VARIoT IoT vulnerabilities database
| VAR-200904-0291 | CVE-2009-1185 | udev Netlink Message Validation Local Privilege Escalation Vulnerability |
CVSS V2: 7.2 CVSS V3: - Severity: HIGH |
udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. The 'udev' Linux application is prone to a local privilege-escalation vulnerability because it fails to properly handle netlink messages.
Local attackers may exploit this issue to gain elevated privileges, which may lead to a complete compromise of the system.
Versions prior to udev 141 are vulnerable. Its main function is to manage device nodes in the /dev directory. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -----------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2009-0009
Synopsis: ESX Service Console updates for udev, sudo, and curl
Issue date: 2009-07-10
Updated on: 2009-07-10 (initial release of advisory)
CVE numbers: CVE-2009-1185 CVE-2009-0034 CVE-2009-0037
- -----------------------------------------------------------------------
1. Summary
Update for Service Console packages udev,sudo, and curl
2. Relevant releases
VMware ESX 4.0.0 without bulletin ESX400-200906411-SG,
ESX400-200906406-SG, ESX400-200906407-SG.
3. Problem Description
a.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-1185 to this issue.
Please see http://kb.vmware.com/kb/1011786 for details.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX ESX400-200906411-SG
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
b. Service Console package sudo
Service Console package for sudo has been updated to version
sudo-1.6.9p17-3. This fixes the following issue: Sudo versions
1.6.9p17 through 1.6.9p19 do not properly interpret a system group
in the sudoers file during authorization decisions for a user who
belongs to that group, which might allow local users to leverage an
applicable sudoers file and gain root privileges by using a sudo
command.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-0034 to this issue.
Please see http://kb.vmware.com/kb/1011781 for more details
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX ESX400-200906411-SG
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
c. Service Console package curl
Service Console package for curl has been updated to version
curl-7.15.5-2.1. This fixes the following issue: The redirect
implementation in curl and libcurl 5.11 through 7.19.3, when
CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location
values, which might allow remote HTTP servers to trigger arbitrary
requests to intranet servers, read or overwrite arbitrary files by
using a redirect to a file: URL, or execute arbitrary commands by
using a redirect to an scp: URL.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-0037 to this issue.
Please see http://kb.vmware.com/kb/1011782 for details
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX ESX400-200906407-SG
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
4. Solution
Please review the patch/release notes for your product and version
and verify the md5sum of your downloaded file.
ESX 4.0
-------
ESX400-200906001
http://tinyurl.com/ncfu5s
md5sum:cab549922f3429b236633c0e81351cde
sha1sum:aff76554ec5ee3c915eb4eac02e62c131163059a
Note: ESX400-200906001 contains the following security fixes
ESX400-200906411-SG, ESX400-200906406-SG, ESX400-200906405-SG,
ESX400-200906407-SG.
To install an individual bulletin use esxupdate with the -b option.
esxupdate --bundle ESX400-200906001.zip -b ESX400-200906411-SG \
-b ESX400-200906406-SG -b ESX400-200906405-SG -b \
ESX400-200906407-SG update
5. References
CVE numbers
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0034
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037
- -------------------------------------------------------------------------
6. Change log
2009-07-10 VMSA-2009-0008
Initial security advisory after release of bulletins for ESX 4.0 on
2009-07-10.
- ------------------------------------------------------------------------
7. Contact
E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
* security-announce at lists.vmware.com
* bugtraq at securityfocus.com
* full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com
PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center
http://www.vmware.com/security
VMware security response policy
http://www.vmware.com/support/policies/security_response.html
General support life cycle policy
http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy
http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
iD8DBQFKV9esS2KysvBH1xkRAn2bAJ91HvmEkAxVpRxehax8rGzBd+ufcwCeIhk8
zk/ROHHbZJmWN44MlbMIx/8=
=fQaI
-----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200904-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: udev: Multiple vulnerabilities
Date: April 18, 2009
Bugs: #266290
ID: 200904-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Two errors in udev allow for a local root compromise and a Denial of
Service.
Background
==========
udev is the device manager used in the Linux 2.6 kernel series.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 sys-fs/udev < 124-r2 >= 124-r2
Description
===========
Sebastian Krahmer of SUSE discovered the following two vulnerabilities:
* udev does not verify the origin of NETLINK messages properly
(CVE-2009-1185).
* A buffer overflow exists in the util_path_encode() function in
lib/libudev-util.c (CVE-2009-1186).
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All udev users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-fs/udev-124-r2"
References
==========
[ 1 ] CVE-2009-1185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185
[ 2 ] CVE-2009-1186
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1186
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200904-18.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2009 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
The updated packages have been patched to prevent this.
Update:
Packages for 2008.0 are being provided due to extended support for
Corporate products.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1186
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
8268a6d9b8b782f008c6bad08081aa1f 2008.0/i586/libvolume_id0-114-7.1mdv2008.0.i586.rpm
f25010279ad483a4bd1df3300be1eff5 2008.0/i586/libvolume_id0-devel-114-7.1mdv2008.0.i586.rpm
527afa06fad5b28de6ba60c12c5cc685 2008.0/i586/udev-114-7.1mdv2008.0.i586.rpm
b472ccee86044dba507029b63385e306 2008.0/i586/udev-doc-114-7.1mdv2008.0.i586.rpm
33a3aeb9701b9a90b776b08595055f05 2008.0/i586/udev-tools-114-7.1mdv2008.0.i586.rpm
b6057c15bb22b381d07ee45a6bc81974 2008.0/SRPMS/udev-114-7.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
8e05d00d129d11f2442390ec7dd4174c 2008.0/x86_64/lib64volume_id0-114-7.1mdv2008.0.x86_64.rpm
2718c04a037f773bca23b010265071ce 2008.0/x86_64/lib64volume_id0-devel-114-7.1mdv2008.0.x86_64.rpm
6756f2bb0dad6dee8188e5dccc1f92cb 2008.0/x86_64/udev-114-7.1mdv2008.0.x86_64.rpm
b65a69fde92e29d6affa25d32e881dff 2008.0/x86_64/udev-doc-114-7.1mdv2008.0.x86_64.rpm
bf39012f0e457b61fd203711625d78dc 2008.0/x86_64/udev-tools-114-7.1mdv2008.0.x86_64.rpm
b6057c15bb22b381d07ee45a6bc81974 2008.0/SRPMS/udev-114-7.1mdv2008.0.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLF8RvmqjQ0CJFipgRAp5ZAJ0YBHRyssp4RsoVDk8awKDSM9mnhACgqeEn
aP7lY4N3P6dafT+v4TzBfgE=
=S27a
-----END PGP SIGNATURE-----
. ===========================================================
Ubuntu Security Notice USN-758-1 April 15, 2009
udev vulnerabilities
CVE-2009-1185, CVE-2009-1186
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 7.10
Ubuntu 8.04 LTS
Ubuntu 8.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
udev 079-0ubuntu35.1
Ubuntu 7.10:
udev 113-0ubuntu17.2
Ubuntu 8.04 LTS:
udev 117-8ubuntu0.2
Ubuntu 8.10:
udev 124-9ubuntu0.2
After a standard system upgrade you need to reboot your computer to
effect the necessary changes. (CVE-2009-1186)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1.diff.gz
Size/MD5: 51122 c7d3b676db9a83db24f422a285438ca7
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1.dsc
Size/MD5: 670 7cbaeaa0f9888994397d3d7cf90e3658
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079.orig.tar.gz
Size/MD5: 281803 2b34fbddeadee3728ffe28121d6c1ebd
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_079-0ubuntu35.1_amd64.udeb
Size/MD5: 142138 1392a4f575c8acda5672fc62f637b3fb
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1_amd64.deb
Size/MD5: 279030 84f654a125f3e3d0725103cfe68420b0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_079-0ubuntu35.1_i386.udeb
Size/MD5: 109638 4882b6311f73bef9868881b1c5e8ed41
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1_i386.deb
Size/MD5: 239122 af377acadfffddf3d9040dc23286fc8f
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_079-0ubuntu35.1_powerpc.udeb
Size/MD5: 118100 d792bd2e62989a8d95309aed153e4289
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1_powerpc.deb
Size/MD5: 280766 b306f68f10ff06ca5cd9ee17828d39d5
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_079-0ubuntu35.1_sparc.udeb
Size/MD5: 115618 63bcef9fd2bada2eafe266d7796a84c9
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1_sparc.deb
Size/MD5: 247624 4b80d6ca0c5e076f249087c118962922
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2.diff.gz
Size/MD5: 55913 a7a1ba8a02b2fe905bc71743e5a5c7c0
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2.dsc
Size/MD5: 728 7b6e062975bbe336c2d760e5ff11572a
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113.orig.tar.gz
Size/MD5: 239920 be4948d5057ae469de9bea8ae588221e
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_amd64.deb
Size/MD5: 86226 3f5adacc769ddfe17fafd79c54ce81a7
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_amd64.deb
Size/MD5: 81900 edaba987b6002b09d6b4173e156e330e
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_amd64.udeb
Size/MD5: 149804 e601d0c2bc7037a8df133a30d1f76605
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2_amd64.deb
Size/MD5: 304258 7a2173b367fc88bf531bfb706e3e1f8b
http://security.ubuntu.com/ubuntu/pool/main/u/udev/volumeid_113-0ubuntu17.2_amd64.deb
Size/MD5: 75160 fd8f032baabb6f0bbfc6f371cec52e1c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_i386.deb
Size/MD5: 83892 12a63120228e99b4730f010cd361c244
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_i386.deb
Size/MD5: 80572 6b5994b0eadaaee1f523de159718b408
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_i386.udeb
Size/MD5: 132812 630042b66ab4a4344191fc82ecec0a38
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2_i386.deb
Size/MD5: 288284 986d47c76158ade2a30e6a1948f55082
http://security.ubuntu.com/ubuntu/pool/main/u/udev/volumeid_113-0ubuntu17.2_i386.deb
Size/MD5: 74174 902478d959375b71e2b78cf0f0f8d82a
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_lpia.deb
Size/MD5: 83926 a32df0b3fe432aadfad07d3961e20a7e
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_lpia.deb
Size/MD5: 80568 0266ced7497651f1bc9996ee0e00d6c5
http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_lpia.udeb
Size/MD5: 132732 386aa29c7b1175fac96d231a0e255118
http://ports.ubuntu.com/pool/main/u/udev/udev_113-0ubuntu17.2_lpia.deb
Size/MD5: 288604 e05dbb1b8ff89c24b26cf318550442d6
http://ports.ubuntu.com/pool/main/u/udev/volumeid_113-0ubuntu17.2_lpia.deb
Size/MD5: 74138 bf4aa952e2d07c0d27fba4e858dcd678
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_powerpc.deb
Size/MD5: 87538 e0b0ae6ebf9847c5a4141950026b29f2
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_powerpc.deb
Size/MD5: 83398 a4372fb8399d28496fe8ed7a03fe2aab
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_powerpc.udeb
Size/MD5: 149236 99bdb65c79ce39bf881fa56972a7df76
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2_powerpc.deb
Size/MD5: 336274 d575f25a976f8cbd4cd123f47c696305
http://security.ubuntu.com/ubuntu/pool/main/u/udev/volumeid_113-0ubuntu17.2_powerpc.deb
Size/MD5: 77432 6c548fabc0ad7861f125de70071cd0d7
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_sparc.deb
Size/MD5: 87846 a331c703a9b11a20670a160d9bc5a16e
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_sparc.deb
Size/MD5: 83846 6d2a1c58ea38e9b71fba17f841b4a26c
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_sparc.udeb
Size/MD5: 141244 de4f7c09715c900cda38abbf53a6bf0f
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2_sparc.deb
Size/MD5: 294436 4591981586a1d547ea33c3cc8b09b39b
http://security.ubuntu.com/ubuntu/pool/main/u/udev/volumeid_113-0ubuntu17.2_sparc.deb
Size/MD5: 74714 cee96bfcea22c72a410644cb812591c0
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117-8ubuntu0.2.diff.gz
Size/MD5: 65730 81fffa88d20b553d3957cc5180258028
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117-8ubuntu0.2.dsc
Size/MD5: 716 5ce142feffe74504599351ce14f8e79c
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117.orig.tar.gz
Size/MD5: 245289 1e2b0a30a39019fc7ef947786102cd22
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_amd64.deb
Size/MD5: 90008 9b726512e3681753aa17b4c28f5f0c97
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_amd64.deb
Size/MD5: 85680 7b719dd5b310814d742d82e8187936ad
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_amd64.udeb
Size/MD5: 142424 3b3556f38c4751c19e94dfa442378975
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117-8ubuntu0.2_amd64.deb
Size/MD5: 275764 a7341d40aaf3886ede818bacdb8f725b
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_i386.deb
Size/MD5: 87874 bba06e76c225f835d4bd5da9cf71cb17
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_i386.deb
Size/MD5: 84476 2aaa0302816eb8d524b4b9eed6cc6664
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_i386.udeb
Size/MD5: 125376 12efe871f550741a6070849ecbf345d8
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117-8ubuntu0.2_i386.deb
Size/MD5: 262096 14de9f79f3e92bca2fd087747fe2cbe4
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_lpia.deb
Size/MD5: 87820 06ae468615109e9693007bbbbd5ab76c
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_lpia.deb
Size/MD5: 84344 74698366a89ff79f7da56e1e8081b7f8
http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_lpia.udeb
Size/MD5: 125366 24e6abe9d2d71edc59c8fee7c321aac4
http://ports.ubuntu.com/pool/main/u/udev/udev_117-8ubuntu0.2_lpia.deb
Size/MD5: 262202 ccd906dc5ba0f8150d2e54560cb506fa
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_powerpc.deb
Size/MD5: 91184 0244aee4cd0b49b752b60bb69b822e8d
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_powerpc.deb
Size/MD5: 87282 717d460e52f5208028b8a114c41441d3
http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_powerpc.udeb
Size/MD5: 142902 ac0227c34eabb4f40f8011ab810c6774
http://ports.ubuntu.com/pool/main/u/udev/udev_117-8ubuntu0.2_powerpc.deb
Size/MD5: 284190 791467a0daac1a186b308a5260998765
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_sparc.deb
Size/MD5: 91172 5d7f21eb5e8183fd4a3a93a08e71fa9a
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_sparc.deb
Size/MD5: 87420 5799e495a349dffb947bca5b831e0a59
http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_sparc.udeb
Size/MD5: 134148 07f30c5e47363b26a07a695ef208ac39
http://ports.ubuntu.com/pool/main/u/udev/udev_117-8ubuntu0.2_sparc.deb
Size/MD5: 268260 81d8d2489b05238c43928ccca028fd97
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124-9ubuntu0.2.diff.gz
Size/MD5: 60670 3294d977bf37ae45a66d47b624b60db0
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124-9ubuntu0.2.dsc
Size/MD5: 1092 b52e321c7c4c0e0d6d292167cb6019f8
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124.orig.tar.gz
Size/MD5: 257418 2ea9229208154229c5d6df6222f74ad7
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_amd64.deb
Size/MD5: 93152 2ae90a4dc2bad933180b03169f021786
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_amd64.deb
Size/MD5: 88906 31e1fc7a2a7546cdb6c26b38df29cab3
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_amd64.udeb
Size/MD5: 140768 bff970a06a6364bec08459be64169da8
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124-9ubuntu0.2_amd64.deb
Size/MD5: 280684 09f8b16a2b7b7b5c637e314302ad27b1
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_i386.deb
Size/MD5: 90866 348a4b3c7ecace17161c156f648ef7f5
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_i386.deb
Size/MD5: 87674 af9f5a9f38ebff8867ea1d6055e33705
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_i386.udeb
Size/MD5: 124664 65a463c6512f87e71b40640809f68245
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124-9ubuntu0.2_i386.deb
Size/MD5: 263786 34aa4d7ad23bcd6fe682d5c958c2b176
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_lpia.deb
Size/MD5: 90952 13a89ac0608a4432f8fe3410798bfc80
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_lpia.deb
Size/MD5: 87526 c62d3f557da0f00a683dd2affab3ac18
http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_lpia.udeb
Size/MD5: 124596 227b5495edd9e8164030ec9e3445206f
http://ports.ubuntu.com/pool/main/u/udev/udev_124-9ubuntu0.2_lpia.deb
Size/MD5: 263960 55a49a09202c83919fc7966e9cb4f0e9
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_powerpc.deb
Size/MD5: 94720 9f705767aec000389c4a0ac5547e4b08
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_powerpc.deb
Size/MD5: 90490 0a821585e04ab4a3ae43fba609d15bad
http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_powerpc.udeb
Size/MD5: 136420 a13c982f31bb35caf8bdfa0230d6bf25
http://ports.ubuntu.com/pool/main/u/udev/udev_124-9ubuntu0.2_powerpc.deb
Size/MD5: 283654 27a1278de0e01ecd84806b4c52242130
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_sparc.deb
Size/MD5: 94552 4ca615812516cb06abbeb05936f60e3c
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_sparc.deb
Size/MD5: 90856 7c2cbb37e564258dcf75f2f0a85ebe51
http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_sparc.udeb
Size/MD5: 136020 0f478380b3c641b037818ed607eea594
http://ports.ubuntu.com/pool/main/u/udev/udev_124-9ubuntu0.2_sparc.deb
Size/MD5: 274892 2f392b3a4d9d271db107930adc81e8e4
.
CVE-2009-1186
udev suffers from a buffer overflow condition in path encoding,
potentially allowing arbitrary code execution.
For the old stable distribution (etch), these problems have been fixed in
version 0.105-4etch1.
For the stable distribution (lenny), these problems have been fixed in
version 0.125-7+lenny1.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your udev package.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Source archives:
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1.diff.gz
Size/MD5 checksum: 65496 c004ab727c31c58012eb518ea1293c06
http://security.debian.org/pool/updates/main/u/udev/udev_0.105.orig.tar.gz
Size/MD5 checksum: 188150 9d58389d5ef915c49681cae4fba3cd60
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1.dsc
Size/MD5 checksum: 653 11e4e0cb9bc8cb2f93890e80e9314a7b
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_alpha.udeb
Size/MD5 checksum: 133696 82ebf80715efaa545bb98fa92b5c6e30
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_alpha.deb
Size/MD5 checksum: 293006 6e1ff1cf34638ebe01d6a7cc3771eef9
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_alpha.deb
Size/MD5 checksum: 25892 17fc41c4605c256b933cefcda3c21a48
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_alpha.deb
Size/MD5 checksum: 67762 335db6bf028839d64d656b3b243d3e23
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_amd64.deb
Size/MD5 checksum: 277954 4daf7f67c7ddb2bea7906c3a2e5f4450
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_amd64.deb
Size/MD5 checksum: 17570 abb465d39529deff8a8a44e6e3511e92
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_amd64.deb
Size/MD5 checksum: 64016 1fa7e638e153131fae0794bdfa29f10e
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_amd64.udeb
Size/MD5 checksum: 118680 18f17e7030d7ec1c8445e8b2e5420150
arm architecture (ARM)
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_arm.deb
Size/MD5 checksum: 266724 8cb242b97c43b91065a51ad06e341c26
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_arm.deb
Size/MD5 checksum: 65394 053e04d02f57089c52ee9ed2dedd1824
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_arm.deb
Size/MD5 checksum: 18146 06aaf0730d2822b9efc3658d9c6aad6f
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_arm.udeb
Size/MD5 checksum: 108792 d1d15e13b7acaf80449d70a46474d5cc
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_hppa.deb
Size/MD5 checksum: 284024 5a95e42a4bc958ea800d0ad2fc7137f7
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_hppa.deb
Size/MD5 checksum: 69216 1fa0f6be4314a15c272008889ad5cdd3
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_hppa.udeb
Size/MD5 checksum: 123292 9423477a619848bc5b897c183578eedf
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_hppa.deb
Size/MD5 checksum: 22822 2e425348f052eb7227af5b4162d87886
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_i386.deb
Size/MD5 checksum: 62672 1fb6a5c71a746c54d2d153f82d156622
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_i386.udeb
Size/MD5 checksum: 104858 6755b7f2be45c09dcfbeba11b71fb2b4
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_i386.deb
Size/MD5 checksum: 15596 42d679cf1bf5708e12f2ebe0928d0f17
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_i386.deb
Size/MD5 checksum: 263502 c771e199202b3a30191e562591b2a5f1
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_ia64.deb
Size/MD5 checksum: 71234 db3642925a8d81f1d63fa5a194be85ca
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_ia64.deb
Size/MD5 checksum: 348482 03798072d8288f3e6080f6a32178a55a
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_ia64.deb
Size/MD5 checksum: 26664 f1eeb303578e5d42c46d1d50bedc3427
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_ia64.udeb
Size/MD5 checksum: 178622 1681eaf7e11447c584d199eca57c7829
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_mips.deb
Size/MD5 checksum: 21846 c154d642eeaec8a4ff465d0dd7854d6f
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_mips.deb
Size/MD5 checksum: 278706 c612857d27e034d3979476512798bb43
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_mips.udeb
Size/MD5 checksum: 123368 547c1b25665f105ca681dbb1efe1841d
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_mips.deb
Size/MD5 checksum: 65332 0a7201607ea9d769cbd09ebc96905500
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_mipsel.deb
Size/MD5 checksum: 279278 6a3d796f15b65b8b61a991cd2631ef69
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_mipsel.deb
Size/MD5 checksum: 65140 e5d91868a42e3a0c36eb30f512376db1
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_mipsel.udeb
Size/MD5 checksum: 123416 b97a524a2ea9289b38467dd03d5213db
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_mipsel.deb
Size/MD5 checksum: 21560 672e1b4ffc6da2e7d8c6ffdbfebd5b51
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_powerpc.udeb
Size/MD5 checksum: 109412 149ab68cffb0272aadbd758c45f640fc
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_powerpc.deb
Size/MD5 checksum: 18832 d37c3f79c808b6b775e9b5e82c265cdc
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_powerpc.deb
Size/MD5 checksum: 65400 e1030bc12fcca0cf4ca2f4000a9d732e
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_powerpc.deb
Size/MD5 checksum: 283004 083d7593e935231bfbc1868d54be6899
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_s390.deb
Size/MD5 checksum: 66024 63704d890de325cce6d3ab739bfcc5df
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_s390.deb
Size/MD5 checksum: 280362 68985aade59854bea6933ba6b9825152
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_s390.udeb
Size/MD5 checksum: 119284 b89e7a4ae300862b138c65d1a65f5861
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_s390.deb
Size/MD5 checksum: 19968 8176690f76660c6dfdbb9d0a0ad1c85b
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_sparc.udeb
Size/MD5 checksum: 108102 09f683e56ddcf705f6b0f1ff1465299a
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_sparc.deb
Size/MD5 checksum: 261794 0c02b3cc77b22cc7ec88c424bc5342ab
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_sparc.deb
Size/MD5 checksum: 66058 44da6bfe900da48fd4ac0b367846c23b
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_sparc.deb
Size/MD5 checksum: 18924 2871710daab3972cda3485866c1ff0f7
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1.diff.gz
Size/MD5 checksum: 63221 1cdb4f78dc7cf5c5702fa69e3f528724
http://security.debian.org/pool/updates/main/u/udev/udev_0.125.orig.tar.gz
Size/MD5 checksum: 254564 be98e04cefdd9ca76b8fe7e92735ce29
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1.dsc
Size/MD5 checksum: 1031 3c1c71e9321ee24dcbb4237bda82ecf8
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_alpha.deb
Size/MD5 checksum: 81916 0d0d955ef294f83409f7729287911834
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_alpha.udeb
Size/MD5 checksum: 148990 83667ad6d0c6d0c43ddd851d139f1fd6
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_alpha.deb
Size/MD5 checksum: 281758 61570a51644b3470c4ca8306f6531d2f
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_alpha.deb
Size/MD5 checksum: 2436 82668adc7df4b743eff35e1c353f5101
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_amd64.udeb
Size/MD5 checksum: 128220 6951de1f9f2a952c718c6322d4cc041c
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_amd64.deb
Size/MD5 checksum: 266322 d25ceb9d564f9ff30cc841432588d11a
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_amd64.deb
Size/MD5 checksum: 2426 c04b51779d612328c0e63048ae9112e2
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_amd64.deb
Size/MD5 checksum: 77548 68d9da089db647fed48a5e2e126109a0
arm architecture (ARM)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_arm.deb
Size/MD5 checksum: 79020 8990da78870b19da2123a246308b9f42
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_arm.udeb
Size/MD5 checksum: 123542 64e28579a5dd7f20902b4683c1c2d717
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_arm.deb
Size/MD5 checksum: 2438 6749f4622bebfb95248e522d031ac012
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_arm.deb
Size/MD5 checksum: 257106 80d322c9d53711a0fee58af3d027e32d
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_armel.deb
Size/MD5 checksum: 2440 27ff9848ed16db7e8c5ca75f0a022403
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_armel.deb
Size/MD5 checksum: 258074 fce468ead3db83d21356f1da16e50e9d
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_armel.udeb
Size/MD5 checksum: 124506 2eb7a09d5ee3b5c308ac221851fc1573
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_armel.deb
Size/MD5 checksum: 79228 2c16ecd4418d9fcd3f6dadf85fab95bb
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_hppa.deb
Size/MD5 checksum: 84240 5f32416e51f5ee674c8331429bcd71ad
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_hppa.deb
Size/MD5 checksum: 274388 9464fdcd2dac50388cf23d2e891fa903
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_hppa.udeb
Size/MD5 checksum: 142578 18523c4afa6e272ed8449dc433bb68ce
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_hppa.deb
Size/MD5 checksum: 2438 187adc54d95719c8bf2a20c73b9b820a
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_i386.deb
Size/MD5 checksum: 253168 9667472701f5f78e75f944afe4e18a1f
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_i386.deb
Size/MD5 checksum: 76280 c9f04437d9c090e54fdfaf4c08b04273
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_i386.udeb
Size/MD5 checksum: 115724 05843396641d6e8eed4d417020969f23
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_i386.deb
Size/MD5 checksum: 2426 ea4c748d93da3e0ffd9c070461fb9ea4
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_ia64.deb
Size/MD5 checksum: 85644 2594d69577d4d309f6be2878524641f2
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_ia64.udeb
Size/MD5 checksum: 190230 a682ed3c0b26b059740b37ac0976bd93
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_ia64.deb
Size/MD5 checksum: 2432 0c4b9c1716892330ff482e8a8cb2f12d
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_ia64.deb
Size/MD5 checksum: 324656 efa495e7fc30164bb91958f81a5f0e02
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_mips.udeb
Size/MD5 checksum: 135612 f596cc4d41bf41fa78d25deae191df8a
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_mips.deb
Size/MD5 checksum: 2436 ef6056a525dd10b577dcf3ac162cad18
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_mips.deb
Size/MD5 checksum: 78790 50b801e86b6a29fedac17aa4012cc222
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_mips.deb
Size/MD5 checksum: 270716 15cea80dfc523e1ffadcf609293be4d6
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_mipsel.deb
Size/MD5 checksum: 2438 51d32dfc43f95c2579e989d332c6837e
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_mipsel.udeb
Size/MD5 checksum: 135566 8a7d0840ba79647dad206aeea62dbc4e
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_mipsel.deb
Size/MD5 checksum: 78640 e7197dd434ba99f4bef46f7176b458f1
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_mipsel.deb
Size/MD5 checksum: 270760 53926589b10466163d5ea90008de5b8c
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_powerpc.deb
Size/MD5 checksum: 272424 7a9d2807d73e0da05171d50882bb2b44
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_powerpc.udeb
Size/MD5 checksum: 129696 4e24c200eaf8b615603cc7319b449f30
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_powerpc.deb
Size/MD5 checksum: 2442 a0d04b0bf5d8278796d276568940084e
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_powerpc.deb
Size/MD5 checksum: 79194 bb40fe52920ee2bfc65f1243ced8268f
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_s390.deb
Size/MD5 checksum: 79448 d17034c5d4f29b21f9f6affcc8c31cf3
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_s390.udeb
Size/MD5 checksum: 133264 e34bae7a1639cccb63814f96a014cd37
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_s390.deb
Size/MD5 checksum: 2428 d88d5d9eedc3c5d1bfb2f441d948f9ef
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_s390.deb
Size/MD5 checksum: 271886 9eaba049c1bbdf7903fbe52efd296f5b
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_sparc.deb
Size/MD5 checksum: 259536 409b46996745484d7514739cfb4cca6e
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_sparc.deb
Size/MD5 checksum: 79640 2cc666f27b22a986c6ef5677509e13ad
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_sparc.deb
Size/MD5 checksum: 2436 3c928f720d5a3cd021b633f8070ddfd6
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_sparc.udeb
Size/MD5 checksum: 124598 a93970f05ff0c1a9b670e5dd3bacdad8
These files will probably be moved into the stable distribution on
its next update
| VAR-200904-0209 | CVE-2009-0077 | Microsoft Forefront TMG MBE and ISA Server Service disruption in firewall engines (DoS) Vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka "Web Proxy TCP State Limited Denial of Service Vulnerability.". Microsoft ISA Server and Forefront Threat Management Gateway are prone to a remote denial-of-service vulnerability.
