18 matches found
EUVD-2017-16212
Malware in sbrugna...
EUVD-2016-5326
Malware in sbrugna...
VulnCheck KEV: CVE-2016-4326
The Chef Manage formerly opscode-manage add-on before 1.12.0 for Chef allows remote attackers to execute arbitrary code via crafted serialized data in a cookie...
Chef Manage Remote Code Execution Vulnerability
Chef is a management system for IT professionals and provides configuration management and automation capabilities for the entire infrastructure from Chef Software, U.S.A. Chef Manage is an enterprise-grade Chef plug-in that visualizes and manages nodes, packets, roles, environments, and role-bas...
Chef Manage RCE Vulnerability
Chef Manage is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Chef Manage Detection
Detection of Chef Manage The script sends a HTTP connection request to the server and attempts to detect the presence of Chef Manage and to extract its version. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...
CVE-2017-7174
The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 allows remote attackers to execute arbitrary code. This is fixed in 2.4.5...
CVE-2017-7174
The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 allows remote attackers to execute arbitrary code. This is fixed in 2.4.5...
Design/Logic Flaw
The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 allows remote attackers to execute arbitrary code. This is fixed in 2.4.5...
CVE-2017-7174
The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 allows remote attackers to execute arbitrary code. This is fixed in 2.4.5...
CVE-2017-7174
CVE-2017-7174 affects Chef Manage, specifically the user-account creation feature in versions 2.1.0–2.4.4. Multiple sources describe a remote code execution vulnerability that can be exploited by remote attackers to run arbitrary code, with a fixed update available in version 2.4.5. The NVD entry...
CVE-2016-4326
The Chef Manage formerly opscode-manage add-on before 1.12.0 for Chef allows remote attackers to execute arbitrary code via crafted serialized data in a cookie...
CVE-2016-4326
The Chef Manage formerly opscode-manage add-on before 1.12.0 for Chef allows remote attackers to execute arbitrary code via crafted serialized data in a cookie...
Code injection
The Chef Manage formerly opscode-manage add-on before 1.12.0 for Chef allows remote attackers to execute arbitrary code via crafted serialized data in a cookie...
CVE-2016-4326
The CVE-2016-4326 vulnerability affects the Chef Manage (formerly opscode-manage) add-on for Chef, where versions up to and including 1.11.4 deserialize cookie data insecurely. The underlying issue is deserialization of untrusted cookie data, which can be exploited by an unauthenticated remote at...
CVE-2016-4326
The Chef Manage formerly opscode-manage add-on before 1.12.0 for Chef allows remote attackers to execute arbitrary code via crafted serialized data in a cookie...
Chef Manage cookie data arbitrary code execution vulnerability
Chef is a management system that targets IT professionals and provides configuration management and automation capabilities for the entire infrastructure.Chef Manage is an enterprise-grade Chef plug-in. Chef Manage fails to properly validate user-supplied cookie data, allowing remote attackers to...
Chef Manage deserializes cookie data insecurely
Overview Chef Manage add-on, version 1.11.4 and earlier, deserializes cookie data insecurely, which may be leveraged to gain unauthenticated remote code execution. Description CWE-502: Deserialization of Untrusted Data - CVE-2016-4326Chef with the Chef Manage previously known as 'opscode-manage'...