Hitachi Multiple Hibun Product View Function Privilege Escalation

Network Security News – Monday, July 04, 2005 Events

Hitachi Multiple Hibun Product View Function Privilege Escalation

The Hitachi Hibun Advanced Edition Server and Advanced Information Cypher products contain a flaw that may allow a malicious user to bypass access restrictions. The issue is triggered when a user accesses the view function of the Hibun Viewer from a client PC, resulting in the ability to operate beyond their privileges.. Read more at osvdb.org/17673

Hitachi Multiple Hibun Product PCMCIA Data Miscontrol Issue

The Hitachi Hibun Advanced Edition Server and Advanced Information Cypher products contain a flaw that may allow a malicious user to bypass access restrictions. The issue is triggered by an error that causes Hibun to recognize an external drive, that is connected to a computer through PCMCIA, as an internal disk and is unable to restrict files that are copied out to the hard disk. It is possible that the flaw may allow a local attacker to obtain sensitive information resulting in a loss of confidentiality.. Read more at osvdb.org/17674

crip Insecure Temporary File Creation

crip contains a flaw that may allow a malicious local user to overwrite or create arbitrary files on the system. The issue is due to crip creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.. Read more at osvdb.org/17632

FreeBSD TCP Crafted SYN Packet Arbitrary Option Overwrite

FreeBSD contains a flaw that may allow a malicious user to modify certain TCP options via a TCP packet with the SYN flag set for an already established session. It is possible that the flaw may allow an attacker to spoof the remote IP and port numbers of an established connection and stall the TCP communications resulting in a loss of availability.. Read more at osvdb.org/17677