1. Linux Kernel VFS Unauthorized File Access Vulnerability
BugTraq ID: 27280
Remote: No
Date Published: 2008-01-14
Relevant URL: http://www.securityfocus.com/bid/27280
Summary:
The Linux kernel is prone to an unauthorized file-access vulnerability affecting the VFS (Virtual Filesystem) module.

A local attacker can exploit this issue to access arbitrary files on the affected computer. Successfully exploiting this issue may grant the attacker elevated privileges on affected computers. Other attacks are also possible.

This issue affects kernel versions prior to 2.6.23.14.

2. Cisco VPN Client for Windows Local Denial of Service Vulnerability
BugTraq ID: 27289
Remote: No
Date Published: 2008-01-15
Relevant URL: http://www.securityfocus.com/bid/27289
Summary:
Cisco VPN Client for Windows is prone to a local denial-of-service vulnerability because the software's IPsec driver fails to handle certain IOCTLs.

Successfully exploiting this issue allows local attackers to crash affected computers, denying further service to legitimate users.

This issue affects 'cvpndrva.sys' 5.0.02.0090; other versions of the driver may also be affected.

3. Boost Library Regular Expression Remote Denial of Service Vulnerabilities
BugTraq ID: 27325
Remote: Yes
Date Published: 2008-01-16
Relevant URL: http://www.securityfocus.com/bid/27325
Summary:
The Boost library is prone to a remote denial-of-service vulnerability because it fails to adequately verify user-supplied input on regular expressions.

Successful exploits may allow remote attackers to cause denial-of-service conditions on applications that use the affected library.

This issue affects Boost 1.33.1 and 1.34.1; other versions may also be affected.

4. apt-listchanges Unsafe Paths Library Import Local Shell Code Execution Vulnerability
BugTraq ID: 27331
Remote: No
Date Published: 2008-01-17
Relevant URL: http://www.securityfocus.com/bid/27331
Summary:
The 'apt-listchanges' tool is prone to a vulnerability that allows arbitrary shell code to run. This issue occurs because the software uses unsafe paths when importing certain libraries.

Attackers can exploit this issue to execute arbitrary shell code with superuser privileges. Successful attacks will completely compromise the computer.

Versions prior to apt-listchanges 2.82 are vulnerable.

5. RETIRED: X.Org X Server Local Privilege Escalation and Information Disclosure Vulnerabilities
BugTraq ID: 27336
Remote: No
Date Published: 2008-01-17
Relevant URL: http://www.securityfocus.com/bid/27336
Summary:
X.Org X Server is prone to multiple local privilege-escalation vulnerabilities and an information-disclosure vulnerability.

Attackers can exploit these issues to execute arbitrary code with superuser privileges, crash the affected computer, or obtain potentially sensitive information.

NOTE: This BID is being retired because each of the vulnerabilities has been given its own record as follows:

27350 X.Org X Server 'MIT-SHM' Local Privilege Escalation Vulnerability
27351 X.Org X Server 'Xinput' Extension Local Privilege Escalation Vulnerability
27352 X.Org X Server PCF Font Parser Buffer Overflow Vulnerability
27353 X.Org X Server 'EVI' Extension Local Privilege Escalation Vulnerability
27354 X.Org X Server 'PassMessage' Request Local Privilege Escalation Vulnerability
27355 X.Org X Server 'TOG-CUP' Extension Local Privilege Escalation Vulnerability
27356 X.Org X Server X:1 -sp Command Information Disclosure Vulnerability

6. X.Org X Server 'MIT-SHM' Local Privilege Escalation Vulnerability
BugTraq ID: 27350
Remote: No
Date Published: 2008-01-17
Relevant URL: http://www.securityfocus.com/bid/27350
Summary:
X.Org X Server is prone to a local privilege-escalation vulnerability.

Attackers can exploit this issue to execute arbitrary code with superuser privileges or to crash the affected computer.

NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.

7. X.Org X Server 'Xinput' Extension Local Privilege Escalation Vulnerability
BugTraq ID: 27351
Remote: No
Date Published: 2008-01-17
Relevant URL: http://www.securityfocus.com/bid/27351
Summary:
X.Org X Server is prone to a local privilege-escalation vulnerability.

Attackers can exploit this issue to execute arbitrary code with superuser privileges or to crash the affected computer.

NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.

8. X.Org X Server PCF Font Parser Buffer Overflow Vulnerability
BugTraq ID: 27352
Remote: No
Date Published: 2008-01-17
Relevant URL: http://www.securityfocus.com/bid/27352
Summary:
X.Org X Server is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

Attackers can exploit this issue to execute arbitrary code with the privileges of the server. Failed attacks will cause denial-of-service conditions.

NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.

9. X.Org X Server 'EVI' Extension Local Privilege Escalation Vulnerability
BugTraq ID: 27353
Remote: No
Date Published: 2008-01-17
Relevant URL: http://www.securityfocus.com/bid/27353
Summary:
X.Org X Server is prone to a local privilege-escalation vulnerability.

Attackers can exploit this issue to execute arbitrary code with superuser privileges or to crash the affected computer.

NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.

10. X.Org X Server 'PassMessage' Request Local Privilege Escalation Vulnerability
BugTraq ID: 27354
Remote: No
Date Published: 2008-01-17
Relevant URL: http://www.securityfocus.com/bid/27354
Summary:
X.Org X Server is prone to a local privilege-escalation vulnerability.

Attackers can exploit this issue to execute arbitrary code with superuser privileges. Successfully exploiting this issue will result in the complete compromise of an affected computer. Failed exploit attempts will likely crash the computer.

NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.

11. X.Org X Server 'TOG-CUP' Extension Local Privilege Escalation Vulnerability
BugTraq ID: 27355
Remote: No
Date Published: 2008-01-17
Relevant URL: http://www.securityfocus.com/bid/27355
Summary:
X.Org X Server is prone to a local privilege-escalation vulnerability.

Attackers can exploit this issue to execute arbitrary code with superuser privileges or to crash the affected computer.

NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.

12. X.Org X 'Server X:1 -sp' Command Information Disclosure Vulnerability
BugTraq ID: 27356
Remote: No
Date Published: 2008-01-17
Relevant URL: http://www.securityfocus.com/bid/27356
Summary:
X.Org X Server is prone to a local information-disclosure vulnerability.

Attackers can exploit this issue to gain access to sensitive information that may lead to further attacks.

NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.

13. BitDefender Products Update Server HTTP Daemon Directory Traversal Vulnerability
BugTraq ID: 27358
Remote: Yes
Date Published: 2008-01-19
Relevant URL: http://www.securityfocus.com/bid/27358
Summary:
BitDefender Update Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting this issue allows an attacker to access potentially sensitive information that could aid in further attacks.

BitDefender Security for File Servers, BitDefender Enterprise Manger, and other BitDefender products that include the Update Server are vulnerable. This issue affects Update Server when running on Windows; Linux and UNIX variants may also be affected.

14. Apache Tomcat SingleSignOn Remote Information Disclosure Vulnerability
BugTraq ID: 27365
Remote: Yes
Date Published: 2008-01-20
Relevant URL: http://www.securityfocus.com/bid/27365
Summary:
Apache Tomcat is prone to a remote information-disclosure vulnerability because the application fails to properly restrict access to sensitive information.

Remote attackers can exploit this issue to obtain confidential user-authentication credentials.

The issue affects Tomcat 5.5.20; prior versions may also be vulnerable.

15. MoinMoin MOIN_ID Cookie Remote Authentication Bypass Vulnerability
BugTraq ID: 27404
Remote: Yes
Date Published: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/27404
Summary:
MoinMoin is prone to an authentication-bypass vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to gain unauthorized access to the affected application, which may lead to further attacks.

Versions in the MoinMoin 1.5 series are vulnerable.

16. IBM AIX WebSM Remote Client For Linux Local Insecure File Permissions Vulnerability
BugTraq ID: 27433
Remote: No
Date Published: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/27433
Summary:
IBM AIX WebSM Remote Client for Linux is prone to a local insecure-file-permissions vulnerability.

A local attacker can exploit this issue to gain unauthorized access to certain files and alter the behavior of the affected application. This may help in further attacks.

source