A remote, anonymous attacker could exploit this issue to cause the Web proxy listener to become unresponsive, denying service legitimate users.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA09-104A
Microsoft Updates for Multiple Vulnerabilities
Original release date: April 14, 2009
Last revised: --
Source: US-CERT
Systems Affected
* Microsoft Windows
* Microsoft Office
* Microsoft Windows Server
* Microsoft ISA Server
Overview
Microsoft has released updates that address vulnerabilities in
Microsoft Windows, Office, Windows Server, and ISA Server.
I. Description
As part of the Microsoft Security Bulletin Summary for April 2009,
Microsoft released updates to address vulnerabilities that affect
Microsoft Windows, Office, Windows Server, and ISA Server.
II. Impact
A remote, unauthenticated attacker could execute arbitrary code,
gain elevated privileges, or cause a vulnerable application to
crash.
III. Solution
Microsoft has provided updates for these vulnerabilities in the
Microsoft Security Bulletin Summary for April 2009. The security
bulletin describes any known issues related to the updates.
Administrators are encouraged to note these issues and test for any
potentially adverse effects. Administrators should consider using
an automated update distribution system such as Windows Server
Update Services (WSUS).
IV. References
* Microsoft Security Bulletin Summary for April 2009 -
<http://www.microsoft.com/technet/security/bulletin/ms09-apr.mspx>
* Microsoft Windows Server Update Services -
<http://technet.microsoft.com/en-us/wsus/default.aspx>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-104A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-104A Feedback VU#999892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 14, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeTi+XIHljM+H4irAQIIWQf/TWAkmQKay9j5fDLBcyMGJ3icTpG05Zp2
rM8UXMjKohKcDBhY1K9mxKxif5L81+y87PlBz/WTl3icn+57wAGMl/pAAeTz3Hp3
T98eKMXfzvVU57WDGGxy+4Ad57DIIF5hRkiGusDjnNJfd5kdH7q+8rPjPCUvtYAu
H+0auzCpmob7NsIv/YuRXIHekkLiX5GPanhecy+mve1cvbSpXGKF9vf7LEGaFEsT
1XOtTeY0r4TjZEk/c5ahKqGehJINujvv4eVdiajqDOCVecaALi+p+XwMSLtlJvgK
Vaa/ioPIFq8nNUz7eefVSadsary2RfmKegDwmg8FZX/UOso+tQ21KQ==
=q59/
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
2) Input passed to the HTML forms authentication component
(cookieauth.dll) is not properly sanitised before being returned to
users. This can be exploited to execute arbitrary HTML and script
code in a user's browser session in context of an affected site.
Successful exploitation of this vulnerability requires that Web
publishing is enabled and HTML forms authentication is enabled on the
default Web listener.
SOLUTION:
Apply patches.
2) The vendor credits New York State Chief Information Officer /
Office for Technology.
ORIGINAL ADVISORY:
MS09-016 (KB961759, KB968075, KB960995, KB968078):
http://www.microsoft.com/technet/security/Bulletin/MS09-016.mspx
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0228 | CVE-2009-0237 | Microsoft Forefront TMG MBE and ISA Server of HTML Cross-site scripting vulnerability in forms authentication |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in cookieauth.dll in the HTML forms authentication component in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2006, 2006 Supportability Update, and 2006 SP1; allows remote attackers to inject arbitrary web script or HTML via "authentication input" to this component, aka "Cross-Site Scripting Vulnerability.".
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal potentially sensitive information and launch other attacks.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA09-104A
Microsoft Updates for Multiple Vulnerabilities
Original release date: April 14, 2009
Last revised: --
Source: US-CERT
Systems Affected
* Microsoft Windows
* Microsoft Office
* Microsoft Windows Server
* Microsoft ISA Server
Overview
Microsoft has released updates that address vulnerabilities in
Microsoft Windows, Office, Windows Server, and ISA Server.
I. Description
As part of the Microsoft Security Bulletin Summary for April 2009,
Microsoft released updates to address vulnerabilities that affect
Microsoft Windows, Office, Windows Server, and ISA Server.
II.
III. Solution
Microsoft has provided updates for these vulnerabilities in the
Microsoft Security Bulletin Summary for April 2009. The security
bulletin describes any known issues related to the updates.
Administrators are encouraged to note these issues and test for any
potentially adverse effects. Administrators should consider using
an automated update distribution system such as Windows Server
Update Services (WSUS).
