91 matches found
CVE-2017-4309
...
Solaris 10 (sparc) : 120272-31
SunOS 5.10: SMA patch. Date this patch was last updated by Sun : Jun/30/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 10 (x86) : 120273-33
SunOS 5.10x86: SMA patch. Date this patch was last updated by Sun : Jun/29/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
CVE-2016-4309
Session fixation vulnerability in Symphony CMS 2.6.7, when session.useonlycookies is disabled, allows remote attackers to hijack web sessions via the PHPSESSID parameter...
CVE-2016-4309
Symphony CMS 2.6.7 is affected by a session-fixation vulnerability. The issue arises because the system does not regenerate the user’s PHPSESSID upon authentication, allowing an attacker to fix a session token and potentially gain access after a user authenticates. Public sources (Veracode, OpenV...
Symphony CMS 2.6.7 Session Fixation
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SYMPHONY-CMS-SESSION-FIXATION.txt + ISR: APPARITIONSEC Vendor: ==================== www.getsymphony.com Product: ================== Symphony CMS v2.6.7 Download:...
Symphony CMS 2.6.7 - Session Fixation
Exploit for php platform in category web applications + Credits: John Page aka hyp3rlinx + ISR: APPARITIONSEC Vendor: ==================== www.getsymphony.com Product: ================== Symphony CMS v2.6.7 Download: http://www.getsymphony.com/download/ Symphony is a XSLT-powered open source...
SNMP 'GETBULK' Reflection DDoS
The remote SNMP daemon is responding with a large amount of data to a 'GETBULK' request with a larger than normal value for 'max-repetitions'. A remote attacker can use this SNMP server to conduct a reflected distributed denial of service attack on an arbitrary remote host. TRUSTED...
CVE-2014-4309
CVE-2014-4309 affects Openfiler 2.99 with multiple XSS vulnerabilities. The issues enable injection of arbitrary script/HTML via numerous parameters across admin pages (uptime.html, admin/services_ftp.html, admin/system.html, admin/volumes_iscsi_targets.html, volumes_*) and via User-Agent headers...
Fedora 17 : glpi-0.83.9.1-1.fc17 (2013-11413)
Upstream changelog : - Bug 4306: Notification on delete document - Bug 4308: Knowbase : encoding issue to clean search - Bug 4309: Items disappear when you click in tabscrollermenu vertical list of tabs - Bug 4310: Password with - Bug 4313: Search problem on tab group view in central - Bug 4329:...
Fedora 19 : glpi-0.83.9.1-1.fc19 (2013-11315)
Upstream changelog : - Bug 4306: Notification on delete document - Bug 4308: Knowbase : encoding issue to clean search - Bug 4309: Items disappear when you click in tabscrollermenu vertical list of tabs - Bug 4310: Password with - Bug 4313: Search problem on tab group view in central - Bug 4329:...
CVE-2011-4309
Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote attackers to bypass intended access restrictions and perform global searches by leveraging the guest role and making a direct request to a URL...
CVE-2011-4309
Affected software: Moodle 2.0.x (before 2.0.5) and 2.1.x (before 2.1.2). Root cause: vulnerability in access restrictions allowing remote attackers to bypass restrictions and perform global searches by using the guest role and issuing a direct URL request. Impact: allows bypass of intended access...
Adobe Shockwave Player Multiple Remote Code Execution Vulnerabilities - Aug 2011
This host is installed with Adobe Shockwave Player and is prone to multiple remote code execution vulnerabilities. OpenVAS Vulnerability Test $Id: secpodadobeshockwaveplayermultcodeexecvulnaug11.nasl 7006 2017-08-25 11:51:20Z teissa $ Adobe Shockwave Player Multiple Remote Code Execution...
CVE-2010-4309
Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2010-4308...
CVE-2010-4309
CVE-2010-4309 concerns Adobe Shockwave Player prior to 11.6.1.629, which is exposed to memory-corruption vulnerabilities that can lead to arbitrary code execution or a denial of service. The issue is tied to memory-corruption vulnerabilities in Shockwave Player, with multiple third‑party advisori...
CVE-2010-4309
Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2010-4308...
CVE-2009-4309
CVE-2009-4309 describes a heap-based buffer overflow in the Intel Indeo41 codec used by Windows Media Player, affecting Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The flaw arises from missing bounds checking on a size field in the IV41/movi record of an IV41 stream, permitting remote atta...
SLES9: Security update for net-snmp
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: net-snmp-devel perl-SNMP net-snmp For more information, please visit the referenced security advisories. More details may also be found by searching for...
SuSE9 Security Update : net-snmp (YOU Patch Number 12298)
Remote attackers could crash net-snmp via GETBULK-Request. CVE-2008-4309 In addition the following non-security issues have been fixed : - typo in error message bnc439857 - make OIDs longer than 256 chars work bnc345914 - typo in the snmpd init script to really load all agents bnc415127 - logrota...