Linux Distros Unpatched Vulnerability : CVE-2018-1000119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures...

RHEL 6 : rack-protection (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rack-protection: Timing attack in authenticitytoken.rb CVE-2018-1000119 Note that Nessus has not tested for this...

October CMS - Upload Protection Bypass Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'October CMS Upload Protection Bypass Code Execution', 'Description' = %q This module exploits an Authenticated user with permission to upload and...

CVE-2017-1000119

creationtimestamp| type| source ---|---|--- 2019-09-06 15:22:57+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/octoberuploadbypassexec.rb 2019-09-10 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/47376...

October CMS Upload Protection Bypass Code Execution

This module exploits an Authenticated user with permission to upload and manage media contents can upload various files on the server. Application prevents the user from uploading PHP code by checking the file extension. It uses black-list based approach, as seen in...

NewStart CGSL CORE 5.04 / MAIN 5.04 : pcs Multiple Vulnerabilities (NS-SA-2019-0042)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has pcs packages installed that are affected by multiple vulnerabilities: - Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in...

Debian DSA-4247-1 : ruby-rack-protection - security update

A timing attack was discovered in the function for CSRF token validation of the 'Ruby rack protection' framework. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4247. The text itself is copyright C Software ...

CentOS Update for pcs CESA-2018:1060 centos7

Check the version of pcs SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882895";...

CentOS 7 : pcs (CESA-2018:1060)

An update for pcs is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

pcs security update

CentOS Errata and Security Advisory CESA-2018:1060 An update for pcs is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Oracle Linux 7 : pcs (ELSA-2018-1060)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-1060 advisory. - Fixed CVE-2018-1086 pcs: Debug parameter removal bypass, allowing information disclosure - Fixed CVE-2018-1079 pcs: Privilege escalation via authoriz...

Scientific Linux Security Update : pcs on SL7.x x86_64 (20180410)

Security Fixes : - pcs: Privilege escalation via authorized user malicious REST call CVE-2018-1079 - pcs: Debug parameter removal bypass, allowing information disclosure CVE-2018-1086 - rack-protection: Timing attack in authenticitytoken.rb CVE-2018-1000119 C Tenable Network Security, Inc. The...

Amazon Linux 2 : pcs (ALAS-2018-1005)

Debug parameter removal bypass, allowing information disclosure It was found that the REST interface of the pcsd service did not properly remove the pcs debug argument from the /runpcs query, possibly disclosing sensitive information. A remote attacker with a valid token could use this flaw to...

Important: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

CVE-2018-1000119

Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to hav...

CVE-2018-1000119

Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to hav...

CVE-2018-1000119

CVE-2018-1000119 affects Sinatra rack-protection, specifically the CSRF authenticity_token check. Versions 1.5.4 and 2.0.0.rc3 and earlier are vulnerable to a timing attack that can expose signatures and is exploitable over the network. The issue has been fixed in 1.5.5 and 2.0.0. Remediation: up...

CVE-2017-1000119

October CMS build 412 is vulnerable to PHP code execution via the file upload functionality, potentially allowing site compromise and server-wide impact. The vulnerability is documented across multiple sources (NVD entry CVE-2017-1000119; GitHub/OSV/OSVDB advisories; Metasploit module and exploit...

CVE-2016-1000119

SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla...

CVE-2016-1000119

The CVE-2016-1000119 entry concerns the Huge IT Joomla Catalog Extension 1.0.4 for Joomla. Public details describe two vulnerabilities: a SQL Injection and a Reflected Cross-Site Scripting (XSS). The SQLi occurs in the submissions model (id parameter) and the XSS in the submissions view (message_...