Web Server Load Balancer Detection

The remote web server seems to be running in conjunction with several others behind a load balancer. Knowing that there are multiple systems behind a service could be useful to an attacker as the underlying hosts may be running different operating systems, patchlevels, etc. C Tenable Network...

CVE-2004-0317

CVE-2004-0317 affects Load Sharing Facility (LSF) versions 4.x, 5.x, and 6.x. The vulnerability is a buffer overflow in the eauth component triggered by a long LSF_From_PC parameter, allowing local users or attackers within an LSF cluster to cause a denial of service (segmentation fault) and pote...

CVE-2004-0318

CVE-2004-0318 affects Load Sharing Facility (LSF) versions 4.x, 5.x, and 6.x. The vulnerability arises because LSF_EAUTH_UID may be used in place of the real user UID, enabling remote attackers within the local cluster to gain privileges. The underlying issue is the handling of an environment var...

CVE-2004-0317

Buffer overflow in eauth in Load Sharing Facility 4.x, 5.x, and 6.x allows local users or remote attackers within the LSF cluster to cause a denial of service segmentation fault and possibly execute arbitrary code via a long LSFFromPC parameter...

CVE-2004-0318

Load Sharing Facility LSF 4.x, 5.x, and 6.x uses the LSFEAUTHUID environment variable, if it exists, instead of the real UID of the user, which could allow remote attackers within the local cluster to gain privileges...

Load Sharing Facility multiple bugs

Code execution, DoS...

Lam3rZ Security Advisory #1/2004: LSF eauth vulnerability leads to remote code execution

Lam3rZ Security Advisory 1/2004 23 Feb 2004 Remote within a cluster root in LSF Name: Load Sharing Facility versions 4.x, 5.x, 6.x Severity: High Vendor URL: http://www.platform.com Author: Tomasz Grabowski [email protected] Vendor notified: 26 Oct 2003 Vendor confirmed: 27 Oct 2003 Vendor...

PT-2003-1903 · Ibm · Ibm Db2 Universal Database

Name of the Vulnerable Software and Affected Versions: IBM DB2 Universal Data Base versions 7.2 before Fixpak 10 and 10a IBM DB2 Universal Data Base versions 8.1 before Fixpak 2 Description: A stack-based buffer overflow issue allows attackers with Connect privileges to execute arbitrary code via...

ptl-2003-01: IBM DB2 LOAD Command Stack Overflow Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Pentest Limited Security Advisory IBM DB2 LOAD Command Stack Overflow Vulnerability Advisory Details - ---------------- Title: IBM DB2 LOAD Command Stack Overflow Vulnerability Announcement date: 1st October 2003 Advisory Reference: ptl-2003-01 CVE...

Cisco CSS 11000 Series DoS

ID: S21SEC-025-en Title: Cisco CSS 11000 Series DoS Date: 04/07/2003 Status: Solution available Scope: Interruption of service, high CPU load. Platforms: All/Chassis CS800. Author: ecruz, egarcia, jandre Location: http://www.s21sec.com/en/avisos/s21sec-025-en.txt Release: External S 2 1 S E C...

CVE-2003-0337

The CVE describes a local code execution in Load Sharing Facility (LSF) 5.1 via the ckconfig command in lsadmin. By manipulating environment variables LSF_ENVDIR to reference an alternate lsf.conf and LSF_SERVERDIR to point to a malicious lim program, a local attacker can cause lsadmin to execute...

CVE-2003-0337

The ckconfig command in lsadmin for Load Sharing Facility LSF 5.1 allows local users to execute arbitrary programs by modifying the LSFENVDIR environment variable to reference an alternate lsf.conf file, then modifying LSFSERVERDIR to point to a malicious lim program, which lsadmin then executes...

CVE-2003-0337

The ckconfig command in lsadmin for Load Sharing Facility LSF 5.1 allows local users to execute arbitrary programs by modifying the LSFENVDIR environment variable to reference an alternate lsf.conf file, then modifying LSFSERVERDIR to point to a malicious lim program, which lsadmin then executes...

Security advisory: LSF 5.1 local root exploit

Security Advisory 22 May 2003 Local root in LSF 5.1 Name: Load Sharing Facility version 5.1 Severity: High Vendor URL: http://www.platform.com Author: Tomasz Grabowski [email protected] Vendor notified: 25 Feb 2003 Vendor response: 25 Feb 2003 Vendor fix: 19 Mar 2003 Commercial: I'm looking for ...

CVE-2003-0233

Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load method, a different vulnerability than CVE-2003-0115...

Cisco Security Advisory: Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service Vulnerability =============================================================================== Revision Numeral 1.0 For Public Releas...

CVE-2003-0233

Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load method, a different vulnerability than CVE-2003-0115...

Platform Load Sharing Facility 45 - LSF_ENVDIR Local Command Execution

Platform Load Sharing Facility 45 - LSFENVDIR Local Command Execution source: https://www.securityfocus.com/bid/7655/info It has been reported that Load Sharing Facility LSF does not properly handle input in environment variables. Because of this, an attacker may be able to gain escalated...

Platform Load Sharing Facility 4/5 - 'LSF_ENVDIR' Local Command Execution

source: https://www.securityfocus.com/bid/7655/info It has been reported that Load Sharing Facility LSF does not properly handle input in environment variables. Because of this, an attacker may be able to gain escalated privileges on a vulnerable system. LSF 5.1 'lsadmin' local root exploit...

Platform Load Sharing Facility 4/5/6 - 'EAuth' Local Privilege Escalation

source: https://www.securityfocus.com/bid/9724/info Load Sharing Facility eauth component has been reported prone to privilege escalation vulnerability. The eauth component is responsible for controlling authentication procedures within Load Sharing Facility. An issue has been reported where an...