Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-174: Vulnerability in OLE Automation

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-174: Vulnerability in OLE Automation
# 1  
Old 02-12-2008
S-174: Vulnerability in OLE Automation
A remote code execution vulnerability exists in Object Linking and Embedding (OLE) Automation that could allow an attacker who successfully exploited this vulnerability to make changes to the system with the permissions of the logged-on user. The risk is MEDIUM. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

7 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Perl syntax and html ole parsing

Hi gurus I am trying to understand some advanced (for me) perl constructions (syntax) following this tutorial I am trying to parse html: Using Mojo::DOM | Joel Berger say "div days:"; say $_->text for $dom->find('div.days')->each; say "\nspan hours:"; say $_->text for... (1 Reply)
Discussion started by: wakatana
1 Replies

2. Shell Programming and Scripting

win32 ole in deepr details in perl

Hello Gurus, I am begginer in perl. I would like to ask several questions, some related to perl and its syntax but most will be regarding to WIN32 OLE. My main goal is to develop script that will check word document structure (return some information) and make some changes in this document (if it... (0 Replies)
Discussion started by: wakatana
0 Replies

3. Shell Programming and Scripting

Details about WIN32::OLE

Hi all, Is win32::OLE module is applicable in linux system??? from my understanding it is not possible..because we have to use some tools for that..for more info refer this website http://oclug.on.ca/archives/oclug/2001-July/008100.html (1 Reply)
Discussion started by: kavi.mogu
1 Replies

4. Shell Programming and Scripting

PERL Win32::OLE Inserting Picture in Excel

I am trying to insert a picture into a worksheet in Excel using Perl the following is the code use Win32::OLE; use Win32::OLE::Const "Microsoft Excel"; use Win32::OLE qw(in with); # Initiate Excel application $Excel = Win32::OLE->new('Excel.Application', 'Quit'); $Excel->{Visible} =1; #... (1 Reply)
Discussion started by: cold_Que
1 Replies

5. Shell Programming and Scripting

MS Outlook + Win32::OLE

Hey guys, I'm trying to go through my emails in Outlook until I find an email with a certain subject line. I am able to send emails with no problem, but reading emails and their properties (From, Subject, etc.) is my main problem. Basically, I don't know where to start and using search engines... (2 Replies)
Discussion started by: kooshi
2 Replies

6. Shell Programming and Scripting

OLE ERROR in perl

Hello All, I have executed one script where i am getting this error,what may be the reason..... please help me out. OLE exception from Microsoft Excel Win32::OLE(0.1403) error 0x800a03ec in METHOD/PROPERTYGET "open" (1 Reply)
Discussion started by: suvenduperl
1 Replies

7. Shell Programming and Scripting

Spell Check in MS Word using PERL OLE

Hi, I am trying automate couting number of spell and typo errors in MS Word document using perl script. In perl script, i am using Win32::OLE module of perl to read MS word document. Can anybody tell me are there any modules available in perl which can be imported into my script to... (0 Replies)
Discussion started by: 123an
0 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

ndisc6

NDISC6(8)						      System Manager's Manual							 NDISC6(8)

NAME

       ndisc6 - ICMPv6 Neighbor Discovery tool

SYNOPSIS

       ndisc6 [-1mnqv] [-r attempts] [-w wait_ms] < IPv6 address> <iface>

DESCRIPTON

       NDisc6  is  an  Unix  program which implements the ICMPv6 Neighbor Discovery in userland (it is normally done by the kernel). It is used to
       lookup the link-layer address (layer 2 address, MAC in the case of Ethernet) of any on-link IPv6 node.

       The IPv6 address of the node must be specified, as well as the networking interface on which to perform the lookup.

OPTIONS

       -1 or --single
	      Exit as soon as the first advertisement is received (default).

       -h or --help
	      Display some help and exit.

       -m or --multiple
	      Wait for possible duplicate advertisements and print all of them.

       -n or --numeric
	      If the first parameter is not a valid IPv6 address, do not try to resolve it as a DNS hostname.

       -q or --quiet
	      Only display link-layer address. Display nothing in case of failure.  That is mostly useful when calling the program  from  a  shell
	      script.

       -r attempts or --retry attempts
	      Send  ICMPv6  Neighbor  Discovery  that  many  times until a reply is received, or abort. By default, ndisc6 will try 3 times before
	      aborting (MAX_MULTICAST_SOLICIT and MAX_UNICAST_SOLICIT from RFC2461).

       -V or --version
	      Display program version and license and exit.

       -v or --verbose
	      Display verbose information. That is the default.

       -w wait_ms or --wait wait_ms
	      Wait wait_ms milliseconds for a response before retrying.  By default, ndisc6 waits 1 second between  each  attempts  (RETRANS_TIMER
	      from RFC2461).

DIAGNOSTICS

       If  you	get no response while you know the remote host is up, it is most likely that it is not on-link, that is to say, you must cross one
       or more routers to reach it. By design, IPv6 nodes ignore ICMPv6 Neighbor Discovery packets received from nodes not on the same link  (i.e.
       Ethernet segment), for the sake of security. Technically, that is done by ensuring that the Hop limit (TTL) is 255.

       Note that you cannot use ndisc6 to lookup the local host's link-layer address.

SECURITY

       ndisc6  should  be setuid root to allow use by non privileged users. It will drop its root privileges before any attempt is made to send or
       receive data from the network to reduce the possible impact of a security vulnerability.

SEE ALSO

       ping6(8), rdisc6(8), ipv6(7)

AUTHOR

       Remi Denis-Courmont <remi at remlab dot net>

       $Id: ndisc6.8 658 2010-10-31 20:56:30Z remi $

       http://www.remlab.net/ndisc6/

ndisc6					      $Date: 2010-10-31 22:56:30 +0200 (dim. 31 oct. 2010) $					 NDISC6(8)