13 matches found
EUVD-2012-2667
Malware in sbrugna...
EUVD-2013-4182
Malware in sbrugna...
EUVD-2014-0227
Malware in sbrugna...
EUVD-2012-2664
Malware in sbrugna...
Cumin has an unspecified vulnerability
Red Hat Enterprise MRG is a Redhatlinux distribution that enables communication grid solutions.Cumin is the MRG management console. A security vulnerability exists in Cumin that stems from server certificate validation always being disabled. No details of the vulnerability are available at this...
Authorization Bypass
cumin is vulnerable to authorization bypass. User roles in the application are not properly enforced, allowing unprivileged user to access restricted resources. This allows a remote authenticated attacker to exploit the vulnerability to obtain confidential information and perform unauthorized...
PT-2012-4179 · Red Hat · Cumin +1
Name of the Vulnerable Software and Affected Versions: Cumin versions prior to 0.1.5444 Red Hat Enterprise Messaging, Realtime, and Grid MRG version 2.0 Description: The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to error message displays ...
cumin: weak session keys
Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, uses predictable random numbers to generate session keys, which makes it easier for remote attackers to guess the session key...
cumin: allows for editing internal Condor job attributes
Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor...
cumin: DoS via large image requests
Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allows remote authenticated users to cause a denial of service memory consumption via a large size in an image request...
cumin: CSRF flaw
Multiple cross-site request forgery CSRF vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allow remote attackers to hijack the authentication of arbitrary users for requests that execute commands via unspecified vectors...
cumin: weak session keys
Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, uses predictable random numbers to generate session keys, which makes it easier for remote attackers to guess the session key...
cumin: allows for editing internal Condor job attributes
Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor...