VARIoT IoT vulnerabilities database
| VAR-200904-0291 | CVE-2009-1185 | udev Elevation of privilege vulnerability |
CVSS V2: 7.2 CVSS V3: - Severity: HIGH |
udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.
Local attackers may exploit this issue to gain elevated privileges, which may lead to a complete compromise of the system.
Versions prior to udev 141 are vulnerable. Its main function is to manage device nodes in the /dev directory. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200904-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: udev: Multiple vulnerabilities
Date: April 18, 2009
Bugs: #266290
ID: 200904-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Two errors in udev allow for a local root compromise and a Denial of
Service.
Background
==========
udev is the device manager used in the Linux 2.6 kernel series.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 sys-fs/udev < 124-r2 >= 124-r2
Description
===========
Sebastian Krahmer of SUSE discovered the following two vulnerabilities:
* udev does not verify the origin of NETLINK messages properly
(CVE-2009-1185).
* A buffer overflow exists in the util_path_encode() function in
lib/libudev-util.c (CVE-2009-1186).
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All udev users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-fs/udev-124-r2"
References
==========
[ 1 ] CVE-2009-1185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185
[ 2 ] CVE-2009-1186
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1186
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200904-18.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2009 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
The updated packages have been patched to prevent this.
Update:
Packages for 2008.0 are being provided due to extended support for
Corporate products.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1186
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
8268a6d9b8b782f008c6bad08081aa1f 2008.0/i586/libvolume_id0-114-7.1mdv2008.0.i586.rpm
f25010279ad483a4bd1df3300be1eff5 2008.0/i586/libvolume_id0-devel-114-7.1mdv2008.0.i586.rpm
527afa06fad5b28de6ba60c12c5cc685 2008.0/i586/udev-114-7.1mdv2008.0.i586.rpm
b472ccee86044dba507029b63385e306 2008.0/i586/udev-doc-114-7.1mdv2008.0.i586.rpm
33a3aeb9701b9a90b776b08595055f05 2008.0/i586/udev-tools-114-7.1mdv2008.0.i586.rpm
b6057c15bb22b381d07ee45a6bc81974 2008.0/SRPMS/udev-114-7.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
8e05d00d129d11f2442390ec7dd4174c 2008.0/x86_64/lib64volume_id0-114-7.1mdv2008.0.x86_64.rpm
2718c04a037f773bca23b010265071ce 2008.0/x86_64/lib64volume_id0-devel-114-7.1mdv2008.0.x86_64.rpm
6756f2bb0dad6dee8188e5dccc1f92cb 2008.0/x86_64/udev-114-7.1mdv2008.0.x86_64.rpm
b65a69fde92e29d6affa25d32e881dff 2008.0/x86_64/udev-doc-114-7.1mdv2008.0.x86_64.rpm
bf39012f0e457b61fd203711625d78dc 2008.0/x86_64/udev-tools-114-7.1mdv2008.0.x86_64.rpm
b6057c15bb22b381d07ee45a6bc81974 2008.0/SRPMS/udev-114-7.1mdv2008.0.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLF8RvmqjQ0CJFipgRAp5ZAJ0YBHRyssp4RsoVDk8awKDSM9mnhACgqeEn
aP7lY4N3P6dafT+v4TzBfgE=
=S27a
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1772-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
April 16, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : udev
Vulnerability : several
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2009-1185 CVE-2009-1186
Sebastian Kramer discovered two vulnerabilities in udev, the /dev and
hotplug management daemon.
CVE-2009-1186
udev suffers from a buffer overflow condition in path encoding,
potentially allowing arbitrary code execution.
For the old stable distribution (etch), these problems have been fixed in
version 0.105-4etch1.
For the stable distribution (lenny), these problems have been fixed in
version 0.125-7+lenny1.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your udev package.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Source archives:
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1.diff.gz
Size/MD5 checksum: 65496 c004ab727c31c58012eb518ea1293c06
http://security.debian.org/pool/updates/main/u/udev/udev_0.105.orig.tar.gz
Size/MD5 checksum: 188150 9d58389d5ef915c49681cae4fba3cd60
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1.dsc
Size/MD5 checksum: 653 11e4e0cb9bc8cb2f93890e80e9314a7b
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_alpha.udeb
Size/MD5 checksum: 133696 82ebf80715efaa545bb98fa92b5c6e30
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_alpha.deb
Size/MD5 checksum: 293006 6e1ff1cf34638ebe01d6a7cc3771eef9
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_alpha.deb
Size/MD5 checksum: 25892 17fc41c4605c256b933cefcda3c21a48
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_alpha.deb
Size/MD5 checksum: 67762 335db6bf028839d64d656b3b243d3e23
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_amd64.deb
Size/MD5 checksum: 277954 4daf7f67c7ddb2bea7906c3a2e5f4450
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_amd64.deb
Size/MD5 checksum: 17570 abb465d39529deff8a8a44e6e3511e92
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_amd64.deb
Size/MD5 checksum: 64016 1fa7e638e153131fae0794bdfa29f10e
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_amd64.udeb
Size/MD5 checksum: 118680 18f17e7030d7ec1c8445e8b2e5420150
arm architecture (ARM)
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_arm.deb
Size/MD5 checksum: 266724 8cb242b97c43b91065a51ad06e341c26
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_arm.deb
Size/MD5 checksum: 65394 053e04d02f57089c52ee9ed2dedd1824
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_arm.deb
Size/MD5 checksum: 18146 06aaf0730d2822b9efc3658d9c6aad6f
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_arm.udeb
Size/MD5 checksum: 108792 d1d15e13b7acaf80449d70a46474d5cc
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_hppa.deb
Size/MD5 checksum: 284024 5a95e42a4bc958ea800d0ad2fc7137f7
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_hppa.deb
Size/MD5 checksum: 69216 1fa0f6be4314a15c272008889ad5cdd3
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_hppa.udeb
Size/MD5 checksum: 123292 9423477a619848bc5b897c183578eedf
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_hppa.deb
Size/MD5 checksum: 22822 2e425348f052eb7227af5b4162d87886
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_i386.deb
Size/MD5 checksum: 62672 1fb6a5c71a746c54d2d153f82d156622
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_i386.udeb
Size/MD5 checksum: 104858 6755b7f2be45c09dcfbeba11b71fb2b4
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_i386.deb
Size/MD5 checksum: 15596 42d679cf1bf5708e12f2ebe0928d0f17
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_i386.deb
Size/MD5 checksum: 263502 c771e199202b3a30191e562591b2a5f1
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_ia64.deb
Size/MD5 checksum: 71234 db3642925a8d81f1d63fa5a194be85ca
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_ia64.deb
Size/MD5 checksum: 348482 03798072d8288f3e6080f6a32178a55a
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_ia64.deb
Size/MD5 checksum: 26664 f1eeb303578e5d42c46d1d50bedc3427
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_ia64.udeb
Size/MD5 checksum: 178622 1681eaf7e11447c584d199eca57c7829
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_mips.deb
Size/MD5 checksum: 21846 c154d642eeaec8a4ff465d0dd7854d6f
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_mips.deb
Size/MD5 checksum: 278706 c612857d27e034d3979476512798bb43
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_mips.udeb
Size/MD5 checksum: 123368 547c1b25665f105ca681dbb1efe1841d
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_mips.deb
Size/MD5 checksum: 65332 0a7201607ea9d769cbd09ebc96905500
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_mipsel.deb
Size/MD5 checksum: 279278 6a3d796f15b65b8b61a991cd2631ef69
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_mipsel.deb
Size/MD5 checksum: 65140 e5d91868a42e3a0c36eb30f512376db1
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_mipsel.udeb
Size/MD5 checksum: 123416 b97a524a2ea9289b38467dd03d5213db
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_mipsel.deb
Size/MD5 checksum: 21560 672e1b4ffc6da2e7d8c6ffdbfebd5b51
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_powerpc.udeb
Size/MD5 checksum: 109412 149ab68cffb0272aadbd758c45f640fc
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_powerpc.deb
Size/MD5 checksum: 18832 d37c3f79c808b6b775e9b5e82c265cdc
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_powerpc.deb
Size/MD5 checksum: 65400 e1030bc12fcca0cf4ca2f4000a9d732e
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_powerpc.deb
Size/MD5 checksum: 283004 083d7593e935231bfbc1868d54be6899
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_s390.deb
Size/MD5 checksum: 66024 63704d890de325cce6d3ab739bfcc5df
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_s390.deb
Size/MD5 checksum: 280362 68985aade59854bea6933ba6b9825152
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_s390.udeb
Size/MD5 checksum: 119284 b89e7a4ae300862b138c65d1a65f5861
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_s390.deb
Size/MD5 checksum: 19968 8176690f76660c6dfdbb9d0a0ad1c85b
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.105-4etch1_sparc.udeb
Size/MD5 checksum: 108102 09f683e56ddcf705f6b0f1ff1465299a
http://security.debian.org/pool/updates/main/u/udev/udev_0.105-4etch1_sparc.deb
Size/MD5 checksum: 261794 0c02b3cc77b22cc7ec88c424bc5342ab
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.105-4etch1_sparc.deb
Size/MD5 checksum: 66058 44da6bfe900da48fd4ac0b367846c23b
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.105-4etch1_sparc.deb
Size/MD5 checksum: 18924 2871710daab3972cda3485866c1ff0f7
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1.diff.gz
Size/MD5 checksum: 63221 1cdb4f78dc7cf5c5702fa69e3f528724
http://security.debian.org/pool/updates/main/u/udev/udev_0.125.orig.tar.gz
Size/MD5 checksum: 254564 be98e04cefdd9ca76b8fe7e92735ce29
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1.dsc
Size/MD5 checksum: 1031 3c1c71e9321ee24dcbb4237bda82ecf8
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_alpha.deb
Size/MD5 checksum: 81916 0d0d955ef294f83409f7729287911834
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_alpha.udeb
Size/MD5 checksum: 148990 83667ad6d0c6d0c43ddd851d139f1fd6
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_alpha.deb
Size/MD5 checksum: 281758 61570a51644b3470c4ca8306f6531d2f
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_alpha.deb
Size/MD5 checksum: 2436 82668adc7df4b743eff35e1c353f5101
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_amd64.udeb
Size/MD5 checksum: 128220 6951de1f9f2a952c718c6322d4cc041c
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_amd64.deb
Size/MD5 checksum: 266322 d25ceb9d564f9ff30cc841432588d11a
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_amd64.deb
Size/MD5 checksum: 2426 c04b51779d612328c0e63048ae9112e2
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_amd64.deb
Size/MD5 checksum: 77548 68d9da089db647fed48a5e2e126109a0
arm architecture (ARM)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_arm.deb
Size/MD5 checksum: 79020 8990da78870b19da2123a246308b9f42
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_arm.udeb
Size/MD5 checksum: 123542 64e28579a5dd7f20902b4683c1c2d717
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_arm.deb
Size/MD5 checksum: 2438 6749f4622bebfb95248e522d031ac012
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_arm.deb
Size/MD5 checksum: 257106 80d322c9d53711a0fee58af3d027e32d
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_armel.deb
Size/MD5 checksum: 2440 27ff9848ed16db7e8c5ca75f0a022403
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_armel.deb
Size/MD5 checksum: 258074 fce468ead3db83d21356f1da16e50e9d
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_armel.udeb
Size/MD5 checksum: 124506 2eb7a09d5ee3b5c308ac221851fc1573
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_armel.deb
Size/MD5 checksum: 79228 2c16ecd4418d9fcd3f6dadf85fab95bb
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_hppa.deb
Size/MD5 checksum: 84240 5f32416e51f5ee674c8331429bcd71ad
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_hppa.deb
Size/MD5 checksum: 274388 9464fdcd2dac50388cf23d2e891fa903
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_hppa.udeb
Size/MD5 checksum: 142578 18523c4afa6e272ed8449dc433bb68ce
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_hppa.deb
Size/MD5 checksum: 2438 187adc54d95719c8bf2a20c73b9b820a
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_i386.deb
Size/MD5 checksum: 253168 9667472701f5f78e75f944afe4e18a1f
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_i386.deb
Size/MD5 checksum: 76280 c9f04437d9c090e54fdfaf4c08b04273
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_i386.udeb
Size/MD5 checksum: 115724 05843396641d6e8eed4d417020969f23
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_i386.deb
Size/MD5 checksum: 2426 ea4c748d93da3e0ffd9c070461fb9ea4
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_ia64.deb
Size/MD5 checksum: 85644 2594d69577d4d309f6be2878524641f2
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_ia64.udeb
Size/MD5 checksum: 190230 a682ed3c0b26b059740b37ac0976bd93
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_ia64.deb
Size/MD5 checksum: 2432 0c4b9c1716892330ff482e8a8cb2f12d
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_ia64.deb
Size/MD5 checksum: 324656 efa495e7fc30164bb91958f81a5f0e02
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_mips.udeb
Size/MD5 checksum: 135612 f596cc4d41bf41fa78d25deae191df8a
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_mips.deb
Size/MD5 checksum: 2436 ef6056a525dd10b577dcf3ac162cad18
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_mips.deb
Size/MD5 checksum: 78790 50b801e86b6a29fedac17aa4012cc222
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_mips.deb
Size/MD5 checksum: 270716 15cea80dfc523e1ffadcf609293be4d6
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_mipsel.deb
Size/MD5 checksum: 2438 51d32dfc43f95c2579e989d332c6837e
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_mipsel.udeb
Size/MD5 checksum: 135566 8a7d0840ba79647dad206aeea62dbc4e
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_mipsel.deb
Size/MD5 checksum: 78640 e7197dd434ba99f4bef46f7176b458f1
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_mipsel.deb
Size/MD5 checksum: 270760 53926589b10466163d5ea90008de5b8c
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_powerpc.deb
Size/MD5 checksum: 272424 7a9d2807d73e0da05171d50882bb2b44
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_powerpc.udeb
Size/MD5 checksum: 129696 4e24c200eaf8b615603cc7319b449f30
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_powerpc.deb
Size/MD5 checksum: 2442 a0d04b0bf5d8278796d276568940084e
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_powerpc.deb
Size/MD5 checksum: 79194 bb40fe52920ee2bfc65f1243ced8268f
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_s390.deb
Size/MD5 checksum: 79448 d17034c5d4f29b21f9f6affcc8c31cf3
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_s390.udeb
Size/MD5 checksum: 133264 e34bae7a1639cccb63814f96a014cd37
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_s390.deb
Size/MD5 checksum: 2428 d88d5d9eedc3c5d1bfb2f441d948f9ef
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_s390.deb
Size/MD5 checksum: 271886 9eaba049c1bbdf7903fbe52efd296f5b
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/u/udev/udev_0.125-7+lenny1_sparc.deb
Size/MD5 checksum: 259536 409b46996745484d7514739cfb4cca6e
http://security.debian.org/pool/updates/main/u/udev/libvolume-id0_0.125-7+lenny1_sparc.deb
Size/MD5 checksum: 79640 2cc666f27b22a986c6ef5677509e13ad
http://security.debian.org/pool/updates/main/u/udev/libvolume-id-dev_0.125-7+lenny1_sparc.deb
Size/MD5 checksum: 2436 3c928f720d5a3cd021b633f8070ddfd6
http://security.debian.org/pool/updates/main/u/udev/udev-udeb_0.125-7+lenny1_sparc.udeb
Size/MD5 checksum: 124598 a93970f05ff0c1a9b670e5dd3bacdad8
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQEcBAEBAgAGBQJJ5wkDAAoJEL97/wQC1SS+aPkH/iGPHaLUOQuUVo1Z99SVMGIW
6RWVX/V1HyOgdOPApsuoKxzHrFV6UToSp8vqAlmBeXkz3Ow79BXwUjpLYb6dlngD
NexhpIPYqHl+m9Frlpfa2QP36bYPIfcMcU0zNPGZQmFa5XIdMUdtr3BZnUHSMCg6
bimtGTcy+9BLsb/L89uw7m8Y4sw4SwKK08FngB9j2bFGPZGX6XN/RySDoZAjgA+M
3g4pi4io+DZy4qkfQvGUaWpI9OcMWytrp1AI2VYy4LMT+ZZhGaOl1mhruE6xpHqs
y09ZKhCP04T4b/4xbWE/7C+y4G2FHrFs858sbPJ04PUaZErhMbyrXKUj3f/1ckQ=
=57uF
-----END PGP SIGNATURE-----
| VAR-200904-0209 | CVE-2009-0077 | Microsoft Forefront TMG MBE and ISA Server Service disruption in firewall engines (DoS) Vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka "Web Proxy TCP State Limited Denial of Service Vulnerability.". Microsoft ISA Server and Forefront Threat Management Gateway are prone to a remote denial-of-service vulnerability.
A remote, anonymous attacker could exploit this issue to cause the Web proxy listener to become unresponsive, denying service legitimate users.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA09-104A
Microsoft Updates for Multiple Vulnerabilities
Original release date: April 14, 2009
Last revised: --
Source: US-CERT
Systems Affected
* Microsoft Windows
* Microsoft Office
* Microsoft Windows Server
* Microsoft ISA Server
Overview
Microsoft has released updates that address vulnerabilities in
Microsoft Windows, Office, Windows Server, and ISA Server.
I. Description
As part of the Microsoft Security Bulletin Summary for April 2009,
Microsoft released updates to address vulnerabilities that affect
Microsoft Windows, Office, Windows Server, and ISA Server.
II. Impact
A remote, unauthenticated attacker could execute arbitrary code,
gain elevated privileges, or cause a vulnerable application to
crash.
III. Solution
Microsoft has provided updates for these vulnerabilities in the
Microsoft Security Bulletin Summary for April 2009. The security
bulletin describes any known issues related to the updates.
Administrators are encouraged to note these issues and test for any
potentially adverse effects. Administrators should consider using
an automated update distribution system such as Windows Server
Update Services (WSUS).
IV. References
* Microsoft Security Bulletin Summary for April 2009 -
<http://www.microsoft.com/technet/security/bulletin/ms09-apr.mspx>
* Microsoft Windows Server Update Services -
<http://technet.microsoft.com/en-us/wsus/default.aspx>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-104A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-104A Feedback VU#999892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 14, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeTi+XIHljM+H4irAQIIWQf/TWAkmQKay9j5fDLBcyMGJ3icTpG05Zp2
rM8UXMjKohKcDBhY1K9mxKxif5L81+y87PlBz/WTl3icn+57wAGMl/pAAeTz3Hp3
T98eKMXfzvVU57WDGGxy+4Ad57DIIF5hRkiGusDjnNJfd5kdH7q+8rPjPCUvtYAu
H+0auzCpmob7NsIv/YuRXIHekkLiX5GPanhecy+mve1cvbSpXGKF9vf7LEGaFEsT
1XOtTeY0r4TjZEk/c5ahKqGehJINujvv4eVdiajqDOCVecaALi+p+XwMSLtlJvgK
Vaa/ioPIFq8nNUz7eefVSadsary2RfmKegDwmg8FZX/UOso+tQ21KQ==
=q59/
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
2) Input passed to the HTML forms authentication component
(cookieauth.dll) is not properly sanitised before being returned to
users. This can be exploited to execute arbitrary HTML and script
code in a user's browser session in context of an affected site.
Successful exploitation of this vulnerability requires that Web
publishing is enabled and HTML forms authentication is enabled on the
default Web listener.
SOLUTION:
Apply patches.
2) The vendor credits New York State Chief Information Officer /
Office for Technology.
ORIGINAL ADVISORY:
MS09-016 (KB961759, KB968075, KB960995, KB968078):
http://www.microsoft.com/technet/security/Bulletin/MS09-016.mspx
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0228 | CVE-2009-0237 | Microsoft Forefront TMG MBE and ISA Server of HTML Cross-site scripting vulnerability in forms authentication |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in cookieauth.dll in the HTML forms authentication component in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2006, 2006 Supportability Update, and 2006 SP1; allows remote attackers to inject arbitrary web script or HTML via "authentication input" to this component, aka "Cross-Site Scripting Vulnerability.".
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal potentially sensitive information and launch other attacks.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA09-104A
Microsoft Updates for Multiple Vulnerabilities
Original release date: April 14, 2009
Last revised: --
Source: US-CERT
Systems Affected
* Microsoft Windows
* Microsoft Office
* Microsoft Windows Server
* Microsoft ISA Server
Overview
Microsoft has released updates that address vulnerabilities in
Microsoft Windows, Office, Windows Server, and ISA Server.
I. Description
As part of the Microsoft Security Bulletin Summary for April 2009,
Microsoft released updates to address vulnerabilities that affect
Microsoft Windows, Office, Windows Server, and ISA Server.
II.
III. Solution
Microsoft has provided updates for these vulnerabilities in the
Microsoft Security Bulletin Summary for April 2009. The security
bulletin describes any known issues related to the updates.
Administrators are encouraged to note these issues and test for any
potentially adverse effects. Administrators should consider using
an automated update distribution system such as Windows Server
Update Services (WSUS).
IV. References
* Microsoft Security Bulletin Summary for April 2009 -
<http://www.microsoft.com/technet/security/bulletin/ms09-apr.mspx>
* Microsoft Windows Server Update Services -
<http://technet.microsoft.com/en-us/wsus/default.aspx>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-104A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-104A Feedback VU#999892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 14, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeTi+XIHljM+H4irAQIIWQf/TWAkmQKay9j5fDLBcyMGJ3icTpG05Zp2
rM8UXMjKohKcDBhY1K9mxKxif5L81+y87PlBz/WTl3icn+57wAGMl/pAAeTz3Hp3
T98eKMXfzvVU57WDGGxy+4Ad57DIIF5hRkiGusDjnNJfd5kdH7q+8rPjPCUvtYAu
H+0auzCpmob7NsIv/YuRXIHekkLiX5GPanhecy+mve1cvbSpXGKF9vf7LEGaFEsT
1XOtTeY0r4TjZEk/c5ahKqGehJINujvv4eVdiajqDOCVecaALi+p+XwMSLtlJvgK
Vaa/ioPIFq8nNUz7eefVSadsary2RfmKegDwmg8FZX/UOso+tQ21KQ==
=q59/
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
1) An error in the firewall engine when handling the TCP session
state for Web proxy and Web publishing listeners can be exploited to
cause a Web listener to stop responding to new requests via a
specially crafted TCP packet.
2) Input passed to the HTML forms authentication component
(cookieauth.dll) is not properly sanitised before being returned to
users.
Successful exploitation of this vulnerability requires that Web
publishing is enabled and HTML forms authentication is enabled on the
default Web listener.
SOLUTION:
Apply patches.
2) The vendor credits New York State Chief Information Officer /
Office for Technology.
ORIGINAL ADVISORY:
MS09-016 (KB961759, KB968075, KB960995, KB968078):
http://www.microsoft.com/technet/security/Bulletin/MS09-016.mspx
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0461 | CVE-2009-1287 | Cisco SESM Vulnerable to cross-site scripting |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in Cisco Subscriber Edge Services Manager (SESM) allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: some of these details are obtained from third party information.
Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible.
We don't know which versions of Subscriber Edge Services Manager are affected. We will update this BID as more information emerges
| VAR-200906-0439 | CVE-2009-2073 | Linksys WRT160N Wireless Router Cross-Site Request Forgery Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
Cross-site request forgery (CSRF) vulnerability in Linksys WRT160N wireless router hardware 1 and firmware 1.02.2 allows remote attackers to hijack the authentication of other users for unspecified requests via unknown vectors, as demonstrated using administrator privileges and actions. The Linksys WRT160N wireless router is prone to a cross-site request-forgery vulnerability.
Successful exploits can run privileged commands on the affected device, including enabling remote access to the web administration interface. This may lead to further network-based attacks.
Linksys WRT160N running firmware 1.02.2 is vulnerable. WRT160N is the latest 802.11n wireless router launched by Linksy. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Highlights from the 2008 report:
* Vulnerability Research
* Software Inspection Results
* Secunia Research Highlights
* Secunia Advisory Statistics
Request the full 2008 Report here:
http://secunia.com/advisories/try_vi/request_2008_report/
Stay Secure,
Secunia
----------------------------------------------------------------------
TITLE:
Linksys WRT160N Cross-Site Request Forgery Vulnerability
SECUNIA ADVISORY ID:
SA34625
VERIFY ADVISORY:
http://secunia.com/advisories/34625/
DESCRIPTION:
Russ McRee has reported a vulnerability in Linksys WRT160N, which can
be exploited by malicious people to conduct cross-site request forgery
attacks.
The administrative web interface allows users to perform certain
actions via HTTP requests without performing any validity checks to
verify the requests. This can be exploited to perform administrative
actions when a logged in administrator is tricked into visiting a
malicious web page. Other
versions may also be affected.
SOLUTION:
Do not browse untrusted web sites while being logged in to the
administrative web interface.
PROVIDED AND/OR DISCOVERED BY:
Russ McRee, HolisticInfoSec
ORIGINAL ADVISORY:
http://holisticinfosec.org/content/view/109/45/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201102-0003 | CVE-2009-0190 |
Oracle April 2009 Critical Patch Update Multiple Vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: - CVSS V3: - Severity: - |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-1016. Reason: This candidate is a reservation duplicate of CVE-2009-1016. Notes: All CVE users should reference CVE-2009-1016 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. ======================================================================
Secunia Research 15/04/2009
- Oracle BEA WebLogic Server Plug-ins Certificate Buffer Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Solution.............................................................5
Time Table...........................................................6
Credits..............................................................7
References...........................................................8
About Secunia........................................................9
Verification........................................................10
======================================================================
1) Affected Software
* Oracle BEA WebLogic Server Plug-ins version 1.0.1166189.
NOTE: Other versions may also be affected.
======================================================================
2) Severity
Rating: Highly critical
Impact: System access
Where: From Remote
======================================================================
3) Vendor's Description of Software
"... the world's best application server for building and deploying
enterprise applications and services ...".
Product Link:
http://www.oracle.com/technology/products/weblogic/index.html
======================================================================
4) Description of Vulnerability
Secunia Research has discovered a vulnerability in the Oracle BEA
WebLogic Server plug-ins for web servers, which can be exploited by
malicious people to compromise a vulnerable system.
The Oracle BEA WebLogic Server can be configured to receive requests
via an Apache web server. In this case, a plug-in is installed in the
Internet-facing web server that passes the request to a WebLogic
server.
The Apache web server may be configured to accept SSL connections and
forward the request to the WebLogic server along with any SSL-related
information. If the SSL client supplies a certificate (and the Apache
server is configured to accept it), then the certificate is passed to
the WebLogic plug-in via an environment variable.
The vulnerability is caused by a boundary error when parsing
certificates and can be exploited to cause a stack-based buffer
overflow by supplying a specially crafted certificate.
Successful exploitation may allow execution of arbitrary code.
======================================================================
5) Solution
Apply patches released by the vendor.
======================================================================
6) Time Table
01/03/2009 - Vendor notified.
06/03/2009 - Vendor confirms vulnerability.
17/03/2009 - Vendor provides preliminary patch.
15/04/2009 - Public disclosure.
======================================================================
7) Credits
Discovered by Dyon Balding, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
CVE-2009-0190 for the vulnerability.
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
do active vulnerability research in order to aid improving the
security and reliability of software in general:
http://secunia.com/secunia_research/
Secunia regularly hires new skilled team members. Check the URL below
to see currently vacant positions:
http://secunia.com/corporate/jobs/
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/advisories/mailing_lists/
======================================================================
10) Verification
Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2009-23/
Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/
======================================================================
| VAR-200904-0435 | CVE-2009-1016 |
BEA Product Suite of WebLogic Server Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 8.5 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote authenticated users to affect confidentiality, integrity, and availability, related to IIS. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow involving an unspecified Server Plug-in and a crafted SSL certificate. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
| VAR-200904-0436 | CVE-2009-1017 |
Oracle Application Server of BI Publisher Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 4.0 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-0994. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
For more information see vulnerability #6 through #9 in:
SA34693
SOLUTION:
The vendor recommends to delete the GdFileConv.exe file. See vendor's
advisory for additional details.
Fixed in Good Messaging Server for Exchange 5.0.4.53 and 6.0.0.125. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Some have unknown impacts, others can be exploited by malicious users
to conduct SQL injection attacks or disclose sensitive information,
and by malicious people compromise a vulnerable system.
1) A format string error exists within the Oracle Process Manager and
Notification (opmn) daemon, which can be exploited to execute
arbitrary code via a specially crafted POST request to port
6000/TCP.
2) Input passed to the "DBMS_AQIN" package is not properly sanitised
before being used. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
3) An error in the Application Express component included in Oracle
Database can be exploited by unprivileged database users to disclose
APEX password hashes in "LOWS_030000.WWV_FLOW_USER".
The remaining vulnerabilities are caused due to unspecified errors.
No more information is currently available.
PROVIDED AND/OR DISCOVERED BY:
1) Joxean Koret of TippingPoint
2, 3) Alexander Kornbrust of Red Database Security
The vendor also credits:
* Joshua J. Drake of iDefense
* Gerhard Eschelbeck of Qualys, Inc.
* Esteban Martinez Fayo of Application Security, Inc.
* Franz Huell of Red Database Security;
* Mike Janowski of Neohapsis, Inc.
* Joxean Koret
* David Litchfield of NGS Software
* Tanel Poder
* Sven Vetter of Trivadis
* Dennis Yurichev
ORIGINAL ADVISORY:
Oracle:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-09-017/
Red Database Security:
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqin.html
http://www.red-database-security.com/advisory/apex_password_hashes.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0432 | CVE-2009-1012 |
BEA Product Suite of Apache Plug-ins and IIS Web server vulnerability
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in an unspecified plug-in that parses HTTP requests, which leads to a heap-based buffer overflow. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
| VAR-200904-0434 | CVE-2009-1014 |
Oracle PeopleSoft Enterprise Of products such as PeopleSoft Enterprise PeopleTools Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 5.8 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1013. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
For more information see vulnerability #6 through #9 in:
SA34693
SOLUTION:
The vendor recommends to delete the GdFileConv.exe file. See vendor's
advisory for additional details.
Fixed in Good Messaging Server for Exchange 5.0.4.53 and 6.0.0.125. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Some have unknown impacts, others can be exploited by malicious users
to conduct SQL injection attacks or disclose sensitive information,
and by malicious people compromise a vulnerable system.
1) A format string error exists within the Oracle Process Manager and
Notification (opmn) daemon, which can be exploited to execute
arbitrary code via a specially crafted POST request to port
6000/TCP.
2) Input passed to the "DBMS_AQIN" package is not properly sanitised
before being used. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
3) An error in the Application Express component included in Oracle
Database can be exploited by unprivileged database users to disclose
APEX password hashes in "LOWS_030000.WWV_FLOW_USER".
The remaining vulnerabilities are caused due to unspecified errors.
No more information is currently available.
PROVIDED AND/OR DISCOVERED BY:
1) Joxean Koret of TippingPoint
2, 3) Alexander Kornbrust of Red Database Security
The vendor also credits:
* Joshua J. Drake of iDefense
* Gerhard Eschelbeck of Qualys, Inc.
* Esteban Martinez Fayo of Application Security, Inc.
* Franz Huell of Red Database Security;
* Mike Janowski of Neohapsis, Inc.
* Joxean Koret
* David Litchfield of NGS Software
* Tanel Poder
* Sven Vetter of Trivadis
* Dennis Yurichev
ORIGINAL ADVISORY:
Oracle:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-09-017/
Red Database Security:
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqin.html
http://www.red-database-security.com/advisory/apex_password_hashes.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0427 | CVE-2009-1006 |
BEA Product Suite of Jrockit Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (DoS) An attack may be carried out. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
| VAR-200904-0425 | CVE-2009-1004 |
BEA Product Suite of WebLogic Server Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 4.0 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality and integrity via unknown vectors. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
| VAR-200904-0426 | CVE-2009-1005 |
BEA Product Suite of AquaLogic Data Services Platform Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 4.1 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the Oracle Data Service Integrator (AquaLogic Data Services Platform) component in BEA Product Suite 10.3.0, 3.2, 3.0.1, and 3.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors. (DoS) An attack may be carried out. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
| VAR-200904-0423 | CVE-2009-1002 |
BEA Product Suite of WebLogic Server Elevation of privilege vulnerability in components
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 5.8 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold through MP3, 9.1, 9.0, 8.1 Gold through SP6, and 7.0 Gold through SP7 allows remote attackers to gain privileges via unknown vectors. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
| VAR-200904-0422 | CVE-2009-1001 |
Oracle BEA WebLogic Portal Vulnerability gained in
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 5.5 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in Oracle BEA WebLogic Portal 8.1 Gold through SP6 allows remote authenticated users to gain privileges via unknown vectors. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
| VAR-200904-0433 | CVE-2009-1013 |
Oracle PeopleSoft Enterprise Of products such as PeopleSoft Enterprise PeopleTools Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 6.4 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1014. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
For more information see vulnerability #6 through #9 in:
SA34693
SOLUTION:
The vendor recommends to delete the GdFileConv.exe file. See vendor's
advisory for additional details.
Fixed in Good Messaging Server for Exchange 5.0.4.53 and 6.0.0.125. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Some have unknown impacts, others can be exploited by malicious users
to conduct SQL injection attacks or disclose sensitive information,
and by malicious people compromise a vulnerable system.
1) A format string error exists within the Oracle Process Manager and
Notification (opmn) daemon, which can be exploited to execute
arbitrary code via a specially crafted POST request to port
6000/TCP.
2) Input passed to the "DBMS_AQIN" package is not properly sanitised
before being used. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
3) An error in the Application Express component included in Oracle
Database can be exploited by unprivileged database users to disclose
APEX password hashes in "LOWS_030000.WWV_FLOW_USER".
The remaining vulnerabilities are caused due to unspecified errors.
No more information is currently available.
PROVIDED AND/OR DISCOVERED BY:
1) Joxean Koret of TippingPoint
2, 3) Alexander Kornbrust of Red Database Security
The vendor also credits:
* Joshua J. Drake of iDefense
* Gerhard Eschelbeck of Qualys, Inc.
* Esteban Martinez Fayo of Application Security, Inc.
* Franz Huell of Red Database Security;
* Mike Janowski of Neohapsis, Inc.
* Joxean Koret
* David Litchfield of NGS Software
* Tanel Poder
* Sven Vetter of Trivadis
* Dennis Yurichev
ORIGINAL ADVISORY:
Oracle:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-09-017/
Red Database Security:
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqin.html
http://www.red-database-security.com/advisory/apex_password_hashes.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0428 | CVE-2009-1008 |
Oracle Application Server of Outside In Technology Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 4.4 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1010. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
For more information see vulnerability #6 through #9 in:
SA34693
SOLUTION:
The vendor recommends to delete the GdFileConv.exe file. See vendor's
advisory for additional details.
Fixed in Good Messaging Server for Exchange 5.0.4.53 and 6.0.0.125. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Some have unknown impacts, others can be exploited by malicious users
to conduct SQL injection attacks or disclose sensitive information,
and by malicious people compromise a vulnerable system.
1) A format string error exists within the Oracle Process Manager and
Notification (opmn) daemon, which can be exploited to execute
arbitrary code via a specially crafted POST request to port
6000/TCP.
2) Input passed to the "DBMS_AQIN" package is not properly sanitised
before being used. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
3) An error in the Application Express component included in Oracle
Database can be exploited by unprivileged database users to disclose
APEX password hashes in "LOWS_030000.WWV_FLOW_USER".
The remaining vulnerabilities are caused due to unspecified errors.
No more information is currently available.
PROVIDED AND/OR DISCOVERED BY:
1) Joxean Koret of TippingPoint
2, 3) Alexander Kornbrust of Red Database Security
The vendor also credits:
* Joshua J. Drake of iDefense
* Gerhard Eschelbeck of Qualys, Inc.
* Esteban Martinez Fayo of Application Security, Inc.
* Franz Huell of Red Database Security;
* Mike Janowski of Neohapsis, Inc.
* Joxean Koret
* David Litchfield of NGS Software
* Tanel Poder
* Sven Vetter of Trivadis
* Dennis Yurichev
ORIGINAL ADVISORY:
Oracle:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-09-017/
Red Database Security:
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqin.html
http://www.red-database-security.com/advisory/apex_password_hashes.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0421 | CVE-2009-1000 |
Oracle E-Business Suite of Oracle Applications Framework Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
The Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 uses default passwords for unspecified "FND Applications Users (not DB users)," which has unknown impact and attack vectors. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
For more information see vulnerability #6 through #9 in:
SA34693
SOLUTION:
The vendor recommends to delete the GdFileConv.exe file. See vendor's
advisory for additional details.
Fixed in Good Messaging Server for Exchange 5.0.4.53 and 6.0.0.125. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Some have unknown impacts, others can be exploited by malicious users
to conduct SQL injection attacks or disclose sensitive information,
and by malicious people compromise a vulnerable system.
1) A format string error exists within the Oracle Process Manager and
Notification (opmn) daemon, which can be exploited to execute
arbitrary code via a specially crafted POST request to port
6000/TCP.
2) Input passed to the "DBMS_AQIN" package is not properly sanitised
before being used. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
3) An error in the Application Express component included in Oracle
Database can be exploited by unprivileged database users to disclose
APEX password hashes in "LOWS_030000.WWV_FLOW_USER".
The remaining vulnerabilities are caused due to unspecified errors.
No more information is currently available.
PROVIDED AND/OR DISCOVERED BY:
1) Joxean Koret of TippingPoint
2, 3) Alexander Kornbrust of Red Database Security
The vendor also credits:
* Joshua J. Drake of iDefense
* Gerhard Eschelbeck of Qualys, Inc.
* Esteban Martinez Fayo of Application Security, Inc.
* Franz Huell of Red Database Security;
* Mike Janowski of Neohapsis, Inc.
* Joxean Koret
* David Litchfield of NGS Software
* Tanel Poder
* Sven Vetter of Trivadis
* Dennis Yurichev
ORIGINAL ADVISORY:
Oracle:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-09-017/
Red Database Security:
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqin.html
http://www.red-database-security.com/advisory/apex_password_hashes.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0419 | CVE-2009-0998 |
Oracle PeopleSoft Enterprise Of products such as PeopleSoft Enterprise HRMS - eBenefits Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 5.5 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the PeopleSoft Enterprise HRMS - eBenefits component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 and 9.0.8 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
For more information see vulnerability #6 through #9 in:
SA34693
SOLUTION:
The vendor recommends to delete the GdFileConv.exe file. See vendor's
advisory for additional details.
Fixed in Good Messaging Server for Exchange 5.0.4.53 and 6.0.0.125. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Some have unknown impacts, others can be exploited by malicious users
to conduct SQL injection attacks or disclose sensitive information,
and by malicious people compromise a vulnerable system.
1) A format string error exists within the Oracle Process Manager and
Notification (opmn) daemon, which can be exploited to execute
arbitrary code via a specially crafted POST request to port
6000/TCP.
2) Input passed to the "DBMS_AQIN" package is not properly sanitised
before being used. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
3) An error in the Application Express component included in Oracle
Database can be exploited by unprivileged database users to disclose
APEX password hashes in "LOWS_030000.WWV_FLOW_USER".
The remaining vulnerabilities are caused due to unspecified errors.
No more information is currently available.
PROVIDED AND/OR DISCOVERED BY:
1) Joxean Koret of TippingPoint
2, 3) Alexander Kornbrust of Red Database Security
The vendor also credits:
* Joshua J. Drake of iDefense
* Gerhard Eschelbeck of Qualys, Inc.
* Esteban Martinez Fayo of Application Security, Inc.
* Franz Huell of Red Database Security;
* Mike Janowski of Neohapsis, Inc.
* Joxean Koret
* David Litchfield of NGS Software
* Tanel Poder
* Sven Vetter of Trivadis
* Dennis Yurichev
ORIGINAL ADVISORY:
Oracle:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-09-017/
Red Database Security:
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqin.html
http://www.red-database-security.com/advisory/apex_password_hashes.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0420 | CVE-2009-0999 |
Oracle E-Business Suite of Oracle Application Object Library Component vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0197, VAR-E-200904-0196 |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (DoS) An attack may be carried out. Oracle has released the April 2009 critical patch update that addresses 43 vulnerabilities affecting the following software:
Oracle Database
Oracle Audit Vault
Oracle Application Server
Oracle Outside In SDK HTML Export
Oracle XML Publisher
Oracle BI Publisher
Oracle E-Business Suite
PeopleSoft Enterprise PeopleTools
PeopleSoft Enterprise HRMS
Oracle WebLogic Server (formerly BEA WebLogic Server)
Oracle Data Service Integrator
Oracle AquaLogic Data Services Platform
Oracle JRockit. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
For more information see vulnerability #6 through #9 in:
SA34693
SOLUTION:
The vendor recommends to delete the GdFileConv.exe file. See vendor's
advisory for additional details.
Fixed in Good Messaging Server for Exchange 5.0.4.53 and 6.0.0.125. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Some have unknown impacts, others can be exploited by malicious users
to conduct SQL injection attacks or disclose sensitive information,
and by malicious people compromise a vulnerable system.
1) A format string error exists within the Oracle Process Manager and
Notification (opmn) daemon, which can be exploited to execute
arbitrary code via a specially crafted POST request to port
6000/TCP.
2) Input passed to the "DBMS_AQIN" package is not properly sanitised
before being used. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
3) An error in the Application Express component included in Oracle
Database can be exploited by unprivileged database users to disclose
APEX password hashes in "LOWS_030000.WWV_FLOW_USER".
The remaining vulnerabilities are caused due to unspecified errors.
No more information is currently available.
PROVIDED AND/OR DISCOVERED BY:
1) Joxean Koret of TippingPoint
2, 3) Alexander Kornbrust of Red Database Security
The vendor also credits:
* Joshua J. Drake of iDefense
* Gerhard Eschelbeck of Qualys, Inc.
* Esteban Martinez Fayo of Application Security, Inc.
* Franz Huell of Red Database Security;
* Mike Janowski of Neohapsis, Inc.
* Joxean Koret
* David Litchfield of NGS Software
* Tanel Poder
* Sven Vetter of Trivadis
* Dennis Yurichev
ORIGINAL ADVISORY:
Oracle:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-09-017/
Red Database Security:
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqin.html
http://www.red-database-security.com/advisory/apex_password_hashes.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------