Lucene search
K

232 matches found

OpenVAS
OpenVAS
added 2011/11/25 12:0 a.m.17 views

Fedora Update for cherokee FEDORA-2011-14634

Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-14634 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS0.1AI score0.01398EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2011/11/25 12:0 a.m.17 views

Fedora Update for cherokee FEDORA-2011-14660

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.8CVSS6.5AI score0.01398EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2011/11/25 12:0 a.m.14 views

Fedora Update for cherokee FEDORA-2011-14634

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.8CVSS6.5AI score0.01398EPSS
Exploits1References2
NVD
NVD
added 2011/10/07 2:51 a.m.10 views

CVE-2011-2190

The generateadminpassword function in Cherokee before 1.2.99 uses time and PID values for seeding of a random number generator, which makes it easier for local users to determine admin passwords via a brute-force attack...

2.1CVSS6AI score0.00329EPSS
Exploits0References7
NVD
NVD
added 2011/10/07 2:51 a.m.9 views

CVE-2011-2191

Cross-site request forgery CSRF vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting XSS sequences, as demonstrated by a crafted nickname field to vserver/apply...

6.8CVSS6.1AI score0.01398EPSS
Exploits1References10
UbuntuCve
UbuntuCve
added 2011/10/07 2:51 a.m.13 views

CVE-2011-2191

Cross-site request forgery CSRF vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting XSS sequences, as demonstrated by a crafted nickname field to vserver/apply...

6.8CVSS5.9AI score0.01398EPSS
Exploits1References3
Prion
Prion
added 2011/10/07 2:51 a.m.9 views

Design/Logic Flaw

The generateadminpassword function in Cherokee before 1.2.99 uses time and PID values for seeding of a random number generator, which makes it easier for local users to determine admin passwords via a brute-force attack...

2.1CVSS6.5AI score0.00329EPSS
Exploits0References7Affected Software1
UbuntuCve
UbuntuCve
added 2011/10/07 2:51 a.m.15 views

CVE-2011-2190

The generateadminpassword function in Cherokee before 1.2.99 uses time and PID values for seeding of a random number generator, which makes it easier for local users to determine admin passwords via a brute-force attack...

2.1CVSS5.9AI score0.00329EPSS
Exploits0References2
Prion
Prion
added 2011/10/07 2:51 a.m.12 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting XSS sequences, as demonstrated by a crafted nickname field to vserver/apply...

6.8CVSS6.4AI score0.01398EPSS
Exploits1References10Affected Software1
Cvelist
Cvelist
added 2011/10/07 1:0 a.m.22 views

CVE-2011-2191

Cross-site request forgery CSRF vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting XSS sequences, as demonstrated by a crafted nickname field to vserver/apply...

5.9AI score0.01398EPSS
Exploits1References10
CVE
CVE
added 2011/10/07 1:0 a.m.53 views

CVE-2011-2190

The Cherokee generate_admin_password function (before version 1.2.99) seeds its RNG with time and PID values, enabling a local-user brute-force approach to determine admin passwords. Affected: Cherokee before 1.2.99. Impact: weak randomness in password generation increases the risk of unauthorize...

2.1CVSS6AI score0.00329EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2011/10/07 1:0 a.m.27 views

CVE-2011-2190

The generateadminpassword function in Cherokee before 1.2.99 uses time and PID values for seeding of a random number generator, which makes it easier for local users to determine admin passwords via a brute-force attack...

5.8AI score0.00329EPSS
Exploits0References7
CVE
CVE
added 2011/10/07 1:0 a.m.44 views

CVE-2011-2191

CVE-2011-2191 affects Cherokee admin in Cherokee prior to 1.2.99. The vulnerability is a cross-site request forgery (CSRF) that can hijack an administrator’s session to perform actions that insert cross-site scripting (XSS) sequences, demonstrated via a crafted nickname in vserver/apply. Impact d...

6.8CVSS6AI score0.01398EPSS
Exploits1References10Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/10/03 12:0 a.m.18 views

Fedora 16 : cherokee-1.2.99-1.fc16 (2011-12657)

Latest 1.2.x upstream release and bugzilla resolving Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

6.8CVSS5.3AI score0.01398EPSS
Exploits1References9
Fedora
Fedora
added 2011/09/30 6:59 p.m.31 views

[SECURITY] Fedora 16 Update: cherokee-1.2.99-1.fc16

Cherokee is a very fast, flexible and easy to configure Web Server. It supp orts the widespread technologies nowadays: FastCGI, SCGI, PHP, CGI, TLS and SSL encrypted connections, Virtual hosts, Authentication, on the fly encoding, Apache compatible log files, and much more...

6.8CVSS1AI score0.01398EPSS
Exploits1
OpenVAS
OpenVAS
added 2011/09/27 12:0 a.m.20 views

Fedora Update for cherokee FEDORA-2011-12698

Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-12698 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS0.1AI score0.01398EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2011/09/27 12:0 a.m.18 views

Fedora Update for cherokee FEDORA-2011-12687

Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-12687 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS0.1AI score0.01398EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2011/09/27 12:0 a.m.11 views

Fedora Update for cherokee FEDORA-2011-12698

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.8CVSS6.5AI score0.01398EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2011/09/27 12:0 a.m.17 views

Fedora Update for cherokee FEDORA-2011-12687

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.8CVSS6.5AI score0.01398EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2011/09/26 12:0 a.m.17 views

Fedora 15 : cherokee-1.2.99-1.fc15 (2011-12698)

Latest 1.2.x upstream release and bugzilla resolving Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

6.8CVSS5.3AI score0.01398EPSS
Exploits1References9
Rows per page
Query Builder