Advisories
Please read our Vulnerability Disclosure Policy.
Full TextSymantec's Altiris Deployment Solution - DBManager Authentication Bypass
Jan 07, 2010
A vulnerability has been identified in the DBManager service on the deployment server which could allow the service to accept commands without the client providing valid authentication details.
Symantec's Altiris Deployment Solution - File Transfer Race Condition
Jan 07, 2010
A race condition vulnerability has been identified in the service that enables file transfer functionality between the deployment server and its clients. A remote attacker who was able to communicate with the deployment server could intercept the contents of files destined for clients and prevent their delivery.
Intersystems Cache CSP (Cache Server Pages) Stack Overflow
Dec 17, 2009
A stack based buffer overflow vulnerability exists in Intersystems Cache CSP (Cache Server Pages) Apache extension which can be exploited by a remote attacker to execute arbitrary code in the context of the web server's user rights.
MWR InfoSecurity have made the decision to release this advisory due to the current existence of exploit code for the vulnerability within the public domain.
It should be noted that this vulnerability was also found recently by other security researchers and exploits were created for the Metasploit and Canvas exploitation frameworks. MWR InfoSecurity independently discovered this vulnerability and disclosed details of it to the vendor through CPNI in October 2009.
MWR InfoSecurity discovered and researched this issue on the Linux platform, whilst the Canvas and Metasploit exploits both target Microsoft Windows systems. This advisory details the vulnerability on the Linux platform and therefore provides further information about the issue that may be of value to interested parties.
The following links provide more information about this vulnerability as documented by other security researchers:
http://www.securityfocus.com/bid/37177
http://www.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/http/intersystems_cache.rb
https://forum.immunityinc.com/board/thread/1077/intersystems-cache-bof/?page=1#post-1077
Linux USB Device Driver - Buffer Overflow
Oct 29, 2009
The Auerswald Linux USB device driver is used to allow compability of an Auerswald PBX/System telephone with Linux Operating Systems via the USB port.
This device driver is vulnerable to a buffer overflow which could be exploited by an attacker with physical access to the system. This vulnerability could be exploited in order to execute arbitrary code on the target system.
IBM WebSphere MQ: Multiple Vulnerabilities
Oct 05, 2009
Multiple vulnerabilities have been identified in IBM WebSphere MQ which could lead to a denial of service attack or potentially remote code execution. Please note that specific MQ security controls can partially mitigate the risk associated with these issues if these have been deployed in an appropriate manner.
A combined fix pack has been released which addresses these issues found:
http://www-01.ibm.com/support/docview.wss?uid=swg24024153
Due to the nature of these vulnerabilities full details will not be provided at the present time so that customers are able to apply the appropriate security patches. However, a full advisory will be released in approximately 3 months time. MWR InfoSecurity customers can obtain further information about the issue by contacting their account manager.