75 matches found
The vulnerability of the software for managing VMware vCenter Server allows a malicious individual to prevent other users from accessing the system.
The OpenSSH software mechanism for managing VMware vCenter Server’s virtual infrastructure contains a vulnerability that can lead to service interruptions during authentication processes. A service interruption occurs when the values of logingraceTime and maxStartup differ from the default values...
USN-2408-1 neutron vulnerability
Elena Ezhova discovered that OpenStack Neutron did not properly perform access control checks for attributes. A remote authenticated attacker could exploit this to bypass intended access controls and reset admin-only attributes to default values...
openstack-neutron: Admin-only network attributes may be reset to defaults by non-privileged users
It was discovered that unprivileged users could in some cases reset admin-only network attributes to their default values. This could lead to unexpected behavior or in some cases result in a denial of service...
CVE-2014-6414
OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors...
PYSEC-2014-33
z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain the default form field values by leveraging knowledge of the form location and the element id...
CVE-2012-5491
z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain the default form field values by leveraging knowledge of the form location and the element id...
rubygem-kafo: temporary file creation vulnerability when creating /tmp/default_values.yaml
Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...
Microsoft Windows NT 4.0 SNMP-WINS DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2244/info The Simple Network Management Protocol SNMP provides remote network administration functions. Windows NT provides an optional SNMP implementation. Windows NT networks can use Windows Internet Name Service WINS, ...
CVE-2014-0135
Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...
Oracle Java FileDialog.Show Heap Buffer Overflow - Ver2 (CVE-2011-0802)
A remote code execution vulnerability has been reported in Oracle Java Runtime Environment.The vulnerability is due to insufficient validation of the selected file's default values size. A remote attacker could exploit this vulnerability by enticing an unsuspecting user to open a web page...
IBM solidDB Stored Procedure Call Handling Denial of Service Vulnerability
IBM solidDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:soliddb";...
MantisBT < 1.2.12 Multiple Vulnerabilities
According to its version number, the MantisBT install hosted on the remote web server is affected by multiple vulnerabilities : - The application is affected by an information disclosure vulnerability due to a flaw in using default values to determine if a user has sufficient privileges to modify...
SLP (Service Location Protocol) Denial Of Service
!/usr/bin/python ''' ================================== Pseudo documentation ================================== ''' SLPick, extension DoS release by Nicolas Gregoire ''' ================================== Imports ================================== ''' import getopt import re import sys import...
default config values restored
This should be for 2.9.1 - this version was not yet available under "affects versions" when filing this bug. After updating from 2.9 to 2.9.1, most of my settings were overwritten by their default values. - public signup got enabled - the language changed back to english instead of german - e-mai...
WU-FTPD 2.6.0 - Remote Format Strings
/ 12:40 11/10/00: Tool for either attack or defense within an information warfare setting. Rather, it is a small program demonstrating proof of concept. Default values for solaris 2.8 and inetd. If you are not the intended recipient, or a person responsible for delivering it to the intended...