an unspecified security exposure in the Edge component. No further details have been disclosed.
Affected Products IBM WebSphere Application Server 6.1.x Solution Upgrade to Fix Pack 11 (6.1.0.11): References Credits Vulnerability reported by the vendor. X.Org X Server Composite Extension Local Privilege Escalation Vulnerability Advisory ID: FrSIRT/ADV-2007-3098 CVE ID: CVE-2007-4730 Rated as: Moderate Risk Remotely Exploitable: No Locally Exploitable: Yes Release Date: 2007-09-10 Technical Description A vulnerability has been identified in X.Org X Server, which could be exploited by local attackers to obtain elevated privileges. This issue is caused by a buffer overflow error in the 'compNewPixmap' composite/compalloc.c function within the composite extension when copying the contents of pixmaps, which could be exploited by malicious users to execute arbitrary code with elevated privileges.
Affected Products X.Org X Server versions prior to 1.4 Solution Upgrade to X.Org X Server version 1.4: References Credits Vulnerability reported by Aaron Plattner. Total Commander FTP Filename Processing Directory Traversal Vulnerability Advisory ID: FrSIRT/ADV-2007-3102 CVE ID: GENERIC-MAP-NOMATCH Rated as: Moderate Risk Remotely Exploitable: Yes Locally Exploitable: Yes Release Date: 2007-09-10 Technical Description A vulnerability has been identified in Total Commander, which could be exploited by attackers to bypass security restrictions and potentially compromise an affected system.
This issue is caused by an input validation error when downloading files with specially crafted filenames, which could be exploited by attackers to place malicious files in arbitrary locations by tricking a user into downloading a specially crafted file. Affected Products Total Commander versions prior to 7.02 Total Commander versions prior to 6.57 Solution Upgrade to Total Commander version 7.02 or 6.57: References Credits Vulnerability reported by the Gynvael Coldwind.
Magellan Explorer FTP Filename Processing Directory Traversal Vulnerability Advisory ID: FrSIRT/ADV-2007-3103 CVE ID: GENERIC-MAP-NOMATCH Rated as: Moderate Risk Remotely Exploitable: Yes Locally Exploitable: Yes Release Date: 2007-09-10 Technical Description A vulnerability has been identified in Magellan Explorer, which could be exploited by attackers to bypass security restrictions and potentially compromise an affected system. This issue is caused by an input validation error when downloading files with specially crafted filenames, which could be exploited by attackers to place malicious files in arbitrary locations by tricking a user into downloading a specially crafted file from a malicious FTP server. Affected Products 3.32 built 2305 and prior Solution The FrSIRT is not aware of any official supplied patch for this issue. References Credits Vulnerability reported by the Gynvael Coldwind.
Debian Security Update Fixes Gforge Remote SQL Injection Vulnerability Advisory ID: FrSIRT/ADV-2007-3096 CVE ID: CVE-2007-3913 Rated as: Moderate Risk Remotely Exploitable: Yes Locally Exploitable: Yes Release Date: 2007-09-10 Technical Description A vulnerability has been identified in Debian, which could be exploited by attackers to execute arbitrary SQL queries. This issue is caused by an unspecified input validation error in Gforge when processing user-supplied parameters, which could be exploited by malicious people to conduct SQL injection attacks.
Affected Products Debian GNU/Linux sarge Debian GNU/Linux etch Debian GNU/Linux sid Solution Debian GNU/Linux sarge - Upgrade to gforge version 3.1-31sarge2 Debian GNU/Linux etch - Upgrade to gforge version 4.5.14-22etch1 Debian GNU/Linux sid - A fix will be available soon References. Debian Security Update Fixes phpMyAdmin Cross Site Scripting Vulnerabilities Advisory ID: FrSIRT/ADV-2007-3097 CVE ID: CVE-2006-6942 - CVE-2006-6944 - CVE-2007-1325 - CVE-2007-1395 - CVE-2007-2245 Rated as: Low Risk Remotely Exploitable: Yes Locally Exploitable: Yes Release Date: 2007-09-10 Technical Description Multiple vulnerabilities have been identified in Debian, which could be exploited by attackers to bypass security restrictions or execute arbitrary scripting code. Atok 2011 for mac. These issues are caused by errors in phpMyAdmin.
Ibm Fix Pack Information For: Mac Address Restriction With Head
For additional information, see: FrSIRT/ADV-2006-4572 - FrSIRT/ADV-2007-0831 - FrSIRT/ADV-2007-1508 Affected Products Debian GNU/Linux sarge Debian GNU/Linux etch Debian GNU/Linux sid Solution Debian GNU/Linux sarge - Upgrade to phpmyadmin version 2.6.2-3sarge4 Debian GNU/Linux etch - Upgrade to phpmyadmin version 2.9.0.3-4 Debian GNU/Linux sid - Upgrade to phpmyadmin version 2.10.1-1 References. Debian Security Update Fixes X.Org X Server Privilege Escalation Vulnerability Advisory ID: FrSIRT/ADV-2007-3099 CVE ID: CVE-2007-4730 Rated as: Moderate Risk Remotely Exploitable: No Locally Exploitable: Yes Release Date: 2007-09-10 Technical Description A vulnerability has been identified in Debian, which could be exploited by local attackers to obtain elevated privileges. This issue is caused by an error in X.Org X Server.
For additional information, see: FrSIRT/ADV-2007-3098 Affected Products Debian GNU/Linux etch Debian GNU/Linux sid Solution Debian GNU/Linux etch - Upgrade to xorg-server version 1.1.1-21etch1 Debian GNU/Linux sid - A fix will be available soon References. TITLE: Debian update for phpmyadmin SECUNIA ADVISORY ID: SA26733 VERIFY ADVISORY: CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote OPERATING SYSTEM: Debian GNU/Linux unstable alias sid Debian GNU/Linux 4.0 Debian GNU/Linux 3.1 DESCRIPTION: Debian has issued an update for phpmyadmin. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.
For more information: SA22969 SA24952 SOLUTION: Apply updated packages. ORIGINAL ADVISORY: OTHER REFERENCES: SA22969: SA24952.
Ibm Fix Pack Information For: Mac Address Restriction With Headquarters
TITLE: TorrentTrader Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA26551 VERIFY ADVISORY: CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: TorrentTrader 1.x DESCRIPTION: Some vulnerabilities have been discovered in TorrentTrader, which can be exploited by malicious users to conduct script insertion attacks. Input passed to the 'avatar' and 'title' form field parameters in accountsettings.php is not properly sanitised before being stored. This can be exploited to insert arbitrary HTML and script code, which is executed in an administrative user's browser session in context of an affected site when the malicious user's settings are being viewed in account-details.php. The vulnerabilities are confirmed in version 1.07.
Ibm Fix Pack Information For: Mac Address Restriction With Health Insurance
Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Dino Covotsos and Charlton Smith of Telspace Systems Research Team and an anonymous person.