CVE-2014-5427

CVE-2014-5427 affects Johnson Controls Metasys 4.1–6.5 (ADS, ADX, LCS8520, NAE 55xx-x, NIE 5xxx-x, NxE8500). A remote, unauthenticated attacker can read password hashes via a POST request, exposing credentials and affecting confidentiality. Connected sources indicate multiple advisories and a pat...

SuSE 11.3 Security Update : evolution-data-server (SAT Patch Number 9969)

evolution-data-server has been updated to disable support for SSLv3. This security issues has been fixed : - SSLv3 POODLE attack CVE-2014-3566 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information...

WS10 Data Server SCADA Overflow

Exploit Title: WS10 Data Server SCADA Exploit Overflow PoC Date: 09/23/2014 Author: Pedro Sánchez Version: 1.83 English Tested on: Windows 7 embedded. Notified the vendor, vendor never responded. In the new version this PoC stops working Vendor: Novus http://www.novus.com.br NOVUS Electronics is ...

WS10 Data Server - SCADA Overflow (PoC)

WS10 Data Server - SCADA Overflow PoC Exploit Title: WS10 Data Server SCADA Exploit Overflow PoC Date: 09/23/2014 Author: Pedro Sánchez Version: 1.83 English Tested on: Windows 7 embedded. Notified the vendor, vendor never responded. In the new version this PoC stops working Vendor: Novus...

WS10 Data Server SCADA Overflow PoC Exploit

WS10 Data Server version 1.83 SCADA buffer overflow proof of concept exploit. Exploit Title: WS10 Data Server SCADA Exploit Overflow PoC Date: 09/23/2014 Author: Pedro Sánchez Version: 1.83 English Tested on: Windows 7 embedded. Notified the vendor, vendor never responded. In the new version this...

7-Technologies IGSS 9 Data Server/Collector Packet Handling Vulnerabilities

No description provided by source. $Id: igss9misc.rb 12779 2011-05-31 14:33:19Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

[USN-1922-1] Evolution Data Server vulnerability

========================================================================== Ubuntu Security Notice USN-1922-1 July 31, 2013 evolution-data-server vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

Updated evolution-data-server package fixes security vulnerability.

Yves-Alexis Perez discovered that Evolution Data Server did not properly select GPG recipients. Under certain circumstances, this could result in Evolution encrypting email to an unintended recipient CVE-2013-4166...

PT-2020-7479 · Gnome +3 · Gnome Evolution +4

Name of the Vulnerable Software and Affected Versions: GNOME Evolution versions 3.8.4 and earlier Evolution Data Server versions 3.9.5 and earlier Description: The issue is related to the gpg ctx add recipient function, which does not properly select the GPG key for email encryption. This might...

Ubuntu Update for evolution-data-server USN-1922-1

Check for the Version of evolution-data-server OpenVAS Vulnerability Test $Id: gbubuntuUSN19221.nasl 8526 2018-01-25 06:57:37Z teissa $ Ubuntu Update for evolution-data-server USN-1922-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net...

Ubuntu: Security Advisory (USN-1922-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 12.04 LTS / 12.10 / 13.04 : evolution-data-server vulnerability (USN-1922-1)

Yves-Alexis Perez discovered that Evolution Data Server did not properly select GPG recipients. Under certain circumstances, this could result in Evolution encrypting email to an unintended recipient. Note that Tenable Network Security has extracted the preceding description block directly from t...

USN-1922-1: Evolution Data Server vulnerability

Yves-Alexis Perez discovered that Evolution Data Server did not properly select GPG recipients. Under certain circumstances, this could result in Evolution encrypting email to an unintended recipient...

CVE-2013-4166

The gpgctxaddrecipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers...

Oracle Linux 5 : Moderate: / evolution-data-server (ELSA-2007-0344)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2007-0344 advisory. 1.8.0-15.0.3.el5 - Add patch for RH bug 235289 APOP authentication vulnerability. 1.8.0-15.0.2.el5 - Remove Makefile.in changes that accidentally slipped into t...

Oracle Linux 6 : openchange (ELSA-2013-0515)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-0515 advisory. evolution-mapi 0.28.3-12 - Add patch for RH bug 903241 Double-free on message copy/move 0.28.3-11 - Add patch for RH bug 902932 Cannot connect with latest samba...

Oracle Linux 5 : evolution-data-server (ELSA-2009-0354)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-0354 advisory. - Add patch for RH bug 488280 CVE-2009-0547, S/MIME signatures. - Add patch for RH bug 488280 CVE-2009-0582, NTLM authentication. Tenable has extracted...

CentOS Update for openchange CESA-2013:0515 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS 6 : evolution-mapi / openchange (CESA-2013:0515)

Updated openchange packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

Scientific Linux Security Update : openchange on SL6.x i386/x86_64 (20130221)

A flaw was found in the Samba suite's Perl-based DCE/RPC IDL PIDL compiler. As OpenChange uses code generated by PIDL, this could have resulted in buffer overflows in the way OpenChange handles RPC calls. With this update, the code has been generated with an updated version of PIDL to correct thi...