CVE-2014-2349

CVE-2014-2349 affects Emerson DeltaV versions 10.3.1, 11.3, 11.3.1, and 12.3. Local attacker with engineering-level privileges can read/modify DeltaV configuration files via hard-coded credentials in diagnostic services (through a TCP session). ICS-CERT notes a patch mitigates these vulnerabiliti...

Symantec Workspace Streaming Agent XMLRPC Request putFile Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Workspace Streaming. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SWS Agent asagent.exe component. By sending a crafted XMLRPC request ...

Localize: Sensitive file

A possible sensitive file has been found. This file is not directly linked from the website. This check looks for common sensitive resources like password files, configuration files, log files, include files, statistics data, database dumps. Each one of these files could help an attacker to learn...

CA ERwin Web Portal MIMM ConfigServiceProviderServlet Remote File Creation/Overwrite Vulnerability

This vulnerability allows remote attackers to overwrite arbitrary .xml files on a system with vulnerable installations of CA ERwin Web Portal's Meta Integration Metadata Management service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the "Meta...

Fedora Update for augeas FEDORA-2014-2445

Check for the Version of augeas OpenVAS Vulnerability Test Fedora Update for augeas FEDORA-2014-2445 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

[SECURITY] Fedora 20 Update: augeas-1.2.0-1.fc20

A library for programmatically editing configuration files. Augeas parses configuration files into a tree structure, which it exposes through its public API. Changes made through the API are written back to the initially read files. The transformation works very hard to preserve comments and...

[SECURITY] Fedora 19 Update: augeas-1.2.0-1.fc19

A library for programmatically editing configuration files. Augeas parses configuration files into a tree structure, which it exposes through its public API. Changes made through the API are written back to the initially read files. The transformation works very hard to preserve comments and...

Application there is a file include vulnerability Unix systems-vulnerability warning-the black bar safety net

Found time: Vulnerability type: a file that contains Belongs the establishment of the station program: other Belongs to the server type: General Belongs to the programming language: other Description: The target Unix system, the application may exist in the file containing the vulnerability. 1. T...

IBM Rational Focal Point Login Servlet Information Disclosure (CVE-2013-5397)

An information disclosure vulnerability has been reported in IBM Rational Focal Point. The vulnerability is due to an input validation error of the file variable in com.telelogic.focalpoint.pres.controller.LoginController servlet. A remote, unauthenticated attacker could exploit this vulnerabilit...

IBM Rational Focal Point RequestAccessController Servlet Information Disclosure (CVE-2013-5398)

An information disclosure vulnerability has been reported in IBM Focal Point. The vulnerability is due to input validation error of file variable in com.telelogic.focalpoint.pres.controller.RequestAccessController servlet. A remote unauthenticated attacker could exploit this vulnerability to read...

Updated augeas package fixes security vulnerabilities

Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user for example, an application running as root that is updating files in a directory owned by a...

[SECURITY] Fedora 20 Update: openldap-2.4.39-2.fc20

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

Medium: augeas

Issue Overview: A flaw was found in the way Augeas handled certain umask settings when creating new configuration files. This flaw could result in configuration files being created as world writable, allowing unprivileged local users to modify their content. CVE-2013-6412 Affected Packages: augea...

[ MDVSA-2014:022 ] augeas

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:022 http://www.mandriva.com/en/support/security/ Package : augeas Date : January 24, 2014 Affected: Business Server 1.0 Problem Description: Updated augeas packages fix security vulnerabilities: Multiple fla...

Mandriva Linux Security Advisory : augeas (MDVSA-2014:022)

Updated augeas packages fix security vulnerabilities : Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user for example, an application running a...

Emerson Network Power Avocent MergePoint Unity 2016 KVM and possibly other model switches contain a directory traversal vulnerability

Overview Emerson Network Power Avocent MergePoint Unity 2016 KVM and possibly other model switches running firmware version 1.9.16473 and possibly previous versions contain a directory traversal vulnerability CWE-23. Description CWE-23: Relative Path Traversal Emerson Network Power Avocent...

RedHat Update for augeas RHSA-2014:0044-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 6 : augeas (CESA-2014:0044)

Updated augeas packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 6 : augeas (RHSA-2014:0044)

Updated augeas packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2013-2142

userpref.c in libimobiledevice 1.1.4, when $HOME and $XDGCONFIGHOME are not set, allows local users to overwrite arbitrary files via a symlink attack on 1 HostCertificate.pem, 2 HostPrivateKey.pem, 3 libimobiledevicerc, 4 RootCertificate.pem, or 5 RootPrivateKey.pem in...