Mike Oconnor

**Nome do software vulnerável e versões afetadas** Versões do FreeBSD 4.9 a 8.0 Versão 4.6 do OpenBSD **Descrição** Uma desreferência de ponteiro nulo em `ftpd/popen.c` pode levar a uma negação de serviço remota do serviço ftpd. O problema está relacionado a um consumo descontrolado de recursos no componente ftpd. Isso pode ser explorado por um invasor remoto para causar uma negação de serviço. **Recomendações** Para as versões 4.9 a 8.0 do FreeBSD, considere desativar o serviço ftpd até que um patch esteja disponível. Para a versão 4.6 do OpenBSD, restrinja o acesso ao serviço ftpd para minimizar o risco de exploração. Como solução temporária, considere desativar o componente `ftpd/popen.c` até que um patch esteja disponível.

SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domain info.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-5272 has been assigned for the vps note parameter to dtcadmin/logPushlet.php vector.

**Name of the Vulnerable Software and Affected Versions** Domain Technologie Control (DTC) versions prior to 0.34.1 **Description** The issue allows remote authenticated users to execute arbitrary SQL commands. This is achieved via the `vps note` parameter to the "dtcadmin/logPushlet.php" endpoint. **Recommendations** For versions prior to 0.34.1, update to version 0.34.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the "dtcadmin/logPushlet.php" endpoint to minimize the risk of exploitation. Avoid using the `vps note` parameter in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Domain Technologie Control (DTC) versions prior to 0.34.1 **Description** The issue in Domain Technologie Control (DTC) allows context-dependent users to gain privileges more easily due to the install script granting sudo permissions for chrootuid to the dtc user. **Recommendations** For versions prior to 0.34.1, update to version 0.34.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel version 2.6.16 and earlier **Description** The issue concerns the `sys mbind` function in `mempolicy.c`, which fails to perform a sanity check on the `maxnod` variable before proceeding with computations for the `get nodes` function. The impact and attack vectors of this issue are not explicitly stated. **Recommendations** For Linux kernel version 2.6.16 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Horde version 3.0.4 **Description** The default installation of Horde contains an administrative account with a blank password, allowing remote attackers to gain access. **Recommendations** For Horde version 3.0.4, change the administrative account password to a secure value to prevent unauthorized access.

**Name of the Vulnerable Software and Affected Versions** Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs version Debian GNU/Linux kernel-image-2.4.18-sun4u version Debian GNU/Linux kernel-image-2.4.18-sun4u-smp version Debian GNU/Linux kernel-image-2.4.19-sparc version Debian GNU/Linux kernel-image-2.4.19-sun4u version Debian GNU/Linux kernel-image-2.4.19-sun4u-smp version Linux kernel version 2.6 **Description** The issue concerns multiple vulnerabilities in the Linux kernel of Debian GNU/Linux, which can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. Additionally, a local user can cause a denial of service (system crash) on Itanium (ia64) architectures in Linux kernel 2.6 using the `unw unwind to user` function. **Recommendations** For Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs version, update to a newer version to mitigate the risk. For Debian GNU/Linux kernel-image-2.4.18-sun4u version, update to a newer version to mitigate the risk. For Debian GNU/Linux kernel-image-2.4.18-sun4u-smp version, update to a newer version to mitigate the risk. For Debian GNU/Linux kernel-image-2.4.19-sparc version, update to a newer version to mitigate the risk. For Debian GNU/Linux kernel-image-2.4.19-sun4u version, update to a newer version to mitigate the risk. For Debian GNU/Linux kernel-image-2.4.19-sun4u-smp version, update to a newer version to mitigate the risk. For Linux kernel version 2.6 on Itanium (ia64) architectures, consider restricting access to the `unw unwind to user` function until a patch is available.