320 matches found
EMC NetWorker Arbitrary Command Execution Vulnerability
EMC NetWorker, previously known as Legato NetWorker, is a cross-platform backup and recovery system. EMC NetWorker versions 8.2.1.x, 8.2.2.x 8.2.2.6 and 9.x 9.0.0.6 have an authentication processing error that could allow a remote attacker to execute arbitrary commands by accessing a different...
Unable to Log on to XenMobile Admin Console Using Administrator Account
Not able to log on to XenMobile Server web console with administrator account. The following errors are noticed in the logs: 2016-04-06T09:31:08.358+0800 | EDC68337B8501EEC | WARN | http-nio-14443-exec-9 | ZDMAuthenticationProvider | Could not find administrator 2016-04-06T09:31:08.359+0800 |...
Error: "The pool failed to enable external authentication" on XenServer
Unable to join the XenServer hosts to Active directory domain. The computer account is created in the domain but the following error continues to appear: Enabling Active Directory Authentication on pool … “Error: The pool failed to enable external authentication.” In the xensource.log the followi...
MGASA-2016-0161 Updated subversion packages fix security vulnerabilities
Updated subversion packages fix security vulnerabilities: Daniel Shahaf and James McCoy discovered that an implementation error in the authentication against the Cyrus SASL library would permit a remote user to specify a realm string which is a prefix of the expected realm string and potentially...
How I was in the Google collaboration community GWC found the reflection type, a storage type, the DOM type of vulnerability? - Vulnerability warning-the black bar safety net
! Google for Work Connect, the GWC is a System, Application Administrator, and partner community of system, but also in Google's vulnerability reward range. Shortly before, I was in the GWC community system found reflection type, a storage type, the DOM typeXSS. The storage typeXSS In the GWC...
CVE-2015-3672
Admin Framework in Apple OS X before 10.10.4 does not properly handle authentication errors, which allows local users to obtain admin privileges via unspecified vectors...
The vulnerability of the NetMRI monitoring program allows a intruder to execute arbitrary code.
The vulnerability of the NetMRI network monitoring program in Anyterm lies in an authentication process error. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using specially crafted requests...
Cisco Prime LAN Management Solution ntpd Multiple Vulnerabilities
According to its self-reported version number, the Cisco Prime LAN Management Solution running on the remote host is affected by multiple vulnerabilities : - A security weakness exists due to the configauth function improperly generating default keys when no authentication key is defined in the...
CVE-2014-9296
The receive function in ntpproto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets...
DEBIAN-CVE-2014-9296
The receive function in ntpproto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets...
CVE-2014-9296
The receive function in ntpproto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets...
CVE-2014-9296
CVE-2014-9296 affects ntpd in NTP up to version 4.2.8, arising from a missing return on error in receive() (ntp_proto.c). This could allow remote attackers to trigger an unintended association change by sending crafted packets. The connected advisories indicate affected deployments include multip...
CVE-2014-9296
The receive function in ntpproto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets...
UBUNTU-CVE-2014-9296
The receive function in ntpproto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets...
OpenVPN 2.2.29 - Shellshock Remote Command Injection
OpenVPN 2.2.29 - Shellshock Remote Command Injection Exploit Title: ShellShock OpenVPN Exploit Date: Fri Oct 3 15:48:08 EDT 2014 Exploit Author: hobbily AKA @fj33r Version: 2.2.29 Tested on: Debian Linux CVE : CVE-2014-6271 Probably should of submitted this the day I tweeted it. server.conf port...
vino: denial of service flaw
The vinoserverclientdatapending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote attackers to cause a denial ...
CVE-2013-5745
The vinoserverclientdatapending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote attackers to cause a denial ...
DEBIAN-CVE-2013-5745
The vinoserverclientdatapending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote attackers to cause a denial ...
Axway Email Firewall information leakage
Different authentication error codes for existant and non-existant user...
User authentication failed
When a Linux server is added to the console, the "User authentication failed" error occurs...