CVE-2008-3357

Related Files

CAID-EmbedIngres.txt

Posted Aug 6, 2008

Authored by Ken Williams | Site www3.ca.com

CA products that embed Ingres contain multiple vulnerabilities that can allow a remote attacker to execute arbitrary code, gain privileges, or cause a denial of service condition.

tags | advisory, remote, denial of service, arbitrary, vulnerability

advisories | CVE-2008-3356, CVE-2008-3357, CVE-2008-3389

SHA-256 | 6040ab449470478bb5b86d5556ee4b54361f55be9e1dd935da2bec7284d81f1f

Download | Favorite | View

iDEFENSE Security Advisory 2008-08-01.3

Posted Aug 4, 2008

Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 08.01.08 - Local exploitation of an untrusted library path vulnerability in the "ingvalidpw" utility, as included in Ingres Database 2006 Release 2 for Linux, allows attackers to execute arbitrary code with root privileges. iDefense has confirmed the existence of this vulnerability in Ingres 2006 Enterprise Edition Release 2 for Linux x86 (32-bit). Other versions may also be affected.

tags | advisory, arbitrary, x86, local, root

systems | linux

advisories | CVE-2008-3357

SHA-256 | 0e0002a3b99dc8ac791c7a65ba1eb4abf60e7e44933831c2130db0601f6a678a

Download | Favorite | View