cvelistv5 - cve-2008-3389

CVE-2008-3389 (GCVE-0-2008-3389)

Vulnerability from cvelistv5 – Published: 2008-08-05 19:20 – Updated: 2024-08-07 09:37

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://securitytracker.com/id?1020615	vdb-entryx_refsource_SECTRACK
	http://labs.idefense.com/intelligence/vulnerabili…	third-party-advisoryx_refsource_IDEFENSE
	http://www.ingres.com/support/security-alert-080108.php	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2008/2292	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/31398	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2008/2313	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/31357	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/archive/1/495177/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/30512	vdb-entryx_refsource_BID
	https://support.ca.com/irj/portal/anonymous/phpsu…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:37:26.380Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1020615",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1020615"
          },
          {
            "name": "20080801 Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ingres.com/support/security-alert-080108.php"
          },
          {
            "name": "ADV-2008-2292",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2292"
          },
          {
            "name": "31398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31398"
          },
          {
            "name": "ADV-2008-2313",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2313"
          },
          {
            "name": "31357",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31357"
          },
          {
            "name": "ingres-libbecompat-bo(44179)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44179"
          },
          {
            "name": "20080806 CA Products That Embed Ingres Multiple Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/495177/100/0/threaded"
          },
          {
            "name": "30512",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/30512"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-08-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1020615",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1020615"
        },
        {
          "name": "20080801 Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ingres.com/support/security-alert-080108.php"
        },
        {
          "name": "ADV-2008-2292",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2292"
        },
        {
          "name": "31398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31398"
        },
        {
          "name": "ADV-2008-2313",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2313"
        },
        {
          "name": "31357",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31357"
        },
        {
          "name": "ingres-libbecompat-bo(44179)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44179"
        },
        {
          "name": "20080806 CA Products That Embed Ingres Multiple Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/495177/100/0/threaded"
        },
        {
          "name": "30512",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/30512"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3389",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1020615",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1020615"
            },
            {
              "name": "20080801 Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732"
            },
            {
              "name": "http://www.ingres.com/support/security-alert-080108.php",
              "refsource": "CONFIRM",
              "url": "http://www.ingres.com/support/security-alert-080108.php"
            },
            {
              "name": "ADV-2008-2292",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2292"
            },
            {
              "name": "31398",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31398"
            },
            {
              "name": "ADV-2008-2313",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2313"
            },
            {
              "name": "31357",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31357"
            },
            {
              "name": "ingres-libbecompat-bo(44179)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44179"
            },
            {
              "name": "20080806 CA Products That Embed Ingres Multiple Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/495177/100/0/threaded"
            },
            {
              "name": "30512",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/30512"
            },
            {
              "name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989",
              "refsource": "CONFIRM",
              "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3389",
    "datePublished": "2008-08-05T19:20:00",
    "dateReserved": "2008-07-30T00:00:00",
    "dateUpdated": "2024-08-07T09:37:26.380Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61A4F116-1FEE-450E-99AE-6AD9ACDDE570\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"155AD4FB-E527-4103-BCEF-801B653DEA37\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ingres:ingres:2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCE11A92-56B9-43A2-9E3D-D511AE713F45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ingres:ingres:2006:9.0.4:*:*:*:*:*:*\", \"matchCriteriaId\": \"D988634E-4C81-457B-AA97-9C55575E9DB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ingres:ingres:2006:9.1.0:*:*:*:*:*:*\", \"matchCriteriaId\": \"708FD550-E400-4973-979B-3D9932EBFC80\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de b\\u00fafer basado en pila en la librer\\u00eda libbecompat en Ingres 2.6, Ingres 2006 versi\\u00f3n 1 (alias 9.0.4), y Ingres 2006 versi\\u00f3n 2 (alias 9.1.0) en Linux y HP-UX que permite a los usuarios locales aumentar sus privilegios estableciendo un valor largo de una variable de entorno antes de ejecutar (1) verifydb, (2) iimerge, or (3) csreport.\"}]",
      "evaluatorImpact": "\"Exploitation of this vulnerability allows an attacker to execute arbitrary code with the privileges of the \"ingres\" user. By itself, this vulnerability does not have very serious consequences. However, when combined with the library loading vulnerability, it allows an attacker to execute arbitrary code with root privileges. \" (iDefense)",
      "evaluatorSolution": "\"Fixes are available for the current release of Ingres 2006 release 2 (9.1.0), for Ingres 2006 release 1 (9.0.4), and for Ingres 2.6 versions on their respective platforms. The security fixes are available and can be quickly applied with little to no anticipated impact to systems.\r\n\r\nIngres customers with a current support contract can review the following knowledge base document for information on downloading the available fixes:\r\nhttp://servicedesk.ingres.com/CAisd/pdmweb.ingres?OP=SHOW_DETAIL+PERSID=KD:416012+HTMPL=kt_document_view.htmpl\r\n\r\n(ingres.com)",
      "id": "CVE-2008-3389",
      "lastModified": "2024-11-21T00:49:08.390",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2008-08-05T19:41:00.000",
      "references": "[{\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/31357\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/31398\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1020615\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ingres.com/support/security-alert-080108.php\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/495177/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/30512\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2292\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2313\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/44179\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/31357\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/31398\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1020615\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ingres.com/support/security-alert-080108.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/495177/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/30512\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2292\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2313\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/44179\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-3389\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-08-05T19:41:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer basado en pila en la librer\u00eda libbecompat en Ingres 2.6, Ingres 2006 versi\u00f3n 1 (alias 9.0.4), y Ingres 2006 versi\u00f3n 2 (alias 9.1.0) en Linux y HP-UX que permite a los usuarios locales aumentar sus privilegios estableciendo un valor largo de una variable de entorno antes de ejecutar (1) verifydb, (2) iimerge, or (3) csreport.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61A4F116-1FEE-450E-99AE-6AD9ACDDE570\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"155AD4FB-E527-4103-BCEF-801B653DEA37\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ingres:ingres:2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCE11A92-56B9-43A2-9E3D-D511AE713F45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ingres:ingres:2006:9.0.4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D988634E-4C81-457B-AA97-9C55575E9DB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ingres:ingres:2006:9.1.0:*:*:*:*:*:*\",\"matchCriteriaId\":\"708FD550-E400-4973-979B-3D9932EBFC80\"}]}]}],\"references\":[{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/31357\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/31398\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1020615\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ingres.com/support/security-alert-080108.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/archive/1/495177/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/30512\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2292\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2313\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/44179\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/31357\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/31398\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1020615\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ingres.com/support/security-alert-080108.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/archive/1/495177/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/30512\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2292\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2313\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/44179\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}],\"evaluatorSolution\":\"\\\"Fixes are available for the current release of Ingres 2006 release 2 (9.1.0), for Ingres 2006 release 1 (9.0.4), and for Ingres 2.6 versions on their respective platforms. The security fixes are available and can be quickly applied with little to no anticipated impact to systems.\\r\\n\\r\\nIngres customers with a current support contract can review the following knowledge base document for information on downloading the available fixes:\\r\\nhttp://servicedesk.ingres.com/CAisd/pdmweb.ingres?OP=SHOW_DETAIL+PERSID=KD:416012+HTMPL=kt_document_view.htmpl\\r\\n\\r\\n(ingres.com)\",\"evaluatorImpact\":\"\\\"Exploitation of this vulnerability allows an attacker to execute arbitrary code with the privileges of the \\\"ingres\\\" user. By itself, this vulnerability does not have very serious consequences. However, when combined with the library loading vulnerability, it allows an attacker to execute arbitrary code with root privileges. \\\" (iDefense)\"}}"
  }
}

GSD-2008-3389

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2008-3389

Aliases

CVE-2008-3389

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-3389",
    "description": "Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport.",
    "id": "GSD-2008-3389"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-3389"
      ],
      "details": "Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport.",
      "id": "GSD-2008-3389",
      "modified": "2023-12-13T01:23:05.384691Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-3389",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1020615",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1020615"
          },
          {
            "name": "20080801 Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability",
            "refsource": "IDEFENSE",
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732"
          },
          {
            "name": "http://www.ingres.com/support/security-alert-080108.php",
            "refsource": "CONFIRM",
            "url": "http://www.ingres.com/support/security-alert-080108.php"
          },
          {
            "name": "ADV-2008-2292",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/2292"
          },
          {
            "name": "31398",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/31398"
          },
          {
            "name": "ADV-2008-2313",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/2313"
          },
          {
            "name": "31357",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/31357"
          },
          {
            "name": "ingres-libbecompat-bo(44179)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44179"
          },
          {
            "name": "20080806 CA Products That Embed Ingres Multiple Vulnerabilities",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/495177/100/0/threaded"
          },
          {
            "name": "30512",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/30512"
          },
          {
            "name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989",
            "refsource": "CONFIRM",
            "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:ingres:ingres:2006:9.0.4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ingres:ingres:2006:9.1.0:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ingres:ingres:2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3389"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20080801 Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "tags": [
                "Broken Link"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732"
            },
            {
              "name": "http://www.ingres.com/support/security-alert-080108.php",
              "refsource": "CONFIRM",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.ingres.com/support/security-alert-080108.php"
            },
            {
              "name": "30512",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/30512"
            },
            {
              "name": "1020615",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://securitytracker.com/id?1020615"
            },
            {
              "name": "31357",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/31357"
            },
            {
              "name": "31398",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/31398"
            },
            {
              "name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989",
              "refsource": "CONFIRM",
              "tags": [
                "Broken Link"
              ],
              "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989"
            },
            {
              "name": "ADV-2008-2313",
              "refsource": "VUPEN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2313"
            },
            {
              "name": "ADV-2008-2292",
              "refsource": "VUPEN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2292"
            },
            {
              "name": "ingres-libbecompat-bo(44179)",
              "refsource": "XF",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44179"
            },
            {
              "name": "20080806 CA Products That Embed Ingres Multiple Vulnerabilities",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/495177/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-11T20:48Z",
      "publishedDate": "2008-08-05T19:41Z"
    }
  }
}

VAR-200808-0315

Vulnerability from variot - Updated: 2023-12-18 12:23

Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport. Ingres Database is prone to multiple local vulnerabilities: - Multiple local privilege-escalation vulnerabilities - A vulnerability that may allow attackers to overwrite arbitrary files. Local attackers can exploit these issues to gain elevated privileges on the affected computer, execute arbitrary code with superuser privileges, and overwrite arbitrary files owned by 'Ingres' user. iDefense Security Advisory 08.01.08 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 01, 2008

I. BACKGROUND

Ingres Database is a database server used in several Computer Associates' products. For example, CA Directory Service use thes Ingres Database server. More information can be found on the vendor's website at the following URL.

http://ingres.com/downloads/prod-cert-download.php

II.

The vulnerability exists within the "libbecompat" library that is used by several of the set-uid "ingres" utilities included with Ingres. When copying a user supplied environment variable into a fixed-size stack buffer, the library fails to check the length of the source string.

III. By itself, this vulnerability does not have very serious consequences.

IV. DETECTION

iDefense has confirmed the existence of this vulnerability in Ingres 2006 Enterprise Edition Release 2 for Linux x86 (32-bit). Other versions may also be affected.

V. WORKAROUND

iDefense is currently unaware of any workaround for this issue.

VI. VENDOR RESPONSE

"This problem has been identified and resolved by Ingres in the following releases: Ingres 2006 release 2 (9.1.0), Ingres 2006 release 1 (9.0.4), and Ingres 2.6."

For more information, refer to Ingres' advisory at the following URL.

http://www.ingres.com/support/security-alert-080108.php

VII. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2008-3389 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.

VIII. DISCLOSURE TIMELINE

07/20/2007 Initial vendor response 07/23/2007 Initial vendor notification 08/01/2008 Coordinated public disclosure

IX. CREDIT

The discoverer of this vulnerability wishes to remain anonymous.

Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php

Free tools, research and upcoming events http://labs.idefense.com/

X. LEGAL NOTICES

Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.

Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. Title: CA Products That Embed Ingres Multiple Vulnerabilities

CA Advisory Date: 2008-08-01

Reported By: iDefense Labs

Impact: A remote attacker can execute arbitrary code, gain privileges, or cause a denial of service condition.

Summary: CA products that embed Ingres contain multiple vulnerabilities that can allow a remote attacker to execute arbitrary code, gain privileges, or cause a denial of service condition. These vulnerabilities exist in the products and on the platforms listed below. These vulnerabilities do not impact any Windows-based Ingres installation. The first vulnerability, CVE-2008-3356, allows an unauthenticated attacker to potentially set the user and/or group ownership of a verifydb log file to be Ingres allowing read/write permissions to both. The third vulnerability, CVE-2008-3389, allows an unauthenticated attacker to obtain ingres user privileges. However, when combined with the unsecured directory privileges vulnerability (CVE–2008-3357), root privileges can be obtained.

Mitigating Factors: These vulnerabilities do not impact any Windows-based Ingres installation.

Severity: CA has given these vulnerabilities a High risk rating.

Affected Products: Admin r8.1 SP2 Advantage Data Transformer r2.2 Allfusion Harvest Change Manager r7.1 CA ARCserve Backup for Unix r11.1, r11.5 GA/SP1/SP2/SP3 CA ARCserve Backup for Linux r11.1, r11.5 GA/SP1/SP2/SP3 CA Directory r8.1 CA Job Management Option R11.0 CA Single Sign-On r8.1 CleverPath Aion BPM r10.1, r10.2 EEM 8.1, 8.2, 8.2.1 eTrust Audit/SCC 8.0 sp2 Identity Manager r12 NSM 3.0 0305, 3.1 0403, r3.1 SP1 0703, r11 Unicenter Asset Management r11.1, r11.2 Unicenter Remote Control r11.2 Unicenter Service Catalog r2.2, r11.1 Unicenter Service Metric Analysis r11.1 Unicenter ServicePlus Service Desk 6.0, r11, r11.1, r11.2 Unicenter Software Delivery r11.1, r11.2 Unicenter Workload Control Center r11

Affected Platforms: 1. Ingres verifydb file create permission override (CVE-2008-3356) This vulnerability impacts all platforms except Windows. 2. Ingres un-secure directory privileges with utility ingvalidpw (CVE - 2008-3357) This vulnerability impacts only Linux and HP platforms. 3. Ingres verifydb, iimerge, csreport buffer overflow (CVE-2008-3389) This vulnerability impacts only Linux and HP platforms.

Status and Recommendation: The most prudent course of action for affected customers is to download and apply the corrective maintenance. However, updates are provided only for the following releases: 2.6 and r3

Important: Customers using products that embed an earlier version of Ingres r3 should upgrade Ingres to the release that is currently supported (3.0.3/103 on Linux and 3.0.3/211 on UNIX platforms) before applying the maintenance updates. Please contact your product's Technical Support team for more information.

For these products: Admin r8.1 SP2 CA ARCserve Backup for Linux r11.5 SP2/SP3 CA Directory r8.1 CA Job Management Option R11.0 CA Single Sign-On r8.1 EEM 8.2 EEM 8.2.1 Identity Manager r12 NSM r11 Unicenter Asset Management r11.1 Unicenter Asset Management r11.2 Unicenter Remote Control r11.2 Unicenter Service Catalog r11.1 Unicenter Service Metric Analysis r11.1 Unicenter ServicePlus Service Desk r11 Unicenter ServicePlus Service Desk r11.1 Unicenter ServicePlus Service Desk r11.2 Unicenter Software Delivery r11.1 Unicenter Software Delivery r11.2 Unicenter Workload Control Center r11

Apply the update below that is listed for your platform (note that URLs may wrap):

AIX [3.0.3 (r64.us5/211)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.211.12833-r64-us5.tar.z

HP-UX Itanium [3.0.3 (i64.hpu/211)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.211.12831-i64-hpu.tar.z

HP-UX RISC [3.0.3 (hp2.us5/211)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.211.12830-hp2-us5.tar.z

Linux AMD [3.0.3 (a64.lnx/211)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.211.12835-a64-lnx.tar.z

Linux Intel 32bit [3.0.3 (int.lnx/103)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.103.12836-int-lnx.tar.z

Linux Itanium [3.0.3 (i64.lnx/211)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.211.12838-i64-lnx.tar.z

Solaris SPARC [3.0.3 (su9.us5/211)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.211.12834-su9-us5.tar.z

Solaris x64/x86 [3.0.3 (a64.sol/211)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.211.12832-a64-sol.tar.z

Ingres r3 Vulnerability Updates Install Steps (August 1, 2008)

Unix/Linux: 1. Log on to your system using the installation owner account and make sure the environment is set up correctly: 1. II_SYSTEM must be set to the Ingres system files 2. PATH must include $II_SYSTEM/bin and $II_SYSTEM/utility directories. 2. Change directory to the root directory of the Ingres installation or use a previously created directory. cd $II_SYSTEM/ingres or cd 3. Copy the download maintenance update file in to the current directory and uncompress 4. Read in the update file with the following commands: umask 022 tar xf [update_file] This will create the directory: $II_SYSTEM/ingres/patchXXXXX or /patchXXXXX Note: ‘XXXXX' in patchXXXXX refers to the update number 5. Stop all Ingres processes with the ‘ingstop' utility: ingstop 6. Change directory to the patch directory: cd patchXXXXX 7. Within the patch directory run the following command: ./utility/iiinstaller Please check the $II_SYSTEM/ingres/files/patch.log file to make sure the patch was applied successfully. Also check the $II_SYSTEM/ingres/version.rel to make sure the patch is referenced. Note: The patch can also be installed silently using the ‘-m' flag with iiinstaller: ./utility/iiinstaller -m 8. Once the patch install has been complete, re-link the iimerge binary with the following command: iilink 9. Ingres can then be restarted with the ‘ingstart' utility: ingstart

For these products: Advantage Data Transformer r2.2 Allfusion Harvest Change Manager r7.1 ARCserve for Linux r11.5 GA/SP1 CleverPath Aion BPM r10.1 CleverPath Aion BPM r10.2

Apply the build below that is listed for your platform (note that URLs may wrap):

AIX ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/install-3.0.3.211.12833-r64-us5.tar

HP-UX Itanium ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/install-3.0.3.211.12831-i64-hpu.tar

HP-UX RISC ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/install-3.0.3.211.12830-hp2-us5.tar

Linux AMD EI build ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/ingres-3.0.3-211-EI-linux-x86_64.tar.gz

Linux AMD II build ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/ingres-3.0.3-211-linux-x86_64.tgz

Linux Intel EI build ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/ingres-3.0.3-103-EI-linux-i386.tgz

Linux Intel II build ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/ingres-3.0.3-103-pc-linux-i386.tgz

Linux Itanium EI build ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/ingres-3.0.3-211-EI-linux-ia64.tar.gz

Linux Itanium II build ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/ingres-3.0.3-211-linux-ia64.tgz

Solaris SPARC ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/install-3.0.3.211.12834-su9-us5.tar

Solaris x64/x86 ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/install-3.0.3.211.12832-a64-sol.tar

Ingres r3 Build Install Steps (August 1, 2008)

Important: Prior to installing the build, a full operating system backup of the $II_SYSTEM/ingres directory on Unix/Linux and %II_SYSTEM%\ingres directory on Windows must be taken with Ingres completely shut down. Also, a backup of any other DATA locations that you may have must be taken, again with Ingres shut down. In case there is a problem with the update install, this allows Ingres to be restored from the backup.

Unix: 1. Log in to the system as the installation owner and make sure the environment is set up correctly: 1. II_SYSTEM must be set to the Ingres home directory 2. PATH must include $II_SYSTEM/ingres/bin and $II_SYSTEM/ingres/utility directories 3. Add $II_SYSTEM/ingres/lib to the shared library path 4. Set TERM to ‘vt100' and TERM_INGRES to ‘vt100fx' 2. Copy the downloaded update file to the /tmp directory and uncompress 3. Read in the update file with the following commands: umask 022 tar xf [update_file] This creates a directory containing the distribution and other files. 4. Stop all applications that may be connected to or using any of the files in the Ingres instance. 5. Stop all Ingres processes with the ‘ingstop' utility: ingstop 6. Important: Take an operating system backup of the $II_SYSTEM/ingres directory and other DATA locations that you may have elsewhere. Also, copy the $II_SYSTEM/ingres/files/config.dat and $II_SYSTEM/ingres/files/symbol.tbl files to a safe location to ensure that the configuration can be restored. 7. From the root directory of the Ingres installation ($II_SYSTEM/ingres), run the following command: tar xf /tmp//ingres.tar install 8. Run the following command: install/ingbuild 9. The initial install screen appears. 10. In the Distribution medium enter the full path to the ‘ingres.tar' file (including the file) (See step 4). 11. Choose PackageInstall from the list of installation options and then choose ‘Stand alone DBMS Server' from the list of packages. Then choose ExpressInstall. 12. Choose Yes in the pop-up screen and press Enter key. The install utility verifies that each component was transferred properly from the distribution medium. When this is finished (without errors), another pop-up screen for setting up the components comes up. 13. Select Yes and press Enter key to go to the Setup program. 14. Once the installation is complete, check the $II_SYSTEM/ingres/files/install.log for any errors. Also, check the $II_SYSTEM/ingres/version.rel file to verify the new build is referenced; this should show 3.0.3 for the build. 15. If there are no errors, then restore the $II_SYSTEM/ingres/files/config.dat and $II_SYSTEM/ingres/files/symbol.tbl files from the copies made in step 6 to replace the existing files. 16. Start Ingres using the ‘ingstart' utility: ingstart 17. Upgrade the databases in the installation to the new release level: upgradedb -all

Linux: 1. Log on to the machine as ‘root'. 2. Copy the downloaded build update file and to a previously chosen directory and uncompress. 3. Read in the update file with the following command: tar xf [update file] This creates a directory containing rpm packages for all of the Ingres tools. 4. Shut down any non-Ingres application(s) that may be connected to or using any of the files in the specified Ingres instance. 5. Stop all Ingres processes with the ‘ingstop' utility: ingstop 6. Important: Take an operating system backup of the $II_SYSTEM/ingres directory and other DATA locations that you may have elsewhere. 7. From the directory that was created in step 3, install the update rpms with the following command: rpm –Uvh *.rpm If the following error is seen for either the ‘ca-ingres-documentation-3.0.3-103', the ‘ca-ingres-CATOSL-3.0.3-103' or the ‘ca-cs-utils-11.0.04348-0000' (or all of them) packages, remove them from the directory containing the rpms and re-run the above command: package is already installed 8. If the installation finishes successfully, then log on as ‘ingres' to the machine and start Ingres using the ‘ingstart' utility: ingstart 9. Upgrade ‘mdb' database with the following command: upgradedb -all

For these products: CA ARCserve Backup for Unix r11.1 CA ARCserve Backup for Unix r11.5 GA/SP1/SP2 CA ARCserve Backup for Unix r11.5 SP3 CA ARCserve Backup for Linux r11.1 EEM 8.1 eTrust Audit/SCC 8.0 sp2 NSM 3.0 0305 NSM 3.1 0403 NSM r3.1 SP1 0703 Unicenter Service Catalog r2.2 Unicenter ServicePlus Service Desk 6.0

Apply the update below that is listed for your platform (note that URLs may wrap):

AIX 32bit [2.6/xxxx (rs4.us5/00)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12718.tar.Z

AIX 64bit [2.6/xxxx (r64.us5/00)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12798.tar.Z

HP-UX with ARCserve 11.1 or 11.5/GA/SP1/SP2/SP3 https://support.ca.com/irj/portal/anonymous/solndtls?aparNo=RO01277&os=HP&actionID=3

HP-UX Itanium [2.6/xxxx (i64.hpu/00)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12748.tar.Z

HP-UX RISC 32bit [2.6/xxxx (hpb.us5/00)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12742.tar.Z

HP-UX RISC 32bit [2.6/xxxx (hpb.us5/00)DBL] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12888.tar.Z

HP-UX RISC 64bit [2.6/xxxx (hp2.us5/00)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12749.tar.Z

HP Tru64 UNIX [2.6/xxxx (axp.osf/00)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12676.tar.Z

Linux AMD64 [2.6/xxxx (a64.lnx/00)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12809.tar.Z

Linux Intel 32bit [2.6/xxxx (int.lnx/00)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12645.tar.Z

Linux Intel 32bit [2.6/xxxx (int.lnx/00)DBL] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12647.tar.Z

Linux Intel 32bit [2.6/xxxx (int.lnx/00)LFS] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12646.tar.Z

Linux Itanium [2.6/xxxx (i64.lnx/00)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12648.tar.Z

Linux S/390 [2.6/xxxx (ibm.lnx/00)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12877.tar.Z

Solaris SPARC 32bit [2.6/xxxx (su4.us5/00)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12713.tar.Z

Solaris SPARC 32bit double [2.6/xxxx (su4.us5/00)DBL] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12879.tar.Z

Solaris SPARC 64bit [2.6/xxxx (su9.us5/00)] ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12751.tar.Z

Ingres 2.6 Vulnerability Updates Install Steps (August 1, 2008)

How to determine if you are affected:

For these products: Admin r8.1 SP2 ARCserve for Linux r11.5 SP2/SP3 CA Directory r8.1 CA Job Management Option R11.0 CA Single Sign-On r8.1 EEM 8.2 EEM 8.2.1 Identity Manager r12 NSM r11 Unicenter Asset Management r11.1 Unicenter Asset Management r11.2 Unicenter Remote Control r11.2 Unicenter Service Catalog r11.1 Unicenter Service Metric Analysis r11.1 Unicenter ServicePlus Service Desk r11 Unicenter ServicePlus Service Desk r11.1 Unicenter ServicePlus Service Desk r11.2 Unicenter Software Delivery r11.1 Unicenter Software Delivery r11.2 Unicenter Workload Control Center r11

The Ingres release information is maintained in %II_SYSTEM%\ingres\version.rel: UNIX or Linux: cat version.rel

The release identifier will be as follows: Operating System Release identifier HP Sparc 32/64bit II 3.0.3 (hp2.us5/211) HP Itanium II 3.0.3 (i64.hpu/211) Intel Solaris 32/64bit II 3.0.3 (a64.sol/211) AIX 32/64bit II 3.0.3 (r64.us5/211) Solaris 32/64bit II 3.0.3 (su9.us5/211) AMD Linux II 3.0.3 (a64.lnx/211) Intel Linux II 3.0.3 (int.lnx/103) Itanium Linux II 3.0.3 (i64.lnx/211)

Notes: 1. You would need to install the Ingres build instead of the patch if either of the following is true: 1. If the Ingres release for your platform is not 3.0.3 in the release identifier or 2. The Ingres release is 3.0.3 but the build level is not 103 for Linux and 211 for all the Unix platforms. If either of the above is true then download and apply the latest build for your operating system(s). 2. If the OS platform you are running Ingres on is not listed, please contact Technical Support.

For these products: Advantage Data Transformer r2.2 Allfusion Harvest Change Manager r7.1 ARCserve for Linux r11.5 GA/SP1 CleverPath Aion BPM r10.1 CleverPath Aion BPM r10.2

The maintenance updates are provided for the latest r3 builds supported by CA which are 3.0.3/103 (Linux) and 3.03/211 (UNIX platforms). If the build embedded is earlier than 3.0.3, it has to be upgraded to 3.0.3 to fix the vulnerabilities.

The Ingres release information is maintained in %II_SYSTEM%\ingres\version.rel: UNIX or Linux: cat version.rel

Important: For Linux (AMD, Intel and Itanium) platforms, after applying the build provided on this page, please download and apply the maintenance update. For the other platforms, the builds are patched to the latest maintenance update. Note: 1. If the release you are using is already 3.0.3 build 103 on Linux and 3.0.3 build 211 on Unix, then download and install the maintenance update. 2. If the OS platform you are running Ingres on is not listed, please contact Technical Support.

The Ingres release information is maintained in %II_SYSTEM%\ingres\version.rel: UNIX or Linux: cat version.rel

The release identifier will be as follows: Operating System Release identifier AIX 32bit II 2.6/xxxx (rs4.us5/00) AIX 64bit II 2.6/xxxx (r64.us5/00) HP-UX Itanium II 2.6/xxxx (i64.hpu/00) HP-UX RISC 32bit II 2.6/xxxx (hpb.us5/00) HP-UX RISC 32bit II 2.6/xxxx (hpb.us5/00)DBL HP-UX RISC 64bit II 2.6/xxxx (hp2.us5/00) HP Tru64 UNIX II 2.6/xxxx (axp.osf/00) Linux AMD64 II 2.6/xxxx (a64.lnx/00) Linux Intel 32bit II 2.6/xxxx (int.lnx/00) Linux Intel 32bit II 2.6/xxxx (int.lnx/00)DBL Linux Intel 32bit II 2.6/xxxx (int.lnx/00)LFS Linux Itanium II 2.6/xxxx (i64.lnx/00) Linux S/390 II 2.6/xxxx (ibm.lnx/00) Solaris SPARC 32bit II 2.6/xxxx (su4.us5/00) Solaris SPARC 32bit double II 2.6/xxxx (su4.us5/00)DBL Solaris SPARC 64bit II 2.6/xxxx (su9.us5/00)

Note: 1. If the Ingres release embedded in your product is not 2.6, please get the appropriate update here. 2. If the OS platform you are running Ingres on is not listed, please contact Technical Support. 3. For HP-UX platform with CA ARCserve Backup 11.1 or 11.5/GA/SP1/SP2/SP3, download the published ARCserve fix, RO01277: https://support.ca.com/irj/portal/anonymous/solndtls?aparNo=RO01277&os=HP&actionID=3 and follow the enclosed instructions to install the security patch.

Workaround: None

References (URLs may wrap): CA Support: http://support.ca.com/ Security Notice for CA Products That Embed Ingres https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989 Solution Document Reference APARs: RO01277 (ARCserve only) CA Security Response Blog posting: CA Products That Embed Ingres Multiple Vulnerabilities community.ca.com/blogs/casecurityresponseblog/archive/2008/08/06.aspx Reported By: iDefense Labs Ingres Database for Linux verifydb Insecure File Permissions Modification Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=731 Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732 Ingres Database for Linux ingvalidpw Untrusted Library Path Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=733 Ingres Security Vulnerability Announcement as of August 01, 2008 http://www.ingres.com/support/security-alert-080108.php CVE References: CVE-2008-3356 - Ingres verifydb file create permission override. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3356 CVE-2008-3357 - Ingres un-secure directory privileges with utility ingvalidpw. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3357 CVE-2008-3389 - Ingres verifydb, iimerge, csreport buffer overflow. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3389 OSVDB References: Pending http://osvdb.org/

Changelog for this advisory: v1.0 - Initial Release

Customers who require additional information should contact CA Technical Support at http://support.ca.com.

For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.

If you discover a vulnerability in CA products, please report your findings to our product security response team. https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782

Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research

CA, 1 CA Plaza, Islandia, NY 11749

Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2008 CA. All rights reserved. ----------------------------------------------------------------------

Want a new job?

http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/

International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/

TITLE: Ingres Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA31357

VERIFY ADVISORY: http://secunia.com/advisories/31357/

CRITICAL: Less critical

IMPACT: Privilege escalation

WHERE: Local system

SOFTWARE: Ingres 2.x http://secunia.com/product/14576/ Ingres 2006 (9.x) http://secunia.com/product/14574/

DESCRIPTION: Some vulnerabilities have been reported in Ingres, which can be exploited by malicious, local users to gain escalated privileges.

1) An error exists in the "verifydb" utility due to improperly changing permissions on files and having the setuid-bit set (owned by the "ingres" user). via a specially crafted environmental variable.

3) An error exists within the "ingvalidpw" utility due to being setuid "root" and loading shared libraries from a directory owned by the "ingres" user.

SOLUTION: The vendor has issued fixes. Please see the knowledge base document (customer login required). http://servicedesk.ingres.com/CAisd/pdmweb.ingres?OP=SHOW_DETAIL+PERSID=KD:416012+HTMPL=kt_document_view.htmpl

PROVIDED AND/OR DISCOVERED BY: An anonymous researcher, reported via iDefense.

ORIGINAL ADVISORY: Ingres: http://www.ingres.com/support/security-alert-080108.php

iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=731 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=733

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200808-0315",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ingres",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "ingres",
        "version": "2.6"
      },
      {
        "model": "ingres",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ingres",
        "version": "2006"
      },
      {
        "model": "ingres",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ingres",
        "version": "2006 release 1"
      },
      {
        "model": "ingres",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ingres",
        "version": "and  2006 release 2"
      },
      {
        "model": "hp-ux",
        "scope": null,
        "trust": 0.6,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "database",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ingres",
        "version": "20069.1"
      },
      {
        "model": "database",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ingres",
        "version": "20069.0.4"
      },
      {
        "model": "database",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ingres",
        "version": "20060"
      },
      {
        "model": "associates unicenter software delivery",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.2"
      },
      {
        "model": "associates unicenter software delivery",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates unicenter serviceplus service desk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "6.0"
      },
      {
        "model": "associates unicenter serviceplus service desk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.2"
      },
      {
        "model": "associates unicenter serviceplus service desk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates unicenter serviceplus service desk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11"
      },
      {
        "model": "associates unicenter service metric analysis",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates unicenter service catalog",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "2.2"
      },
      {
        "model": "associates unicenter service catalog",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates unicenter remote control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.2"
      },
      {
        "model": "associates unicenter asset management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.2"
      },
      {
        "model": "associates unicenter asset management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates single sign-on",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "8.1"
      },
      {
        "model": "associates nsm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "0"
      },
      {
        "model": "associates job management option",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.0"
      },
      {
        "model": "associates identity manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "12"
      },
      {
        "model": "associates etrust audit/scc sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "8.0"
      },
      {
        "model": "associates eem",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "8.2.1"
      },
      {
        "model": "associates eem",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "8.2"
      },
      {
        "model": "associates eem",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "8.1"
      },
      {
        "model": "associates directory",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "8.1"
      },
      {
        "model": "associates cleverpath aion bpm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "10.2"
      },
      {
        "model": "associates cleverpath aion bpm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "10.1"
      },
      {
        "model": "associates ca arcserve backup for unix ga",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates arcserve backup for unix sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.5"
      },
      {
        "model": "associates arcserve backup for unix sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.5"
      },
      {
        "model": "associates arcserve backup for unix ga",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.5"
      },
      {
        "model": "associates arcserve backup for unix sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates arcserve backup for unix sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates arcserve backup for unix sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates arcserve backup for linux sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.5"
      },
      {
        "model": "associates arcserve backup for linux sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.5"
      },
      {
        "model": "associates arcserve backup for linux sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.5"
      },
      {
        "model": "associates arcserve backup for linux ga",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.5"
      },
      {
        "model": "associates arcserve backup for linux sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates arcserve backup for linux sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates arcserve backup for linux sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates arcserve backup for linux ga",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates advantage data transformer",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "2.2"
      },
      {
        "model": "associates admin",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "8.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "30512"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004693"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3389"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200808-050"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:ingres:ingres:2006:9.0.4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ingres:ingres:2006:9.1.0:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ingres:ingres:2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-3389"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "iDEFENSE",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200808-050"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2008-3389",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 4.6,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2008-3389",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2008-3389",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200808-050",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004693"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3389"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200808-050"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport. Ingres Database is prone to multiple local vulnerabilities:\n- Multiple local privilege-escalation vulnerabilities\n- A vulnerability that may allow attackers to overwrite arbitrary files. \nLocal attackers can exploit these issues to gain elevated privileges on the affected computer, execute arbitrary code with superuser privileges, and overwrite arbitrary files owned by \u0027Ingres\u0027 user. iDefense Security Advisory 08.01.08\nhttp://labs.idefense.com/intelligence/vulnerabilities/\nAug 01, 2008\n\nI. BACKGROUND\n\nIngres Database is a database server used in several Computer\nAssociates\u0027 products. For example, CA Directory Service use thes Ingres\nDatabase server. More information can be found on the vendor\u0027s website\nat the following URL. \n\nhttp://ingres.com/downloads/prod-cert-download.php\n\nII. \n\nThe vulnerability exists within the \"libbecompat\" library that is used\nby several of the set-uid \"ingres\" utilities included with Ingres. When\ncopying a user supplied environment variable into a fixed-size stack\nbuffer, the library fails to check the length of the source string. \n\nIII. By itself,\nthis vulnerability does not have very serious consequences. \n\nIV. DETECTION\n\niDefense has confirmed the existence of this vulnerability in Ingres\n2006 Enterprise Edition Release 2 for Linux x86 (32-bit). Other\nversions may also be affected. \n\nV. WORKAROUND\n\niDefense is currently unaware of any workaround for this issue. \n\nVI. VENDOR RESPONSE\n\n\"This problem has been identified and resolved by Ingres in the\nfollowing releases: Ingres 2006 release 2 (9.1.0), Ingres 2006 release\n1 (9.0.4), and Ingres 2.6.\"\n\nFor more information, refer to Ingres\u0027 advisory at the following URL. \n\nhttp://www.ingres.com/support/security-alert-080108.php\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2008-3389 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n07/20/2007  Initial vendor response\n07/23/2007  Initial vendor notification\n08/01/2008  Coordinated public disclosure\n\nIX. CREDIT\n\nThe discoverer of this vulnerability wishes to remain anonymous. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2008 iDefense, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically,\nplease e-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct,\nindirect, or consequential loss or damage arising from use of, or\nreliance on, this information. \nTitle: CA Products That Embed Ingres Multiple Vulnerabilities\n\n\nCA Advisory Date: 2008-08-01\n\n\nReported By: iDefense Labs\n\n\nImpact: A remote attacker can execute arbitrary code, gain \nprivileges, or cause a denial of service condition. \n\n\nSummary: CA products that embed Ingres contain multiple \nvulnerabilities that can allow a remote attacker to execute \narbitrary code, gain privileges, or cause a denial of service \ncondition. These vulnerabilities exist in the products and on the \nplatforms listed below. These vulnerabilities do not impact any \nWindows-based Ingres installation. The first vulnerability, \nCVE-2008-3356, allows an unauthenticated attacker to potentially \nset the user and/or group ownership of a verifydb log file to be \nIngres allowing read/write permissions to both. The third \nvulnerability, CVE-2008-3389, allows an unauthenticated attacker \nto obtain ingres user privileges. However, when combined with the \nunsecured directory privileges vulnerability (CVE\u20132008-3357), root \nprivileges can be obtained. \n\n\nMitigating Factors: These vulnerabilities do not impact any \nWindows-based Ingres installation. \n\n\nSeverity: CA has given these vulnerabilities a High risk rating. \n\n\nAffected Products:\nAdmin r8.1 SP2\nAdvantage Data Transformer r2.2\nAllfusion Harvest Change Manager r7.1\nCA ARCserve Backup for Unix r11.1, r11.5 GA/SP1/SP2/SP3\nCA ARCserve Backup for Linux r11.1, r11.5 GA/SP1/SP2/SP3\nCA Directory r8.1\nCA Job Management Option R11.0\nCA Single Sign-On r8.1\nCleverPath Aion BPM r10.1, r10.2\nEEM 8.1, 8.2, 8.2.1\neTrust Audit/SCC 8.0 sp2\nIdentity Manager r12\nNSM 3.0 0305, 3.1 0403, r3.1 SP1 0703, r11\nUnicenter Asset Management r11.1, r11.2\nUnicenter Remote Control r11.2\nUnicenter Service Catalog r2.2, r11.1\nUnicenter Service Metric Analysis r11.1\nUnicenter ServicePlus Service Desk 6.0, r11, r11.1, r11.2\nUnicenter Software Delivery r11.1, r11.2\nUnicenter Workload Control Center r11\n\n\nAffected Platforms:\n1. Ingres verifydb file create permission override (CVE-2008-3356)\n   This vulnerability impacts all platforms except Windows. \n2. Ingres un-secure directory privileges with utility ingvalidpw \n   (CVE - 2008-3357)\n   This vulnerability impacts only Linux and HP platforms. \n3. Ingres verifydb, iimerge, csreport buffer overflow \n   (CVE-2008-3389)\n   This vulnerability impacts only Linux and HP platforms. \n\n\nStatus and Recommendation:\nThe most prudent course of action for affected customers is to \ndownload and apply the corrective maintenance. However, updates \nare provided only for the following releases: 2.6 and r3\n\nImportant: Customers using products that embed an earlier version \nof Ingres r3 should upgrade Ingres to the release that is \ncurrently supported (3.0.3/103 on Linux and 3.0.3/211 on UNIX \nplatforms) before applying the maintenance updates. Please contact \nyour product\u0027s Technical Support team for more information. \n\nFor these products:\nAdmin r8.1 SP2\nCA ARCserve Backup for Linux r11.5 SP2/SP3\nCA Directory r8.1\nCA Job Management Option R11.0\nCA Single Sign-On r8.1\nEEM 8.2\nEEM 8.2.1\nIdentity Manager r12\nNSM r11\nUnicenter Asset Management r11.1\nUnicenter Asset Management r11.2\nUnicenter Remote Control r11.2\nUnicenter Service Catalog r11.1\nUnicenter Service Metric Analysis r11.1\nUnicenter ServicePlus Service Desk r11\nUnicenter ServicePlus Service Desk r11.1\nUnicenter ServicePlus Service Desk r11.2\nUnicenter Software Delivery r11.1\nUnicenter Software Delivery r11.2\nUnicenter Workload Control Center r11\n\nApply the update below that is listed for your platform (note that \nURLs may wrap):\n\nAIX [3.0.3 (r64.us5/211)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.211.12833-r64-us5.tar.z\n\nHP-UX Itanium [3.0.3 (i64.hpu/211)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.211.12831-i64-hpu.tar.z\n\nHP-UX RISC [3.0.3 (hp2.us5/211)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.211.12830-hp2-us5.tar.z\n\nLinux AMD [3.0.3 (a64.lnx/211)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.211.12835-a64-lnx.tar.z\n\nLinux Intel 32bit [3.0.3 (int.lnx/103)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.103.12836-int-lnx.tar.z\n\nLinux Itanium [3.0.3 (i64.lnx/211)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.211.12838-i64-lnx.tar.z\n\nSolaris SPARC [3.0.3 (su9.us5/211)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.211.12834-su9-us5.tar.z\n\nSolaris x64/x86 [3.0.3 (a64.sol/211)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.211.12832-a64-sol.tar.z\n\nIngres r3 Vulnerability Updates Install Steps (August 1, 2008)\n\nUnix/Linux:\n1. Log on to your system using the installation owner account and \n   make sure the environment is set up correctly:\n      1. II_SYSTEM must be set to the Ingres system files\n      2. PATH must include $II_SYSTEM/bin and $II_SYSTEM/utility \n         directories. \n2. Change directory to the root directory of the Ingres \n   installation or use a previously created directory. \n      cd $II_SYSTEM/ingres\n      or\n      cd \u003cpatch_directory\u003e\n3. Copy the download maintenance update file in to the current \n   directory and uncompress\n4. Read in the update file with the following commands:\n      umask 022\n      tar xf [update_file]\n      This will create the directory:\n      $II_SYSTEM/ingres/patchXXXXX\n      or\n      \u003cpatch_directory\u003e/patchXXXXX\n      Note: \u2018XXXXX\u0027 in patchXXXXX refers to the update number\n5. Stop all Ingres processes with the \u2018ingstop\u0027 utility:\n      ingstop\n6. Change directory to the patch directory:\n      cd patchXXXXX\n7. Within the patch directory run the following command:\n      ./utility/iiinstaller\n      Please check the $II_SYSTEM/ingres/files/patch.log file to \n      make sure the patch was applied successfully. Also check the \n      $II_SYSTEM/ingres/version.rel to make sure the patch is \n      referenced. \n      Note: The patch can also be installed silently using the \u2018-m\u0027 \n      flag with iiinstaller:\n      ./utility/iiinstaller -m\n8. Once the patch install has been complete, re-link the iimerge \n   binary with the following command:\n      iilink\n9. Ingres can then be restarted with the \u2018ingstart\u0027 utility:\n      ingstart\n\nFor these products:\nAdvantage Data Transformer r2.2\nAllfusion Harvest Change Manager r7.1\nARCserve for Linux r11.5 GA/SP1\nCleverPath Aion BPM r10.1\nCleverPath Aion BPM r10.2\n\nApply the build below that is listed for your platform (note that \nURLs may wrap):\n\nAIX\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/install-3.0.3.211.12833-r64-us5.tar\n\nHP-UX Itanium\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/install-3.0.3.211.12831-i64-hpu.tar\n\nHP-UX RISC\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/install-3.0.3.211.12830-hp2-us5.tar\n\nLinux AMD EI build\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/ingres-3.0.3-211-EI-linux-x86_64.tar.gz\n\nLinux AMD II build\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/ingres-3.0.3-211-linux-x86_64.tgz\n\nLinux Intel EI build\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/ingres-3.0.3-103-EI-linux-i386.tgz\n\nLinux Intel II build\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/ingres-3.0.3-103-pc-linux-i386.tgz\n\nLinux Itanium EI build\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/ingres-3.0.3-211-EI-linux-ia64.tar.gz\n\nLinux Itanium II build\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/ingres-3.0.3-211-linux-ia64.tgz\n\nSolaris SPARC\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/install-3.0.3.211.12834-su9-us5.tar\n\nSolaris x64/x86\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/install-3.0.3.211.12832-a64-sol.tar\n\nIngres r3 Build Install Steps (August 1, 2008)\n\nImportant: Prior to installing the build, a full operating system \nbackup of the $II_SYSTEM/ingres directory on Unix/Linux and \n%II_SYSTEM%\\ingres directory on Windows must be taken with Ingres \ncompletely shut down. Also, a backup of any other DATA locations \nthat you may have must be taken, again with Ingres shut down. In \ncase there is a problem with the update install, this allows \nIngres to be restored from the backup. \n\nUnix:\n1. Log in to the system as the installation owner and make sure \n   the environment is set up correctly:\n      1. II_SYSTEM must be set to the Ingres home directory\n      2. PATH must include $II_SYSTEM/ingres/bin and \n         $II_SYSTEM/ingres/utility directories\n      3. Add $II_SYSTEM/ingres/lib to the shared library path\n      4. Set TERM to \u2018vt100\u0027 and TERM_INGRES to \u2018vt100fx\u0027\n2. Copy the downloaded update file to the /tmp directory and \n   uncompress\n3. Read in the update file with the following commands:\n      umask 022\n      tar xf [update_file]\n      This creates a directory containing the distribution and \n      other files. \n4. Stop all applications that may be connected to or using any of \n   the files in the Ingres instance. \n5. Stop all Ingres processes with the \u2018ingstop\u0027 utility:\n      ingstop\n6. Important: Take an operating system backup of the \n   $II_SYSTEM/ingres directory and other DATA locations that you \n   may have elsewhere. Also, copy the \n   $II_SYSTEM/ingres/files/config.dat and \n   $II_SYSTEM/ingres/files/symbol.tbl files to a safe location to \n   ensure that the configuration can be restored. \n7. From the root directory of the Ingres installation \n   ($II_SYSTEM/ingres), run the following command:\n      tar xf /tmp/\u003cupdate_directory\u003e/ingres.tar install\n8. Run the following command:\n      install/ingbuild\n9. The initial install screen appears. \n10. In the Distribution medium enter the full path to the \n    \u2018ingres.tar\u0027 file (including the file) (See step 4). \n11. Choose PackageInstall from the list of installation options \n    and then choose \u2018Stand alone DBMS Server\u0027 from the list of \n    packages. Then choose ExpressInstall. \n12. Choose Yes in the pop-up screen and press Enter key. \n      The install utility verifies that each component was \n      transferred properly from the distribution medium. When this \n      is finished (without errors), another pop-up screen for \n      setting up the components comes up. \n13. Select Yes and press Enter key to go to the Setup program. \n14. Once the installation is complete, check the \n    $II_SYSTEM/ingres/files/install.log for any errors. Also, \n    check the $II_SYSTEM/ingres/version.rel file to verify the new \n    build is referenced; this should show 3.0.3 for the build. \n15. If there are no errors, then restore the \n    $II_SYSTEM/ingres/files/config.dat and \n    $II_SYSTEM/ingres/files/symbol.tbl files from the copies made \n    in step 6 to replace the existing files. \n16. Start Ingres using the \u2018ingstart\u0027 utility:\n      ingstart\n17. Upgrade the databases in the installation to the new release \n    level:\n      upgradedb -all\n\nLinux:\n1. Log on to the machine as \u2018root\u0027. \n2. Copy the downloaded build update file and to a previously \n   chosen directory and uncompress. \n3. Read in the update file with the following command:\n      tar xf [update file]\n      This creates a directory containing rpm packages for all of \n   the Ingres tools. \n4. Shut down any non-Ingres application(s) that may be connected \n   to or using any of the files in the specified Ingres instance. \n5. Stop all Ingres processes with the \u2018ingstop\u0027 utility:\n      ingstop\n6. Important: Take an operating system backup of the \n   $II_SYSTEM/ingres directory and other DATA locations that you \n   may have elsewhere. \n7. From the directory that was created in step 3, install the \n   update rpms with the following command:\n      rpm \u2013Uvh *.rpm\n      If the following error is seen for either the \n      \u2018ca-ingres-documentation-3.0.3-103\u0027, the \n      \u2018ca-ingres-CATOSL-3.0.3-103\u0027 or the \n      \u2018ca-cs-utils-11.0.04348-0000\u0027 (or all of them) packages,\n      remove them from the directory containing the rpms and \n      re-run the above command:\n      package \u003cpackage-name\u003e is already installed\n8. If the installation finishes successfully, then log on as \n   \u2018ingres\u0027 to the machine and start Ingres using the \u2018ingstart\u0027 \n   utility:\n      ingstart\n9. Upgrade \u2018mdb\u0027 database with the following command:\n      upgradedb -all\n\nFor these products:\nCA ARCserve Backup for Unix r11.1\nCA ARCserve Backup for Unix r11.5 GA/SP1/SP2\nCA ARCserve Backup for Unix r11.5 SP3\nCA ARCserve Backup for Linux r11.1\nEEM 8.1\neTrust Audit/SCC 8.0 sp2\nNSM 3.0 0305\nNSM 3.1 0403\nNSM r3.1 SP1 0703\nUnicenter Service Catalog r2.2\nUnicenter ServicePlus Service Desk 6.0\n\nApply the update below that is listed for your platform (note that \nURLs may wrap):\n\nAIX 32bit [2.6/xxxx (rs4.us5/00)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12718.tar.Z\n\nAIX 64bit [2.6/xxxx (r64.us5/00)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12798.tar.Z\n\nHP-UX with ARCserve 11.1 or 11.5/GA/SP1/SP2/SP3\nhttps://support.ca.com/irj/portal/anonymous/solndtls?aparNo=RO01277\u0026os=HP\u0026actionID=3\n\nHP-UX Itanium [2.6/xxxx (i64.hpu/00)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12748.tar.Z\n\nHP-UX RISC 32bit [2.6/xxxx (hpb.us5/00)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12742.tar.Z\n\nHP-UX RISC 32bit [2.6/xxxx (hpb.us5/00)DBL]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12888.tar.Z\n\nHP-UX RISC 64bit [2.6/xxxx (hp2.us5/00)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12749.tar.Z\n\nHP Tru64 UNIX [2.6/xxxx (axp.osf/00)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12676.tar.Z\n\nLinux AMD64 [2.6/xxxx (a64.lnx/00)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12809.tar.Z\n\nLinux Intel 32bit [2.6/xxxx (int.lnx/00)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12645.tar.Z\n\nLinux Intel 32bit [2.6/xxxx (int.lnx/00)DBL]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12647.tar.Z\n\nLinux Intel 32bit [2.6/xxxx (int.lnx/00)LFS]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12646.tar.Z\n\nLinux Itanium [2.6/xxxx (i64.lnx/00)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12648.tar.Z\n\nLinux S/390 [2.6/xxxx (ibm.lnx/00)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12877.tar.Z\n\nSolaris SPARC 32bit [2.6/xxxx (su4.us5/00)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12713.tar.Z\n\nSolaris SPARC 32bit double [2.6/xxxx (su4.us5/00)DBL]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12879.tar.Z\n\nSolaris SPARC 64bit [2.6/xxxx (su9.us5/00)]\nftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/2.6/p12751.tar.Z\n\nIngres 2.6 Vulnerability Updates Install Steps (August 1, 2008)\n\nUnix/Linux:\n1. Log on to your system using the installation owner account and \n   make sure the environment is set up correctly:\n      1. II_SYSTEM must be set to the Ingres system files\n      2. PATH must include $II_SYSTEM/bin and $II_SYSTEM/utility \n         directories. \n2. Change directory to the root directory of the Ingres \n   installation or use a previously created directory. \n      cd $II_SYSTEM/ingres\n      or\n      cd \u003cpatch_directory\u003e\n3. Copy the download maintenance update file in to the current \n   directory and uncompress\n4. Read in the update file with the following commands:\n      umask 022\n      tar xf [update_file]\n      This will create the directory:\n      $II_SYSTEM/ingres/patchXXXXX\n      or\n      \u003cpatch_directory\u003e/patchXXXXX\n      Note: \u2018XXXXX\u0027 in patchXXXXX refers to the update number\n5. Stop all Ingres processes with the \u2018ingstop\u0027 utility:\n      ingstop\n6. Change directory to the patch directory:\n      cd patchXXXXX\n7. Within the patch directory run the following command:\n      ./utility/iiinstaller\n      Please check the $II_SYSTEM/ingres/files/patch.log file to \n      make sure the patch was applied successfully. Also check the \n      $II_SYSTEM/ingres/version.rel to make sure the patch is \n      referenced. \n      Note: The patch can also be installed silently using the \n      \u2018-m\u0027 flag with iiinstaller:\n      ./utility/iiinstaller -m\n8. Once the patch install has been complete, re-link the iimerge \n   binary with the following command:\n      iilink\n9. Ingres can then be restarted with the \u2018ingstart\u0027 utility:\n      ingstart\n\n\nHow to determine if you are affected:\n\nFor these products:\nAdmin r8.1 SP2\nARCserve for Linux r11.5 SP2/SP3\nCA Directory r8.1\nCA Job Management Option R11.0\nCA Single Sign-On r8.1\nEEM 8.2\nEEM 8.2.1\nIdentity Manager r12\nNSM r11\nUnicenter Asset Management r11.1\nUnicenter Asset Management r11.2\nUnicenter Remote Control r11.2\nUnicenter Service Catalog r11.1\nUnicenter Service Metric Analysis r11.1\nUnicenter ServicePlus Service Desk r11\nUnicenter ServicePlus Service Desk r11.1\nUnicenter ServicePlus Service Desk r11.2\nUnicenter Software Delivery r11.1\nUnicenter Software Delivery r11.2\nUnicenter Workload Control Center r11\n\nThe Ingres release information is maintained in \n%II_SYSTEM%\\ingres\\version.rel:\n    UNIX or Linux: cat version.rel\n\nThe release identifier will be as follows:\nOperating System        Release identifier\nHP Sparc 32/64bit       II 3.0.3 (hp2.us5/211)\nHP Itanium              II 3.0.3 (i64.hpu/211)\nIntel Solaris 32/64bit  II 3.0.3 (a64.sol/211)\nAIX 32/64bit            II 3.0.3 (r64.us5/211)\nSolaris 32/64bit        II 3.0.3 (su9.us5/211)\nAMD Linux               II 3.0.3 (a64.lnx/211)\nIntel Linux             II 3.0.3 (int.lnx/103)\nItanium Linux           II 3.0.3 (i64.lnx/211)\n\nNotes:\n1. You would need to install the Ingres build instead of the patch \n   if either of the following is true:\n      1. If the Ingres release for your platform is not 3.0.3 in \n      the release identifier\n      or\n      2. The Ingres release is 3.0.3 but the build level is not \n      103 for Linux and 211 for all the Unix platforms. \n      If either of the above is true then download and apply the \n      latest build for your operating system(s). \n2. If the OS platform you are running Ingres on is not listed, \n   please contact Technical Support. \n\nFor these products:\nAdvantage Data Transformer r2.2\nAllfusion Harvest Change Manager r7.1\nARCserve for Linux r11.5 GA/SP1\nCleverPath Aion BPM r10.1\nCleverPath Aion BPM r10.2\n\nThe maintenance updates are provided for the latest r3 builds \nsupported by CA which are 3.0.3/103 (Linux) and 3.03/211 (UNIX \nplatforms). If the build embedded is earlier than 3.0.3, it has \nto be upgraded to 3.0.3 to fix the vulnerabilities. \n\nThe Ingres release information is maintained in \n%II_SYSTEM%\\ingres\\version.rel:\n    UNIX or Linux: cat version.rel\n\nThe release identifier will be as follows:\nOperating System        Release identifier\nHP Sparc 32/64bit       II 3.0.3 (hp2.us5/211)\nHP Itanium              II 3.0.3 (i64.hpu/211)\nIntel Solaris 32/64bit  II 3.0.3 (a64.sol/211)\nAIX 32/64bit            II 3.0.3 (r64.us5/211)\nSolaris 32/64bit        II 3.0.3 (su9.us5/211)\nAMD Linux               II 3.0.3 (a64.lnx/211)\nIntel Linux             II 3.0.3 (int.lnx/103)\nItanium Linux           II 3.0.3 (i64.lnx/211)\n\nImportant:\nFor Linux (AMD, Intel and Itanium) platforms, after applying the \nbuild provided on this page, please download and apply the \nmaintenance update. For the other platforms, the builds are \npatched to the latest maintenance update. \nNote:\n1. If the release you are using is already 3.0.3 build 103 on \n   Linux and 3.0.3 build 211 on Unix, then download and install \n   the maintenance update. \n2. If the OS platform you are running Ingres on is not listed, \n   please contact Technical Support. \n\nFor these products:\nCA ARCserve Backup for Unix r11.1\nCA ARCserve Backup for Unix r11.5 GA/SP1/SP2\nCA ARCserve Backup for Unix r11.5 SP3\nCA ARCserve Backup for Linux r11.1\nEEM 8.1\neTrust Audit/SCC 8.0 sp2\nNSM 3.0 0305\nNSM 3.1 0403\nNSM r3.1 SP1 0703\nUnicenter Service Catalog r2.2\nUnicenter ServicePlus Service Desk 6.0\n\nThe Ingres release information is maintained in \n%II_SYSTEM%\\ingres\\version.rel:\n    UNIX or Linux: cat version.rel\n\nThe release identifier will be as follows:\nOperating System            Release identifier\nAIX 32bit                   II 2.6/xxxx (rs4.us5/00)\nAIX 64bit                   II 2.6/xxxx (r64.us5/00)\nHP-UX Itanium               II 2.6/xxxx (i64.hpu/00)\nHP-UX RISC 32bit            II 2.6/xxxx (hpb.us5/00)\nHP-UX RISC 32bit            II 2.6/xxxx (hpb.us5/00)DBL\nHP-UX RISC 64bit            II 2.6/xxxx (hp2.us5/00)\nHP Tru64 UNIX               II 2.6/xxxx (axp.osf/00)\nLinux AMD64                 II 2.6/xxxx (a64.lnx/00)\nLinux Intel 32bit           II 2.6/xxxx (int.lnx/00)\nLinux