BlogEngine.NET <= 2.8.0.0 Information Disclosure Vulnerability - Active Check

BlogEngine.NET is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-4452

Red Hat JBoss Operations Network 3.1.2 uses world-readable permissions for the 1 server and 2 agent configuration files, which allows local users to obtain authentication credentials and other unspecified sensitive information by reading these files...

CVE-2013-4452

Red Hat JBoss Operations Network 3.1.2 uses world-readable permissions for the 1 server and 2 agent configuration files, which allows local users to obtain authentication credentials and other unspecified sensitive information by reading these files...

IBM Rational Focal Point RequestAccessController Servlet Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Rational Focal Point. Authentication is not required to exploit this vulnerability. The specific flaw exists within com.telelogic.focalpoint.pres.controller.RequestAccessController servlet whic...

Cisco Unified Communications Manager - TFTP Service

Exploit for hardware platform in category local exploits !/bin/bash Proof of Concept on how to get tftp config files from cisco phones This can be performed anonymously and privileges gathered relies on those assigned to the ldap account Developed by Daniel Svartman email protected In case tftp...

Cisco Unified Communications Manager - TFTP Service

!/bin/bash Proof of Concept on how to get tftp config files from cisco phones This can be performed anonymously and privileges gathered relies on those assigned to the ldap account Developed by Daniel Svartman [email protected] In case tftp files are encrypted, you will need to hijack a...

Cisco Unified Communications Manager - TFTP Service

Cisco Unified Communications Manager - TFTP Service !/bin/bash Proof of Concept on how to get tftp config files from cisco phones This can be performed anonymously and privileges gathered relies on those assigned to the ldap account Developed by Daniel Svartman [email protected] In case tf...

Amazon Linux AMI : augeas (ALAS-2013-250)

Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user for example, an application running as root that is updating files in a directory owned by a...

CVE-2013-1090

The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership for certain configuration files and directories including /etc/apache2/vhosts.d, which allows local wwwrun users to gain privileges via unspecified vectors...

Buffer overflow

The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership for certain configuration files and directories including /etc/apache2/vhosts.d, which allows local wwwrun users to gain privileges via unspecified vectors...

CVE-2013-1090

CVE-2013-1090 affects the SUSE horde5 package prior to 5.0.2-2.4.1. The issue is incorrect ownership for certain configuration files and directories, including /etc/apache2/vhosts.d, which can enable local wwwrun users to gain privileges via unspecified vectors. This is a local-privilege-escalati...

CVE-2013-1090

The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership for certain configuration files and directories including /etc/apache2/vhosts.d, which allows local wwwrun users to gain privileges via unspecified vectors...

Scientific Linux Security Update : augeas on SL6.x i386/x86_64 (20131121)

Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user for example, an application running as root that is updating files in a directory owned by a...

Low: augeas

Issue Overview: Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user for example, an application running as root that is updating files in a...

Moderate: Red Hat Security Advisory: Red Hat JBoss Operations Network 3.1.2 update

An update for Red Hat JBoss Operations Network 3.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

RedHat Update for augeas RHSA-2013:1537-02

Check for the Version of augeas OpenVAS Vulnerability Test RedHat Update for augeas RHSA-2013:1537-02 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

RHEL 6 : augeas (RHSA-2013:1537)

Updated augeas packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which...

RedHat Update for augeas RHSA-2013:1537-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Low: Red Hat Security Advisory: augeas security, bug fix, and enhancement update

Updated augeas packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which...

Sophos Web Protection Appliance patience.cgi Directory Traversal (CVE-2013-2641)

A directory traversal vulnerability has been reported in Sophos Web Protection Appliance, specifically on the /cgi-bin/patience.cgi component. A remote attacker can exploit this issue by reading arbitary files from the filesystem. These files include configuration files containing sensitive...