472 matches found
Do You Know What Your Database Users Are Doing?
In our last column, we focused on privilege escalation attacks, and the impact that this category of SQL injection attacks can have on the database – particularly where specific database vulnerabilities exist, and can be exploited through the manipulation of privileges. Let’s look more deeply at...
Escalating Privileges In the Database Can Wreak Havoc
Privilege escalation attacks consist of exploiting a bug or design flaw in a software application to gain access to resources which normally are protected from an application or user. The result is that the application allows actions with privileges beyond an acceptable level for the specific use...
Specifically Crafted Archive/Container Files can Bypass Initial Scans
SUMMARY Specifically-crafted archive and container files can potentially bypass initial malware scans in some products. AFFECTED PRODUCTS Products --- Symantec Mail Security for Domino Symantec Mail Security for Microsoft Exchange Symantec Mail Security for SMTP Symantec Brightmail Gateway Symant...
kernel: splice: fix bad unlock_page() in error case
fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the addtopagecachelru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service kernel BUG and system crash, as...
PT-2007-6681 · Digium · Asterisk Zaptel
Name of the Vulnerable Software and Affected Versions: Asterisk Zaptel version 1.4.5.1 Description: The issue is related to a buffer overflow in the sethdlc.c file, potentially allowing local users to gain privileges via a long device name in the ifr name field. However, the vendor disputes this,...
Modify Data via Inline Views
Name Modify Data via Inline Views 8107967 DB09 Systems Affected Oracle 9i - 10g Rel. 2 Severity High Risk Category Unauthorized Access Vendor URL http://www.oracle.com/ Author Alexander Kornbrust ak at red-database-security.com Advisory 18 October 2006 V 1.00 Advisory...
SunnComm MediaMax privilege elevation vulnerability
Overview SunnComm MediaMax contains a privilege elevation vulnerability, which may allow a user with limited rights to execute code with elevated privileges. Description SunnComm MediaMax SunnComm MediaMax is copy protection software that is automatically installed by some audio CDs. Sony BMG has...
Microsoft Internet Explorer Mouse Click Event Hijacking Vulnerability
Description A vulnerability exists in Internet Explorer when handling specific DHTML events, allowing a malicious Web page to intercept mouse click events to perform unintended drag and drop operations. In particular, it is possible to simulate a mouse drag and drop event through use of the moveB...
PMachine Lib.Inc.PHP Remote Include Command Execution Vulnerability
Description It has been reported that PMachine does not properly handle include files under some circumstances. Because of this, an attacker may be able to remotely execute commands. Technologies Affected PMachine PMachine 2.2.1 Recommendations Block external access at the network boundary, unles...
Oracle9i Database contains remotely exploitable buffer overflow in "ORACLE.EXE"
Overview A remotely exploitable buffer overflow vulnerability exists in Oracle9i Database. Description A buffer overflow vulnerability exists on all platforms in the following versions of Oracle9i Database: Oracle9i Database Release 2 9i Release 1 8i 8.1.7 8.0.6 The buffer overflow exists in a...
Oracle9i Database contains remotely exploitable buffer overflow in "BFILENAME" function
Overview A remotely exploitable buffer overflow vulnerability exists in Oracle9i Database. Description A buffer overflow vulnerability exists on all platforms in the following versions of Oracle 9i Database: Oracle9i Database Release 2 9i Release 1 8i 8.1.7 8.0.6 A buffer overflow exists in...
Sample SecurID Token Emulator with Token Secret Import
Sample SecurID Token Emulator with Token Secret Import We have performed some cryptoanalysis and let's just say we do have grounds to believe that this algorithm is easily breakable. Once again, security of the cipher should be based entirely on the secrecy of the key, not the algorithm. Least...