Intel 32bit           II 2.6/xxxx (int.lnx/00)DBL\nLinux Intel 32bit           II 2.6/xxxx (int.lnx/00)LFS\nLinux Itanium               II 2.6/xxxx (i64.lnx/00)\nLinux S/390                 II 2.6/xxxx (ibm.lnx/00)\nSolaris SPARC 32bit         II 2.6/xxxx (su4.us5/00)\nSolaris SPARC 32bit double  II 2.6/xxxx (su4.us5/00)DBL\nSolaris SPARC 64bit         II 2.6/xxxx (su9.us5/00)\n\nNote:\n1. If the Ingres release embedded in your product is not 2.6, \n   please get the appropriate update here. \n2. If the OS platform you are running Ingres on is not listed, \n   please contact Technical Support. \n3. For HP-UX platform with CA ARCserve Backup 11.1 or \n   11.5/GA/SP1/SP2/SP3, download the published ARCserve fix, \n   RO01277:\n   https://support.ca.com/irj/portal/anonymous/solndtls?aparNo=RO01277\u0026os=HP\u0026actionID=3\n   and follow the enclosed instructions to install the security \n   patch. \n\n\nWorkaround: None\n\n\nReferences (URLs may wrap):\nCA Support:\nhttp://support.ca.com/\nSecurity Notice for CA Products That Embed Ingres\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989\nSolution Document Reference APARs:\nRO01277 (ARCserve only)\nCA Security Response Blog posting:\nCA Products That Embed Ingres Multiple Vulnerabilities\ncommunity.ca.com/blogs/casecurityresponseblog/archive/2008/08/06.aspx\nReported By: \niDefense Labs\nIngres Database for Linux verifydb Insecure File Permissions \n   Modification Vulnerability\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=731\nIngres Database for Linux libbecompat Stack Based Buffer Overflow \n   Vulnerability\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732\nIngres Database for Linux ingvalidpw Untrusted Library Path \n   Vulnerability\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=733\nIngres\nSecurity Vulnerability Announcement as of August 01, 2008\nhttp://www.ingres.com/support/security-alert-080108.php\nCVE References:\nCVE-2008-3356 - Ingres verifydb file create permission override. \nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3356\nCVE-2008-3357 - Ingres un-secure directory privileges with utility \n   ingvalidpw. \nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3357\nCVE-2008-3389 - Ingres verifydb, iimerge, csreport buffer overflow. \nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3389\nOSVDB References: Pending\nhttp://osvdb.org/\n\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\n\nCustomers who require additional information should contact CA\nTechnical Support at http://support.ca.com. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your \nfindings to our product security response team. \nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2008 CA. All rights reserved. ----------------------------------------------------------------------\n\nWant a new job?\n\nhttp://secunia.com/secunia_security_specialist/\nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\nInternational Partner Manager - Project Sales in the IT-Security\nIndustry:\nhttp://corporate.secunia.com/about_secunia/64/\n\n----------------------------------------------------------------------\n\nTITLE:\nIngres Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA31357\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/31357/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nPrivilege escalation\n\nWHERE:\nLocal system\n\nSOFTWARE:\nIngres 2.x\nhttp://secunia.com/product/14576/\nIngres 2006 (9.x)\nhttp://secunia.com/product/14574/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in Ingres, which can be\nexploited by malicious, local users to gain escalated privileges. \n\n1) An error exists in the \"verifydb\" utility due to improperly\nchanging permissions on files and having the setuid-bit set (owned by\nthe \"ingres\" user). via a specially\ncrafted environmental variable. \n\n3) An error exists within the \"ingvalidpw\" utility due to being\nsetuid \"root\" and loading shared libraries from a directory owned by\nthe \"ingres\" user. \n\nSOLUTION:\nThe vendor has issued fixes. Please see the knowledge base document\n(customer login required). \nhttp://servicedesk.ingres.com/CAisd/pdmweb.ingres?OP=SHOW_DETAIL+PERSID=KD:416012+HTMPL=kt_document_view.htmpl\n\nPROVIDED AND/OR DISCOVERED BY:\nAn anonymous researcher, reported via iDefense. \n\nORIGINAL ADVISORY:\nIngres:\nhttp://www.ingres.com/support/security-alert-080108.php\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=731\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=733\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-3389"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004693"
      },
      {
        "db": "BID",
        "id": "30512"
      },
      {
        "db": "PACKETSTORM",
        "id": "68785"
      },
      {
        "db": "PACKETSTORM",
        "id": "68897"
      },
      {
        "db": "PACKETSTORM",
        "id": "68872"
      },
      {
        "db": "PACKETSTORM",
        "id": "68816"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2008-3389",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "30512",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "31398",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "31357",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1020615",
        "trust": 1.6
      },
      {
        "db": "VUPEN",
        "id": "ADV-2008-2292",
        "trust": 1.6
      },
      {
        "db": "VUPEN",
        "id": "ADV-2008-2313",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004693",
        "trust": 0.8
      },
      {
        "db": "IDEFENSE",
        "id": "20080801 INGRES DATABASE FOR LINUX LIBBECOMPAT STACK BASED BUFFER OVERFLOW VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20080806 CA PRODUCTS THAT EMBED INGRES MULTIPLE VULNERABILITIES",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "44179",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200808-050",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "68785",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "68897",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "68872",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "68816",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "30512"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004693"
      },
      {
        "db": "PACKETSTORM",
        "id": "68785"
      },
      {
        "db": "PACKETSTORM",
        "id": "68897"
      },
      {
        "db": "PACKETSTORM",
        "id": "68872"
      },
      {
        "db": "PACKETSTORM",
        "id": "68816"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3389"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200808-050"
      }
    ]
  },
  "id": "VAR-200808-0315",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.12878788
  },
  "last_update_date": "2023-12-18T12:23:10.035000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "contentID=181989",
        "trust": 0.8,
        "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=181989"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004693"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004693"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3389"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.2,
        "url": "http://www.ingres.com/support/security-alert-080108.php"
      },
      {
        "trust": 2.1,
        "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732"
      },
      {
        "trust": 2.1,
        "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=181989"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/31357"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/31398"
      },
      {
        "trust": 1.6,
        "url": "http://securitytracker.com/id?1020615"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/30512"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/archive/1/495177/100/0/threaded"
      },
      {
        "trust": 1.0,
        "url": "http://www.vupen.com/english/advisories/2008/2292"
      },
      {
        "trust": 1.0,
        "url": "http://www.vupen.com/english/advisories/2008/2313"
      },
      {
        "trust": 1.0,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44179"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3389"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3389"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/44179"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/495177/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2008/2313"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2008/2292"
      },
      {
        "trust": 0.5,
        "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=733"
      },
      {
        "trust": 0.5,
        "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=731"
      },
      {
        "trust": 0.3,
        "url": "http://www.ingres.com/"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/495177"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-3389"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/secunia_security_specialist/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/31357/"
      },
      {
        "trust": 0.2,
        "url": "http://corporate.secunia.com/about_secunia/64/"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/),"
      },
      {
        "trust": 0.1,
        "url": "http://ingres.com/downloads/prod-cert-download.php"
      },
      {
        "trust": 0.1,
        "url": "http://labs.idefense.com/intelligence/vulnerabilities/"
      },
      {
        "trust": 0.1,
        "url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
      },
      {
        "trust": 0.1,
        "url": "http://labs.idefense.com/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/7126/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/14592/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5912/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/14582/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/31398/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/19467/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/7129/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/14437/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5904/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/14602/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/19468/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5582/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/14596/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5905/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5584/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/1684/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/1683/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/14589/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/7120/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/19466/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/7114/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/312/"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3357"
      },
      {
        "trust": 0.1,
        "url": "http://www.ca.com/us/contact/"
      },
      {
        "trust": 0.1,
        "url": "https://support.ca.com/irj/portal/anonymous/solndtls?aparno=ro01277\u0026os=hp\u0026actionid=3"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-3356"
      },
      {
        "trust": 0.1,
        "url": "http://support.ca.com/"
      },
      {
        "trust": 0.1,
        "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=177782"
      },
      {
        "trust": 0.1,
        "url": "http://support.ca.com."
      },
      {
        "trust": 0.1,
        "url": "http://www.ca.com/us/privacy/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-3357"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3356"
      },
      {
        "trust": 0.1,
        "url": "http://osvdb.org/"
      },
      {
        "trust": 0.1,
        "url": "http://www.ca.com/us/legal/"
      },
      {
        "trust": 0.1,
        "url": "http://servicedesk.ingres.com/caisd/pdmweb.ingres?op=show_detail+persid=kd:416012+htmpl=kt_document_view.htmpl"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/14574/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/14576/"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "30512"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004693"
      },
      {
        "db": "PACKETSTORM",
        "id": "68785"
      },
      {
        "db": "PACKETSTORM",
        "id": "68897"
      },
      {
        "db": "PACKETSTORM",
        "id": "68872"
      },
      {
        "db": "PACKETSTORM",
        "id": "68816"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3389"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200808-050"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "30512"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004693"
      },
      {
        "db": "PACKETSTORM",
        "id": "68785"
      },
      {
        "db": "PACKETSTORM",
        "id": "68897"
      },
      {
        "db": "PACKETSTORM",
        "id": "68872"
      },
      {
        "db": "PACKETSTORM",
        "id": "68816"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3389"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200808-050"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-08-01T00:00:00",
        "db": "BID",
        "id": "30512"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-004693"
      },
      {
        "date": "2008-08-04T19:10:47",
        "db": "PACKETSTORM",
        "id": "68785"
      },
      {
        "date": "2008-08-08T18:43:59",
        "db": "PACKETSTORM",
        "id": "68897"
      },
      {
        "date": "2008-08-06T21:42:18",
        "db": "PACKETSTORM",
        "id": "68872"
      },
      {
        "date": "2008-08-04T23:14:27",
        "db": "PACKETSTORM",
        "id": "68816"
      },
      {
        "date": "2008-08-05T19:41:00",
        "db": "NVD",
        "id": "CVE-2008-3389"
      },
      {
        "date": "2008-08-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200808-050"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-08-06T20:26:00",
        "db": "BID",
        "id": "30512"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-004693"
      },
      {
        "date": "2018-10-11T20:48:12.193000",
        "db": "NVD",
        "id": "CVE-2008-3389"
      },
      {
        "date": "2008-09-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200808-050"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "30512"
      },
      {
        "db": "PACKETSTORM",
        "id": "68785"
      },
      {
        "db": "PACKETSTORM",
        "id": "68897"
      },
      {
        "db": "PACKETSTORM",
        "id": "68816"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200808-050"
      }
    ],
    "trust": 1.2
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Linux Such as above  Ingres Vulnerable to stack-based buffer overflow",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004693"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200808-050"
      }
    ],
    "trust": 0.6
  }
}

