FrSIRT - Fedora Security Update Fixes HSQLdb Unspecified Vulnerability / Exploit (Security Advisories)

French Security Incident Response Team

French

English

Fedora Security Update Fixes HSQLdb Unspecified Vulnerability

Title : Fedora Security Update Fixes HSQLdb Unspecified Vulnerability
Advisory ID : FrSIRT/ADV-2008-0271
CVE ID : CVE-2007-4576
Rated as : Moderate Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2008-01-25

Advisory Details

Description

Affected Products

Solution

References

Technical Description

A vulnerability has been identified in Fedora [...]

Solution

Upgrade the affected packages :

c206d07ff8786bef6574d3e84bfa292e6a108eab hsqldb-manual-1.8.0.8-1jpp.5.fc7.ppc64.rpm
8f5a593de134215465b2ae4c1d373434ba3b56cb hsqldb-javadoc-1.8.0.8-1jpp.5.fc7.ppc64.rpm
23841d991754100939504261af339c71250367dc hsqldb-1.8.0.8-1jpp.5.fc7.ppc64.rpm
bff472b39577af04dc583b3481b85531564bf897 hsqldb-debuginfo-1.8.0.8-1jpp.5.fc7.ppc64.rpm
cd695293647378671bec362f3dced2758c611edc hsqldb-demo-1.8.0.8-1jpp.5.fc7.ppc64.rpm
5f867ab356b0b76985e149ea8a26d00d709ba582 hsqldb-1.8.0.8-1jpp.5.fc7.i386.rpm
0ff3d3bd1360653c292fdc7474a70dbb24f777a0 hsqldb-manual-1.8.0.8-1jpp.5.fc7.i386.rpm
9eef058d03fbd3effd57457eef3af314a0e06370 hsqldb-demo-1.8.0.8-1jpp.5.fc7.i386.rpm
c918e85a7b8c91ad03e49f8273be6a21e73c2e8b hsqldb-debuginfo-1.8.0.8-1jpp.5.fc7.i386.rpm
ff83e2dc77624787b64b432de6356f00eba8ee68 hsqldb-javadoc-1.8.0.8-1jpp.5.fc7.i386.rpm
a21021e8b084eded0b2e4185761a61d86947b3eb hsqldb-javadoc-1.8.0.8-1jpp.5.fc7.x86_64.rpm
2ec58a1d3adcd8450f8db9c81ed07d478f640a19 hsqldb-demo-1.8.0.8-1jpp.5.fc7.x86_64.rpm
6ed8bb8ec8bcad3f613460b6f840b334c8b1ec0f hsqldb-debuginfo-1.8.0.8-1jpp.5.fc7.x86_64.rpm
896bb7dfa9d640ec2b069e6e0b32aafd6a9813ad hsqldb-1.8.0.8-1jpp.5.fc7.x86_64.rpm
c888f1965c71daa75023da4c08196bf9cd6808b9 hsqldb-manual-1.8.0.8-1jpp.5.fc7.x86_64.rpm
144093356812de45878f5a2dfcc56563b0ada1e3 hsqldb-javadoc-1.8.0.8-1jpp.5.fc7.ppc.rpm
2a3232508c4ac3074e29abc86a3de77bc054b2e4 hsqldb-demo-1.8.0.8-1jpp.5.fc7.ppc.rpm
d12aa2317d0662d11f11db3e5a07257d946a994e hsqldb-1.8.0.8-1jpp.5.fc7.ppc.rpm
595b60b491242e0f2572c4417bd6fb7d46e5716a hsqldb-debuginfo-1.8.0.8-1jpp.5.fc7.ppc.rpm
7445c1546338fdb9925428e6282df437224321c0 hsqldb-manual-1.8.0.8-1jpp.5.fc7.ppc.rpm
0d27f4157eb34b64a028cf90dbf1f2e4ce3e97b9 hsqldb-1.8.0.8-1jpp.5.fc7.src.rpm

2ba4bf90f7cbf53d9713a626f802726b1265375f hsqldb-demo-1.8.0.8-1jpp.5.fc8.ppc64.rpm
6cb8eb5a4a5ac57304a04244e7dab7708fab8ea2 hsqldb-manual-1.8.0.8-1jpp.5.fc8.ppc64.rpm
5b09b15c9068f2b72991744d0906918c3f0c7166 hsqldb-javadoc-1.8.0.8-1jpp.5.fc8.ppc64.rpm
dc97bff86f6920e796cb7da50c0d1da381337ffa hsqldb-debuginfo-1.8.0.8-1jpp.5.fc8.ppc64.rpm
6a5a2f56a1fd1a34ee3b6958aae106de6c0901e3 hsqldb-1.8.0.8-1jpp.5.fc8.ppc64.rpm
d3363e9e93e72da8fbcc26347479f77480855d1c hsqldb-manual-1.8.0.8-1jpp.5.fc8.i386.rpm
b943bfcb099ea1017fb0a9a76ae14e138d0bdde5 hsqldb-debuginfo-1.8.0.8-1jpp.5.fc8.i386.rpm
0c25ab3b0a39917c03141c163759292ac6acfdd4 hsqldb-1.8.0.8-1jpp.5.fc8.i386.rpm
10c7deca55b06657389ccf3822d59bbc637ba420 hsqldb-demo-1.8.0.8-1jpp.5.fc8.i386.rpm
7697b858cdb65fba4977a90835e1361b371c180d hsqldb-javadoc-1.8.0.8-1jpp.5.fc8.i386.rpm
e66af733e3474573a54f49ca7053eff572465205 hsqldb-demo-1.8.0.8-1jpp.5.fc8.x86_64.rpm
80f65825895f74836edf54b11ccfd5c1347bd7c2 hsqldb-manual-1.8.0.8-1jpp.5.fc8.x86_64.rpm
ffbe63f9fefc276d4d97838da4283faf103f116d hsqldb-javadoc-1.8.0.8-1jpp.5.fc8.x86_64.rpm
19d96eaaaf16a8f13cddae14e903409094c489b7 hsqldb-1.8.0.8-1jpp.5.fc8.x86_64.rpm
c3937bf98b445a30b2829076d7f983235b2c6c1a hsqldb-debuginfo-1.8.0.8-1jpp.5.fc8.x86_64.rpm
7d8d9bb0110f0309c8847f660d1c76882a06cf3c hsqldb-manual-1.8.0.8-1jpp.5.fc8.ppc.rpm
7750520960767f8f0334d3873add19c5f5162202 hsqldb-1.8.0.8-1jpp.5.fc8.ppc.rpm
22b9edf6d52d6bffc7392d6faaf7f658e4d625b9 hsqldb-javadoc-1.8.0.8-1jpp.5.fc8.ppc.rpm
c4278ed53df89d63cdbeb8bcd7a1e5550e29f3ab hsqldb-demo-1.8.0.8-1jpp.5.fc8.ppc.rpm
f124f8ecd286c94909be641a244cdbd706d9293b hsqldb-debuginfo-1.8.0.8-1jpp.5.fc8.ppc.rpm
a2087399e5f180e44a25b81c41e5ced35eed81a9 hsqldb-1.8.0.8-1jpp.5.fc8.src.rpm

ChangeLog

2008-01-25 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.

Mailinglist

	Microsoft SQL Server Privilege Escalation Vulnerabilities (MS08-040)
	Microsoft Exchange Server Cross Site Scripting Issues (MS08-039)
	Microsoft Windows Explorer Remote Code Execution (MS08-038)
	Microsoft Windows Multiple DNS Spoofing Vulnerabilities (MS08-037)
	Microsoft Access Snapshot Viewer ActiveX Control Vulnerability
	Microsoft Internet Explorer Frame Cross-Domain Scripting Vulnerability
	Microsoft Internet Explorer "location" Cross-Domain Scripting Issue

	Sun Solaris Tomcat JSP/Servlet Container Multiple Vulnerabilities
	Sun Java System Access Manager XSLT Code Execution Vulnerability
	Sun Solaris 10 Adobe Reader Multiple Code Execution Vulnerabilities
	Sun Solaris "snmpXdmid" Packet Handling Denial of Service Vulnerability
	Sun Solaris FreeType2 Library Multiple Memory Corruption Vulnerabilities
	Sun Java System Calendar Server Denial of Service Vulnerability
	Sun Solaris SMA SNMPv3 Authentication Bypass Vulnerability

	Oracle Products Command Execution and SQL Injection Vulnerabilities
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities
	Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities
	Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities