Forum - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

Symantec Veritas Storage Foundation unauthorized access
updated since 23.10.2008
Published: 26.10.2008
Source: BUGTRAQ
SecurityVulns ID: 9376
Type: local
Level: 5/10
Description: qioadmin utility allows local files read access. qiomkfile allows memory content reading.

Affected: SYMANTEC : Veritas Storage Foundation 5.0
CVE: CVE-2008-4638 (qioadmin in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX, and before 5.0 MP3 on Solaris, Linux, and AIX, allows local users to read arbitrary files by causing qioadmin to write a file's content to standard error.)
CVE-2008-3248

Original document Security Objectives Corporation, SECOBJADV-2008-04: Symantec Veritas Storage Foundation Memory Disclosure Vulnerability (26.10.2008)

Security Objectives Corporation, SECOBJADV-2008-05: Symantec Veritas Storage Foundation Arbitrary File Read Vulnerability (23.10.2008)

Discuss: Read or add your comments to this news (0 comments)

Show		Threads
		Messages

Main Forum (Eng) General security questions not appropriate for another forums.	3proxy Forum (Eng) All 3proxy question must be posted to this forum.	Bugs, Vulnerabilities, PoCs and Exploits (Eng) All vulnerability related questions, vulnerability digging and exploit creation.	Windows programming and administration (Eng) Administering Windows and application development.	Unix programming and administation (Eng) Administering Unix and application development.	Test forum Please post all test messages here. All test messages from different forums will be deteted.
Main Forum (Rus)	3proxy Forum (Rus)	Bugs, Vulnerabilities, PoCs and Exploits (Rus)	Windows programming and administration (Rus)	Unix programming and administation (Rus)