Moab 7.2.9 - Authentication Bypass

Moab 7.2.9 - Authentication Bypass Moab Authentication Bypass : CVE-2014-5300 Software: Moab Affected Versions: All versions prior to Moab 7.2.9 and Moab 8 CVE Reference: CVE-2014-5300 Author: John Fitzpatrick, MWR Labs http://labs.mwrinfosecurity.com/ Severity: High Risk Vendor: Adaptive Computi...

Moab User Impersonation

Moab User Impersonation : CVE-2014-5375 Software: Moab Affected Versions: All current versions of Moab. However, the impact is limited in Moab 7.2.9 and Moab 8. CVE Reference: CVE-2014-5375 Author: John Fitzpatrick, Luke Jennings MWR Labs http://labs.mwrinfosecurity.com/ Severity: High Risk Vendo...

ganglia-info NSE Script

Retrieves system information OS version, available memory, etc. from a listening Ganglia Monitoring Daemon or Ganglia Meta Daemon. Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and Grids. The information retrieved includes HDD size,...

Attackers Target PNNL, Force Lab Off the Web

An attack against the Pacific Northwest National Laboratory has forced the lab to shut off access to the Internet, and the lab’s external Web site also is inaccessible right now. The attack on the lab, which conducts national security and cybersecurity research among other things, is the latest i...

CVE-2010-2544

Cross-site scripting XSS vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing HPC Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter...

CVE-2010-2545

Multiple cross-site scripting XSS vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing HPC Solution and other products, allow remote attackers to inject arbitrary web script or HTML via 1 the name element in an XML template to templatesimport.php; and allow remote...

CVE-2010-1644

Multiple cross-site scripting XSS vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing HPC Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the 1 hostname or 2 description parameter to host.php, or 3 the hostid paramet...

CVE-2010-1645

Cacti before 0.8.7f, as used in Red Hat High Performance Computing HPC Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in 1 the FQDN field of a Device or 2 the Vertical Label field of a Graph Template...

CVE-2010-2544

Cross-site scripting XSS vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing HPC Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter...

CVE-2010-1645

Cacti before 0.8.7f, as used in Red Hat High Performance Computing HPC Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in 1 the FQDN field of a Device or 2 the Vertical Label field of a Graph Template...

Important: Red Hat Security Advisory: Red Hat High Performance Computing (HPC) Solution 5.5

The Red Hat High Performance Computing HPC Solution version 5.5 for Red Hat Enterprise Linux 5.5, or RHHPC 5.5, is now available, fixing multiple security issues, multiple bugs, and adding several enhancements. The Red Hat Security Response Team has rated this update as having important security...

Cacti 0.8.7 (RedHat High Performance Computing [HPC]) - 'utilities.php?Filter' Cross-Site Scripting

source: https://www.securityfocus.com/bid/42575/info Cacti is prone to cross-site-scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in the contex...