1150 matches found
rgmanager security, bug fix, and enhancement update
2.0.52-21 - rgmanager: Fix bad passing of SFLFAILURE up fixbadpassingofsflfailureup.patch Resolves: rhbz711521 2.0.52-20 - resource-agents: Improve LDLIBRARYPATH handling by SAP resourceagentsimproveldlibrarypathhandlingbysap.patch Resolves: rhbz710637 2.0.52-19 - Fix changelog format - rgmanager...
Low: Red Hat Security Advisory: rgmanager security, bug fix, and enhancement update
An updated rgmanager package that fixes one security issue, several bugs, and adds multiple enhancements is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score,...
Analysis of the postgresql database attack techniques a-vulnerability warning-the black bar safety net
postgresql simple description PostgreSQL is a very complete free software object-relational database management system, can be said to be the world's most advanced, most powerful free database management system. PostgreSQL is based on the University of California, Berkeley Department of computer...
EnterpriseDB PostgreSQL Plus Advanced Server DBA Management Server Authentication Bypass
Added: 03/21/2011 BID: 46662 Background Postgres Plus Advanced Server is an enterprise database solution. It includes several productivity tools, such as Migration Studio, Postgres Studio, DBA Management Server, and DBA Monitoring Console. Problem An authentication bypass vulnerability exists in...
EnterpriseDB PostgreSQL Plus Advanced Server DBA Management Server Authentication Bypass
Added: 03/21/2011 BID: 46662 Background Postgres Plus Advanced Server is an enterprise database solution. It includes several productivity tools, such as Migration Studio, Postgres Studio, DBA Management Server, and DBA Monitoring Console. Problem An authentication bypass vulnerability exists in...
ZDI-11-102: PostgreSQL Plus Advanced Server DBA Management Server Remote Authentication Bypass Vulnerability
ZDI-11-102: PostgreSQL Plus Advanced Server DBA Management Server Remote Authentication Bypass Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-102 March 2, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Postgres -- Affected Products: Postgres Plus SQL --...
Postgres Plus SQL authentication bypass
Unauthorized access to DBA Management Server TCP/9000, TCP/9363...
Nagios XI users.php SQL Injection
Nagios XI users.php SQL Injection Advisory Information Advisory ID: NGENUITY-2010-008 Date published: 8/24/2010 Vulnerability Information Class: SQL Injection SQLi Software Description Nagios XI is the commercial / enterprise version of the open source Nagios project. Vulnerability Description...
postgresql security update
7.3.21-3 - Fix CVE-2010-1169, CVE-2010-1170, CVE-2009-4136, CVE-2010-0733, CVE-2010-0442 via back-ports of upstream patches for Postgres 7.4 Resolves: 589541...
Various database password hash access statement-vulnerability warning-the black bar safety net
There is no access, can also grab? Various database password hash get the statement, you can also directly use the sqlmap this injection tool! SQL Server 2 0 0 0:- SELECT password from master. dbo. sysxlogins where name='sa' 0×010034767D5C0CFA5FDCA28C4A56085E65E882E71CB0ED250341...
SuSE9 Security Update : postgresql (YOU Patch Number 12065)
This version update to 8.1.11 fixes among other things, several security issues : - Index Functions Privilege Escalation: CVE-2007-6600 - Regular Expression Denial-of-Service: CVE-2007-4772, CVE-2007-6067, CVE-2007-4769 - DBLink Privilege Escalation: CVE-2007-6601 %NASLMINLEVEL 70300 C Tenable...
GLSA-200903-25 : Courier Authentication Library: SQL Injection vulnerability
The remote host is affected by the vulnerability described in GLSA-200903-25 Courier Authentication Library: SQL Injection vulnerability It has been reported that some parameters used in SQL queries are not properly sanitized before being processed when using a non-Latin locale Postgres database...
Courier Authentication Library: SQL Injection vulnerability
Background The Courier Authentication Library is a generic authentication API that encapsulates the process of validating account passwords. Description It has been reported that some parameters used in SQL queries are not properly sanitized before being processed when using a non-Latin locale...
Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)
Looks like a very serious issue to me - it works on our ProFTPD 1.3.2rc2 Server latest stable on gentoo. 220 ProFTPD 1.3.2rc2 Server Pumpkin xx.xx.xx.xx USER ' and 1=2 union select 1,0x24312452565a583533784324716a304d4d6b4670426b4b486177644264756634392f,uid,gid,homedir,shell from ftp 331 Password...
Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)
Maybe this is related to http://bugs.proftpd.org/showbug.cgi?id=3173 ? That bug only applies to 1.3.1, so 1.3.0 is not affected. 1.3.2 is supposed to fix this bug. Sergio Aguayo ----- Original Message ----- From: [email protected] To: [email protected] Sent: Tuesday, February 10, 2009...
CVE-2008-2380
SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes...
CVE-2008-2380
SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes...
DEBIAN-CVE-2008-2380
SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes...
Sql injection
SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes...
CVE-2008-2380
SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes...