|
AppDetective™ Update 4.1.1 - 24 November 2004
ENHANCEMENTS
Oracle - NEW CHECKS
Enhancements to check for Oracle Security Alert #68 patch detection installed on Oracle8i release 3 and Oracle9i release 1.
No patches available for version
Determines if the version of the database is no longer supported by the vendor.
Risk Level - Medium
IBM DB2 - NEW CHECKS
Multiple critical vulnerabilities in IBM DB2
Determines if the database is vulnerable to multiple critical vulnerabilities including exploitable buffer overflows, DoS attacks, and privilege escalation:
- The JDBC listener (db2jd) is vulnerable to a buffer overflow allowing one to gain remote access to the vulnerable system.
- The db2fmp process is vulnerable to a buffer overflow when a long command string is passed to it.
- The satadmin.satencrypt user defined function (UDF) is vulnerable to a buffer overflow. It exists only if the satellite is in use, and if the sqllib/misc/satctldb.ddl is used to create it.
- Passing a very long library name through the stored procedure interface causes a buffer overflow. It could be exploited by someone who already has a database connection. This allows for the attacker to gain the privileges of the DB2 service.
- A buffer overflow occurs when the DB2LPORT environmental variable is set to a very long string. Some of the setuid binaries could be exploited using this flaw to elevate the privilege.
- A stack based overflow occurs when a long parameter value is passed to one of the XML extender's user defined functions (UDF). This allows already connected users to run arbitrary code under the context of the DB2 service.
- On Windows systems the Everyone user group has access to certain privileged DB2 resources. This allows, for example, for anyone to cause damage to the file system where DB2 resources are located.
Risk Level - High
IMPLICIT_SCHEMA granted to PUBLIC
Checks for the IMPLICIT_SCHEMA authority granted to PUBLIC.
Risk Level - Medium
No patches available for version
Determines if the version of the database is no longer supported by the vendor.
Risk Level - Medium
Microsoft SQL Server - NEW CHECKS
Permissions granted on OLE automation procedures
Verifies that permissions have not been granted on the OLE automation procedures.
Risk Level - Medium
MySQL - NEW CHECKS
Local privilege escalation in mysqlhotcopy
Determines if the database is susceptible to local privilege escalation in mysqlhotcopy.
Risk Level - Low
DoS in ALTERing MERGE Table
Determines if the database is susceptible to DoS in ALTERing MERGE tables.
Risk Level - Low
Local privilege escalation in ALTER TABLE
Determines if the database is susceptible to wrong permissions checking in ALTER TABLE.
Risk Level - Low
No patches available for version
Determines if the version of the database is no longer supported by the vendor.
Risk Level - Medium
Lotus Domino - NEW CHECKS
Webadmin.nsf vulnerabilities
Determines if this version of Domino server is vulnerable to arbitrary file creation and XSS in webadmin.nsf
Risk Level - Medium
No patches available for version
Determines if the version of the database is no longer supported by the vendor.
Risk Level - Medium
Sybase - NEW CHECKS
No patches available for version
Determines if the version of the database is no longer supported by the vendor.
Risk Level - Medium
Return to ASAP™ Updates Listing
|