CERTA-2008-AVI-390

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités découvertes dans Ingres permettent à une personne malintentionnée d'exécuter du code arbitraire et d'élever ses privilèges.

Description

Trois vulnérabilités ont été découvertes et permettent à une personne malveillante d'élever ses privilèges et d'exécuter du code arbitraire :

une personne non authentifiée peut attribuer à un utilisateur ou un groupe propriétaire d'un journal d'événements verifydb des droits en lecture et en écriture ;
une personne non authentifiée exploitant une vulnérabilité de type écrasement de pointeur peut exécuter du code arbitraire sur le serveur de base de données ;
une personne non authentifiée peut obtenir les privilèges d'un utilisateur Ingres, cette vulnérabilité combinée avec la précédente peut permettre d'obtenir les droits root.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Ingres 2006 release 2 (9.1.0) ;
Ingres 2006 release 1 (9.0.4) ;
Ingres 2.6.

Certains produits CA utilisent ce système de gestion de base de données.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Ingres du 01 aout 2008	None	vendor-advisory
Bulletin de sécurité Ingres du 01 août 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cUL\u003e    \u003cLI\u003eIngres 2006 release 2 (9.1.0) ;\u003c/LI\u003e    \u003cLI\u003eIngres 2006 release 1 (9.0.4) ;\u003c/LI\u003e    \u003cLI\u003eIngres 2.6.\u003c/LI\u003e  \u003c/UL\u003e  \u003cP\u003eCertains produits \u003cSPAN class=\"textit\"\u003eCA\u003c/SPAN\u003e utilisent ce  syst\u00e8me de gestion de base de donn\u00e9es.\u003c/P\u003e",
  "content": "## Description\n\nTrois vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes et permettent \u00e0 une personne\nmalveillante d\u0027\u00e9lever ses privil\u00e8ges et d\u0027ex\u00e9cuter du code arbitraire :\n\n-   une personne non authentifi\u00e9e peut attribuer \u00e0 un utilisateur ou un\n    groupe propri\u00e9taire d\u0027un journal d\u0027\u00e9v\u00e9nements verifydb des droits en\n    lecture et en \u00e9criture ;\n-   une personne non authentifi\u00e9e exploitant une vuln\u00e9rabilit\u00e9 de type\n    \u00e9crasement de pointeur peut ex\u00e9cuter du code arbitraire sur le\n    serveur de base de donn\u00e9es ;\n-   une personne non authentifi\u00e9e peut obtenir les privil\u00e8ges d\u0027un\n    utilisateur Ingres, cette vuln\u00e9rabilit\u00e9 combin\u00e9e avec la pr\u00e9c\u00e9dente\n    peut permettre d\u0027obtenir les droits root.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-3356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3356"
    },
    {
      "name": "CVE-2008-3357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3357"
    },
    {
      "name": "CVE-2008-3389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3389"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ingres du 01 ao\u00fbt 2008 :",
      "url": "http://www.ingres.com/support/security-alert-080108.php"
    }
  ],
  "reference": "CERTA-2008-AVI-390",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-08-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eIngres\u003c/span\u003e permettent \u00e0 une personne malintentionn\u00e9e\nd\u0027ex\u00e9cuter du code arbitraire et d\u0027\u00e9lever ses privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Ingres",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ingres du 01 aout 2008",
      "url": null
    }
  ]
}

CERTA-2008-AVI-390

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités découvertes dans Ingres permettent à une personne malintentionnée d'exécuter du code arbitraire et d'élever ses privilèges.

Description

Trois vulnérabilités ont été découvertes et permettent à une personne malveillante d'élever ses privilèges et d'exécuter du code arbitraire :

une personne non authentifiée peut attribuer à un utilisateur ou un groupe propriétaire d'un journal d'événements verifydb des droits en lecture et en écriture ;
une personne non authentifiée exploitant une vulnérabilité de type écrasement de pointeur peut exécuter du code arbitraire sur le serveur de base de données ;
une personne non authentifiée peut obtenir les privilèges d'un utilisateur Ingres, cette vulnérabilité combinée avec la précédente peut permettre d'obtenir les droits root.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Ingres 2006 release 2 (9.1.0) ;
Ingres 2006 release 1 (9.0.4) ;
Ingres 2.6.

Certains produits CA utilisent ce système de gestion de base de données.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Ingres du 01 aout 2008	None	vendor-advisory
Bulletin de sécurité Ingres du 01 août 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cUL\u003e    \u003cLI\u003eIngres 2006 release 2 (9.1.0) ;\u003c/LI\u003e    \u003cLI\u003eIngres 2006 release 1 (9.0.4) ;\u003c/LI\u003e    \u003cLI\u003eIngres 2.6.\u003c/LI\u003e  \u003c/UL\u003e  \u003cP\u003eCertains produits \u003cSPAN class=\"textit\"\u003eCA\u003c/SPAN\u003e utilisent ce  syst\u00e8me de gestion de base de donn\u00e9es.\u003c/P\u003e",
  "content": "## Description\n\nTrois vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes et permettent \u00e0 une personne\nmalveillante d\u0027\u00e9lever ses privil\u00e8ges et d\u0027ex\u00e9cuter du code arbitraire :\n\n-   une personne non authentifi\u00e9e peut attribuer \u00e0 un utilisateur ou un\n    groupe propri\u00e9taire d\u0027un journal d\u0027\u00e9v\u00e9nements verifydb des droits en\n    lecture et en \u00e9criture ;\n-   une personne non authentifi\u00e9e exploitant une vuln\u00e9rabilit\u00e9 de type\n    \u00e9crasement de pointeur peut ex\u00e9cuter du code arbitraire sur le\n    serveur de base de donn\u00e9es ;\n-   une personne non authentifi\u00e9e peut obtenir les privil\u00e8ges d\u0027un\n    utilisateur Ingres, cette vuln\u00e9rabilit\u00e9 combin\u00e9e avec la pr\u00e9c\u00e9dente\n    peut permettre d\u0027obtenir les droits root.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-3356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3356"
    },
    {
      "name": "CVE-2008-3357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3357"
    },
    {
      "name": "CVE-2008-3389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3389"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ingres du 01 ao\u00fbt 2008 :",
      "url": "http://www.ingres.com/support/security-alert-080108.php"
    }
  ],
  "reference": "CERTA-2008-AVI-390",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-08-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eIngres\u003c/span\u003e permettent \u00e0 une personne malintentionn\u00e9e\nd\u0027ex\u00e9cuter du code arbitraire et d\u0027\u00e9lever ses privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Ingres",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ingres du 01 aout 2008",
      "url": null
    }
  ]
}

FKIE_CVE-2008-3389

Vulnerability from fkie_nvd - Published: 2008-08-05 19:41 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732	Broken Link
cve@mitre.org	http://secunia.com/advisories/31357	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/31398	Third Party Advisory
cve@mitre.org	http://securitytracker.com/id?1020615	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.ingres.com/support/security-alert-080108.php	Broken Link
cve@mitre.org	http://www.securityfocus.com/archive/1/495177/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/30512	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.vupen.com/english/advisories/2008/2292	Third Party Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2008/2313	Third Party Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/44179	Third Party Advisory, VDB Entry
cve@mitre.org	https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31357	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31398	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1020615	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ingres.com/support/security-alert-080108.php	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/495177/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/30512	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2292	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2313	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/44179	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989	Broken Link

Impacted products

Vendor	Product	Version
hp	hp-ux	*
linux	linux_kernel	*
ingres	ingres	2.6
ingres	ingres	2006
ingres	ingres	2006

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ingres:ingres:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE11A92-56B9-43A2-9E3D-D511AE713F45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ingres:ingres:2006:9.0.4:*:*:*:*:*:*",
              "matchCriteriaId": "D988634E-4C81-457B-AA97-9C55575E9DB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ingres:ingres:2006:9.1.0:*:*:*:*:*:*",
              "matchCriteriaId": "708FD550-E400-4973-979B-3D9932EBFC80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en la librer\u00eda libbecompat en Ingres 2.6, Ingres 2006 versi\u00f3n 1 (alias 9.0.4), y Ingres 2006 versi\u00f3n 2 (alias 9.1.0) en Linux y HP-UX que permite a los usuarios locales aumentar sus privilegios estableciendo un valor largo de una variable de entorno antes de ejecutar (1) verifydb, (2) iimerge, or (3) csreport."
    }
  ],
  "evaluatorImpact": "\"Exploitation of this vulnerability allows an attacker to execute arbitrary code with the privileges of the \"ingres\" user. By itself, this vulnerability does not have very serious consequences. However, when combined with the library loading vulnerability, it allows an attacker to execute arbitrary code with root privileges. \" (iDefense)",
  "evaluatorSolution": "\"Fixes are available for the current release of Ingres 2006 release 2 (9.1.0), for Ingres 2006 release 1 (9.0.4), and for Ingres 2.6 versions on their respective platforms. The security fixes are available and can be quickly applied with little to no anticipated impact to systems.\r\n\r\nIngres customers with a current support contract can review the following knowledge base document for information on downloading the available fixes:\r\nhttp://servicedesk.ingres.com/CAisd/pdmweb.ingres?OP=SHOW_DETAIL+PERSID=KD:416012+HTMPL=kt_document_view.htmpl\r\n\r\n(ingres.com)",
  "id": "CVE-2008-3389",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-05T19:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/31357"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/31398"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1020615"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.ingres.com/support/security-alert-080108.php"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/495177/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/30512"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2292"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2313"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44179"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/31357"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/31398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1020615"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.ingres.com/support/security-alert-080108.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/495177/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/30512"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2292"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-95VQ-M8F4-GH6C

Vulnerability from github – Published: 2022-05-01 23:59 – Updated: 2022-05-01 23:59

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-3389"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-08-05T19:41:00Z",
    "severity": "MODERATE"
  },
  "details": "Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport.",
  "id": "GHSA-95vq-m8f4-gh6c",
  "modified": "2022-05-01T23:59:43Z",
  "published": "2022-05-01T23:59:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3389"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44179"
    },
    {
      "type": "WEB",
      "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989"
    },
    {
      "type": "WEB",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31357"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31398"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1020615"
    },
    {
      "type": "WEB",
      "url": "http://www.ingres.com/support/security-alert-080108.php"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/495177/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/30512"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2292"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2313"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-3389 (GCVE-0-2008-3389)

GSD-2008-3389

VAR-200808-0315

CERTA-2008-AVI-390

Description

Solution

CERTA-2008-AVI-390

Description

Solution

FKIE_CVE-2008-3389

GHSA-95VQ-M8F4-GH6C

Tags

Sightings

Nomenclature