IV. References
* Microsoft Security Bulletin Summary for April 2009 -
<http://www.microsoft.com/technet/security/bulletin/ms09-apr.mspx>
* Microsoft Windows Server Update Services -
<http://technet.microsoft.com/en-us/wsus/default.aspx>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-104A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-104A Feedback VU#999892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 14, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeTi+XIHljM+H4irAQIIWQf/TWAkmQKay9j5fDLBcyMGJ3icTpG05Zp2
rM8UXMjKohKcDBhY1K9mxKxif5L81+y87PlBz/WTl3icn+57wAGMl/pAAeTz3Hp3
T98eKMXfzvVU57WDGGxy+4Ad57DIIF5hRkiGusDjnNJfd5kdH7q+8rPjPCUvtYAu
H+0auzCpmob7NsIv/YuRXIHekkLiX5GPanhecy+mve1cvbSpXGKF9vf7LEGaFEsT
1XOtTeY0r4TjZEk/c5ahKqGehJINujvv4eVdiajqDOCVecaALi+p+XwMSLtlJvgK
Vaa/ioPIFq8nNUz7eefVSadsary2RfmKegDwmg8FZX/UOso+tQ21KQ==
=q59/
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
1) An error in the firewall engine when handling the TCP session
state for Web proxy and Web publishing listeners can be exploited to
cause a Web listener to stop responding to new requests via a
specially crafted TCP packet.
2) Input passed to the HTML forms authentication component
(cookieauth.dll) is not properly sanitised before being returned to
users.
Successful exploitation of this vulnerability requires that Web
publishing is enabled and HTML forms authentication is enabled on the
default Web listener.
SOLUTION:
Apply patches.
2) The vendor credits New York State Chief Information Officer /
Office for Technology.
ORIGINAL ADVISORY:
MS09-016 (KB961759, KB968075, KB960995, KB968078):
http://www.microsoft.com/technet/security/Bulletin/MS09-016.mspx
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0461 | CVE-2009-1287 | Cisco SESM Vulnerable to cross-site scripting |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in Cisco Subscriber Edge Services Manager (SESM) allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: some of these details are obtained from third party information.
Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible.
We don't know which versions of Subscriber Edge Services Manager are affected. We will update this BID as more information emerges
| VAR-200906-0439 | CVE-2009-2073 | Linksys WRT160N Wireless Router Cross-Site Request Forgery Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
Cross-site request forgery (CSRF) vulnerability in Linksys WRT160N wireless router hardware 1 and firmware 1.02.2 allows remote attackers to hijack the authentication of other users for unspecified requests via unknown vectors, as demonstrated using administrator privileges and actions. The Linksys WRT160N wireless router is prone to a cross-site request-forgery vulnerability.
Successful exploits can run privileged commands on the affected device, including enabling remote access to the web administration interface. This may lead to further network-based attacks.
Linksys WRT160N running firmware 1.02.2 is vulnerable. WRT160N is the latest 802.11n wireless router launched by Linksy. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Highlights from the 2008 report:
* Vulnerability Research
* Software Inspection Results
* Secunia Research Highlights
* Secunia Advisory Statistics
Request the full 2008 Report here:
http://secunia.com/advisories/try_vi/request_2008_report/
Stay Secure,
Secunia
----------------------------------------------------------------------
TITLE:
Linksys WRT160N Cross-Site Request Forgery Vulnerability
SECUNIA ADVISORY ID:
SA34625
VERIFY ADVISORY:
http://secunia.com/advisories/34625/
DESCRIPTION:
Russ McRee has reported a vulnerability in Linksys WRT160N, which can
be exploited by malicious people to conduct cross-site request forgery
attacks.
The administrative web interface allows users to perform certain
actions via HTTP requests without performing any validity checks to
verify the requests. This can be exploited to perform administrative
actions when a logged in administrator is tricked into visiting a
malicious web page. Other
versions may also be affected.
SOLUTION:
Do not browse untrusted web sites while being logged in to the
administrative web interface.
PROVIDED AND/OR DISCOVERED BY:
Russ McRee, HolisticInfoSec
ORIGINAL ADVISORY:
http://holisticinfosec.org/content/view/109/45/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201102-0003 | CVE-2009-0190 |
Oracle April 2009 Critical Patch Update Multiple Vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: - CVSS V3: - Severity: - |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-1016. Reason: This candidate is a reservation duplicate of CVE-2009-1016. Notes: All CVE users should reference CVE-2009-1016 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. ======================================================================
Secunia Research 15/04/2009
- Oracle BEA WebLogic Server Plug-ins Certificate Buffer Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Solution.............................................................5
Time Table...........................................................6
Credits..............................................................7
References...........................................................8
About Secunia........................................................9
Verification........................................................10
======================================================================
1) Affected Software
* Oracle BEA WebLogic Server Plug-ins version 1.0.1166189.
NOTE: Other versions may also be affected.
======================================================================
2) Severity
Rating: Highly critical
Impact: System access
Where: From Remote
======================================================================
3) Vendor's Description of Software
"... the world's best application server for building and deploying
enterprise applications and services ...".
Product Link:
http://www.oracle.com/technology/products/weblogic/index.html
======================================================================
4) Description of Vulnerability
Secunia Research has discovered a vulnerability in the Oracle BEA
WebLogic Server plug-ins for web servers, which can be exploited by
malicious people to compromise a vulnerable system.
The Oracle BEA WebLogic Server can be configured to receive requests
via an Apache web server. In this case, a plug-in is installed in the
Internet-facing web server that passes the request to a WebLogic
server.
The Apache web server may be configured to accept SSL connections and
forward the request to the WebLogic server along with any SSL-related
information. If the SSL client supplies a certificate (and the Apache
server is configured to accept it), then the certificate is passed to
the WebLogic plug-in via an environment variable.
The vulnerability is caused by a boundary error when parsing
certificates and can be exploited to cause a stack-based buffer
overflow by supplying a specially crafted certificate.
Successful exploitation may allow execution of arbitrary code.
======================================================================
5) Solution
Apply patches released by the vendor.
======================================================================
6) Time Table
01/03/2009 - Vendor notified.
06/03/2009 - Vendor confirms vulnerability.
17/03/2009 - Vendor provides preliminary patch.
15/04/2009 - Public disclosure.
======================================================================
7) Credits
Discovered by Dyon Balding, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
CVE-2009-0190 for the vulnerability.
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
do active vulnerability research in order to aid improving the
security and reliability of software in general:
http://secunia.com/secunia_research/
Secunia regularly hires new skilled team members. Check the URL below
to see currently vacant positions:
http://secunia.com/corporate/jobs/
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/advisories/mailing_lists/
======================================================================
10) Verification
Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2009-23/
Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/
======================================================================
| VAR-200904-0435 | CVE-2009-1016 |
BEA Product Suite of WebLogic Server Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 8.5 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote authenticated users to affect confidentiality, integrity, and availability, related to IIS. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow involving an unspecified Server Plug-in and a crafted SSL certificate. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
| VAR-200904-0436 | CVE-2009-1017 |
Oracle Application Server of BI Publisher Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 4.0 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-0994. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
For more information see vulnerability #6 through #9 in:
SA34693
SOLUTION:
The vendor recommends to delete the GdFileConv.exe file. See vendor's
advisory for additional details.
Fixed in Good Messaging Server for Exchange 5.0.4.53 and 6.0.0.125. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Some have unknown impacts, others can be exploited by malicious users
to conduct SQL injection attacks or disclose sensitive information,
and by malicious people compromise a vulnerable system.
1) A format string error exists within the Oracle Process Manager and
Notification (opmn) daemon, which can be exploited to execute
arbitrary code via a specially crafted POST request to port
6000/TCP.
2) Input passed to the "DBMS_AQIN" package is not properly sanitised
before being used. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
3) An error in the Application Express component included in Oracle
Database can be exploited by unprivileged database users to disclose
APEX password hashes in "LOWS_030000.WWV_FLOW_USER".
The remaining vulnerabilities are caused due to unspecified errors.
No more information is currently available.
PROVIDED AND/OR DISCOVERED BY:
1) Joxean Koret of TippingPoint
2, 3) Alexander Kornbrust of Red Database Security
The vendor also credits:
* Joshua J. Drake of iDefense
* Gerhard Eschelbeck of Qualys, Inc.
* Esteban Martinez Fayo of Application Security, Inc.
* Franz Huell of Red Database Security;
* Mike Janowski of Neohapsis, Inc.
* Joxean Koret
* David Litchfield of NGS Software
* Tanel Poder
* Sven Vetter of Trivadis
* Dennis Yurichev
ORIGINAL ADVISORY:
Oracle:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-09-017/
Red Database Security:
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqin.html
http://www.red-database-security.com/advisory/apex_password_hashes.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0432 | CVE-2009-1012 |
BEA Product Suite of Apache Plug-ins and IIS Web server vulnerability
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in an unspecified plug-in that parses HTTP requests, which leads to a heap-based buffer overflow. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
| VAR-200904-0434 | CVE-2009-1014 |
Oracle PeopleSoft Enterprise Of products such as PeopleSoft Enterprise PeopleTools Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 5.8 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1013. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
For more information see vulnerability #6 through #9 in:
SA34693
SOLUTION:
The vendor recommends to delete the GdFileConv.exe file. See vendor's
advisory for additional details.
Fixed in Good Messaging Server for Exchange 5.0.4.53 and 6.0.0.125. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Some have unknown impacts, others can be exploited by malicious users
to conduct SQL injection attacks or disclose sensitive information,
and by malicious people compromise a vulnerable system.
1) A format string error exists within the Oracle Process Manager and
Notification (opmn) daemon, which can be exploited to execute
arbitrary code via a specially crafted POST request to port
6000/TCP.
2) Input passed to the "DBMS_AQIN" package is not properly sanitised
before being used. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
3) An error in the Application Express component included in Oracle
Database can be exploited by unprivileged database users to disclose
APEX password hashes in "LOWS_030000.WWV_FLOW_USER".
The remaining vulnerabilities are caused due to unspecified errors.
No more information is currently available.
PROVIDED AND/OR DISCOVERED BY:
1) Joxean Koret of TippingPoint
2, 3) Alexander Kornbrust of Red Database Security
The vendor also credits:
* Joshua J. Drake of iDefense
* Gerhard Eschelbeck of Qualys, Inc.
* Esteban Martinez Fayo of Application Security, Inc.
* Franz Huell of Red Database Security;
* Mike Janowski of Neohapsis, Inc.
* Joxean Koret
* David Litchfield of NGS Software
* Tanel Poder
* Sven Vetter of Trivadis
* Dennis Yurichev
ORIGINAL ADVISORY:
Oracle:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-09-017/
Red Database Security:
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqin.html
http://www.red-database-security.com/advisory/apex_password_hashes.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0427 | CVE-2009-1006 |
BEA Product Suite of Jrockit Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (DoS) An attack may be carried out. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
| VAR-200904-0425 | CVE-2009-1004 |
BEA Product Suite of WebLogic Server Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 4.0 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality and integrity via unknown vectors. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
| VAR-200904-0426 | CVE-2009-1005 |
BEA Product Suite of AquaLogic Data Services Platform Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 4.1 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the Oracle Data Service Integrator (AquaLogic Data Services Platform) component in BEA Product Suite 10.3.0, 3.2, 3.0.1, and 3.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors. (DoS) An attack may be carried out. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
| VAR-200904-0423 | CVE-2009-1002 |
BEA Product Suite of WebLogic Server Elevation of privilege vulnerability in components
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 5.8 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold through MP3, 9.1, 9.0, 8.1 Gold through SP6, and 7.0 Gold through SP7 allows remote attackers to gain privileges via unknown vectors. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
| VAR-200904-0422 | CVE-2009-1001 |
Oracle BEA WebLogic Portal Vulnerability gained in
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 5.5 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in Oracle BEA WebLogic Portal 8.1 Gold through SP6 allows remote authenticated users to gain privileges via unknown vectors. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
| VAR-200904-0433 | CVE-2009-1013 |
Oracle PeopleSoft Enterprise Of products such as PeopleSoft Enterprise PeopleTools Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 6.4 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1014. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
For more information see vulnerability #6 through #9 in:
SA34693
SOLUTION:
The vendor recommends to delete the GdFileConv.exe file. See vendor's
advisory for additional details.
Fixed in Good Messaging Server for Exchange 5.0.4.53 and 6.0.0.125. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Some have unknown impacts, others can be exploited by malicious users
to conduct SQL injection attacks or disclose sensitive information,
and by malicious people compromise a vulnerable system.
1) A format string error exists within the Oracle Process Manager and
Notification (opmn) daemon, which can be exploited to execute
arbitrary code via a specially crafted POST request to port
6000/TCP.
2) Input passed to the "DBMS_AQIN" package is not properly sanitised
before being used. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
3) An error in the Application Express component included in Oracle
Database can be exploited by unprivileged database users to disclose
APEX password hashes in "LOWS_030000.WWV_FLOW_USER".
The remaining vulnerabilities are caused due to unspecified errors.
No more information is currently available.
PROVIDED AND/OR DISCOVERED BY:
1) Joxean Koret of TippingPoint
2, 3) Alexander Kornbrust of Red Database Security
The vendor also credits:
* Joshua J. Drake of iDefense
* Gerhard Eschelbeck of Qualys, Inc.
* Esteban Martinez Fayo of Application Security, Inc.
* Franz Huell of Red Database Security;
* Mike Janowski of Neohapsis, Inc.
* Joxean Koret
* David Litchfield of NGS Software
* Tanel Poder
* Sven Vetter of Trivadis
* Dennis Yurichev
ORIGINAL ADVISORY:
Oracle:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-09-017/
Red Database Security:
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqin.html
http://www.red-database-security.com/advisory/apex_password_hashes.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0428 | CVE-2009-1008 |
Oracle Application Server of Outside In Technology Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 4.4 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1010. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
For more information see vulnerability #6 through #9 in:
SA34693
SOLUTION:
The vendor recommends to delete the GdFileConv.exe file. See vendor's
advisory for additional details.
Fixed in Good Messaging Server for Exchange 5.0.4.53 and 6.0.0.125. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Some have unknown impacts, others can be exploited by malicious users
to conduct SQL injection attacks or disclose sensitive information,
and by malicious people compromise a vulnerable system.
