128 matches found
Scientific Linux Security Update : augeas on SL6.x i386/x86_64 (20131121)
Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user for example, an application running as root that is updating files in a directory owned by a...
Low: augeas
Issue Overview: Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user for example, an application running as root that is updating files in a...
CVE-2012-0786
The transformsave function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file...
UBUNTU-CVE-2012-0786
The transformsave function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file...
CVE-2012-0786
The transformsave function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file...
CVE-2012-0786
CVE-2012-0786 concerns Augeas: the transform_save function in transform.c before 1.0.0 allows local users to overwrite arbitrary files and disclose sensitive data via a symlink attack on a .augnew file. Real-world references across multiple advisories confirm the affected component is Augeas and ...
RedHat Update for augeas RHSA-2013:1537-02
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for bugzilla FEDORA-2013-2845
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Bugzilla Information Disclosure and Cross-Site Scripting Vulnerabilities
Bugzilla is prone to information disclosure and cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2013-0786
The CVE-2013-0786 issue affects Bugzilla 2.x and 3.x before 3.6.13, and 4.0.x before 4.0.10, where Bugzilla::Search::build_subselect generates different error messages for invalid product queries depending on product existence. This behavior allows remote attackers to discover private product nam...
SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7627)
IBM Java 1.6.0 SR9-FP2 fixes several of bugs and thew following security issues : - An unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start...
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
The version of SunSSH running on the remote host has an information disclosure vulnerability. A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. An attacker could...
SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7626)
IBM Java 1.6.0 SR9-FP2 fixes several of bugs and thew following security issues : - An unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start...
SuSE 11.1 Security Update : IBM Java (SAT Patch Number 4875)
IBM Java 1.6.0 SR9-FP2 fixes several of bugs and thew following security issues : - An unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start...
SuSE 11.1 Security Update : Sun/Oracle Java (SAT Patch Number 4698)
Oracle Java 6 Update 26 fixes several security vulnerabilities. Please refer to Oracle's site for further information: http://www.oracle.com/technetwork/topics/security/javacpujune2011-3133 39.html %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...
CVE-2011-0786
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors...
CVE-2011-0786
CVE-2011-0786 affects Oracle Java SE 6 on Windows (JRE/Deployment components) and is part of a set of vulnerabilities addressed by Java 6 Update 26. The issue is described as an unspecified vulnerability in the JRE deployment area that could allow remote execution or disclosure via untrusted Web ...
IBM WebSphere Application Server JAX-WS Denial Of Service Vulnerability
IBM WebSphere Application Server is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause denial-of-service conditions for legitimate users. Versions prior to IBM WebSphere Application Server 7.0 7.0.0.13 are vulnerable. OpenVAS Vulnerability Test $Id:...
CVE-2010-0786
IBM WebSphere Application Server 7.x is affected by CVE-2010-0786 in the Web Services Security/JAX-WS handling. WAS 7.0 before 7.0.0.13 allows remote attackers to trigger a denial of service via a crafted JAX-WS request that leads to data corruption due to improper JAX-WS implementation. Affected...
Apache apr-util IPv6 URI Parsing (CVE-2004-0786)
Apache HTTP server version 2 introduced the Apache Portable Runtime APR, which provides a middle layer between platform independent Apache code and the native operating system API. One of the functions provided by the APR utilities component is the parsing of URI strings. Having this functionalit...