1) A format string error exists within the Oracle Process Manager and
Notification (opmn) daemon, which can be exploited to execute
arbitrary code via a specially crafted POST request to port
6000/TCP.
2) Input passed to the "DBMS_AQIN" package is not properly sanitised
before being used. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
3) An error in the Application Express component included in Oracle
Database can be exploited by unprivileged database users to disclose
APEX password hashes in "LOWS_030000.WWV_FLOW_USER".
The remaining vulnerabilities are caused due to unspecified errors.
No more information is currently available.
PROVIDED AND/OR DISCOVERED BY:
1) Joxean Koret of TippingPoint
2, 3) Alexander Kornbrust of Red Database Security
The vendor also credits:
* Joshua J. Drake of iDefense
* Gerhard Eschelbeck of Qualys, Inc.
* Esteban Martinez Fayo of Application Security, Inc.
* Franz Huell of Red Database Security;
* Mike Janowski of Neohapsis, Inc.
* Joxean Koret
* David Litchfield of NGS Software
* Tanel Poder
* Sven Vetter of Trivadis
* Dennis Yurichev
ORIGINAL ADVISORY:
Oracle:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-09-017/
Red Database Security:
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqin.html
http://www.red-database-security.com/advisory/apex_password_hashes.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0421 | CVE-2009-1000 |
Oracle E-Business Suite of Oracle Applications Framework Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
The Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 uses default passwords for unspecified "FND Applications Users (not DB users)," which has unknown impact and attack vectors. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
For more information see vulnerability #6 through #9 in:
SA34693
SOLUTION:
The vendor recommends to delete the GdFileConv.exe file. See vendor's
advisory for additional details.
Fixed in Good Messaging Server for Exchange 5.0.4.53 and 6.0.0.125. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Some have unknown impacts, others can be exploited by malicious users
to conduct SQL injection attacks or disclose sensitive information,
and by malicious people compromise a vulnerable system.
1) A format string error exists within the Oracle Process Manager and
Notification (opmn) daemon, which can be exploited to execute
arbitrary code via a specially crafted POST request to port
6000/TCP.
2) Input passed to the "DBMS_AQIN" package is not properly sanitised
before being used. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
3) An error in the Application Express component included in Oracle
Database can be exploited by unprivileged database users to disclose
APEX password hashes in "LOWS_030000.WWV_FLOW_USER".
The remaining vulnerabilities are caused due to unspecified errors.
No more information is currently available.
PROVIDED AND/OR DISCOVERED BY:
1) Joxean Koret of TippingPoint
2, 3) Alexander Kornbrust of Red Database Security
The vendor also credits:
* Joshua J. Drake of iDefense
* Gerhard Eschelbeck of Qualys, Inc.
* Esteban Martinez Fayo of Application Security, Inc.
* Franz Huell of Red Database Security;
* Mike Janowski of Neohapsis, Inc.
* Joxean Koret
* David Litchfield of NGS Software
* Tanel Poder
* Sven Vetter of Trivadis
* Dennis Yurichev
ORIGINAL ADVISORY:
Oracle:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-09-017/
Red Database Security:
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqin.html
http://www.red-database-security.com/advisory/apex_password_hashes.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0419 | CVE-2009-0998 |
Oracle PeopleSoft Enterprise Of products such as PeopleSoft Enterprise HRMS - eBenefits Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 5.5 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the PeopleSoft Enterprise HRMS - eBenefits component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 and 9.0.8 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
For more information see vulnerability #6 through #9 in:
SA34693
SOLUTION:
The vendor recommends to delete the GdFileConv.exe file. See vendor's
advisory for additional details.
Fixed in Good Messaging Server for Exchange 5.0.4.53 and 6.0.0.125. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Some have unknown impacts, others can be exploited by malicious users
to conduct SQL injection attacks or disclose sensitive information,
and by malicious people compromise a vulnerable system.
1) A format string error exists within the Oracle Process Manager and
Notification (opmn) daemon, which can be exploited to execute
arbitrary code via a specially crafted POST request to port
6000/TCP.
2) Input passed to the "DBMS_AQIN" package is not properly sanitised
before being used. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
3) An error in the Application Express component included in Oracle
Database can be exploited by unprivileged database users to disclose
APEX password hashes in "LOWS_030000.WWV_FLOW_USER".
The remaining vulnerabilities are caused due to unspecified errors.
No more information is currently available.
PROVIDED AND/OR DISCOVERED BY:
1) Joxean Koret of TippingPoint
2, 3) Alexander Kornbrust of Red Database Security
The vendor also credits:
* Joshua J. Drake of iDefense
* Gerhard Eschelbeck of Qualys, Inc.
* Esteban Martinez Fayo of Application Security, Inc.
* Franz Huell of Red Database Security;
* Mike Janowski of Neohapsis, Inc.
* Joxean Koret
* David Litchfield of NGS Software
* Tanel Poder
* Sven Vetter of Trivadis
* Dennis Yurichev
ORIGINAL ADVISORY:
Oracle:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-09-017/
Red Database Security:
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqin.html
http://www.red-database-security.com/advisory/apex_password_hashes.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0420 | CVE-2009-0999 |
Oracle E-Business Suite of Oracle Application Object Library Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (DoS) An attack may be carried out. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
For more information see vulnerability #6 through #9 in:
SA34693
SOLUTION:
The vendor recommends to delete the GdFileConv.exe file. See vendor's
advisory for additional details.
Fixed in Good Messaging Server for Exchange 5.0.4.53 and 6.0.0.125. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Some have unknown impacts, others can be exploited by malicious users
to conduct SQL injection attacks or disclose sensitive information,
and by malicious people compromise a vulnerable system.
1) A format string error exists within the Oracle Process Manager and
Notification (opmn) daemon, which can be exploited to execute
arbitrary code via a specially crafted POST request to port
6000/TCP.
2) Input passed to the "DBMS_AQIN" package is not properly sanitised
before being used. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
3) An error in the Application Express component included in Oracle
Database can be exploited by unprivileged database users to disclose
APEX password hashes in "LOWS_030000.WWV_FLOW_USER".
The remaining vulnerabilities are caused due to unspecified errors.
No more information is currently available.
PROVIDED AND/OR DISCOVERED BY:
1) Joxean Koret of TippingPoint
2, 3) Alexander Kornbrust of Red Database Security
The vendor also credits:
* Joshua J. Drake of iDefense
* Gerhard Eschelbeck of Qualys, Inc.
* Esteban Martinez Fayo of Application Security, Inc.
* Franz Huell of Red Database Security;
* Mike Janowski of Neohapsis, Inc.
* Joxean Koret
* David Litchfield of NGS Software
* Tanel Poder
* Sven Vetter of Trivadis
* Dennis Yurichev
ORIGINAL ADVISORY:
Oracle:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-09-017/
Red Database Security:
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqin.html
http://www.red-database-security.com/advisory/apex_password_hashes.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------