183 matches found
CVE-2015-4555
The provided documents specify a buffer overflow in the HTTP management interfaces of TIBCO Rendezvous products (Rendezvous before 8.4.4, Rendezvous Network Server before 1.1.1, Substation ES before 2.9.0, Messaging Appliance before 8.7.2). The root cause is an overflow in the HTTP administrative...
Eisbär SCADA (All Versions) - Persistent UI Vulnerability
Document Title: =============== Eisbär SCADA All Versions - Persistent UI Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1456 Release Date: ============= 2015-05-19 Vulnerability Laboratory ID VL-ID: ==================================== 14...
IBM Security SiteProtector System Local Elevation of Privilege Vulnerability
IBM Security SiteProtector System is a centralized management system that unifies the management and analysis of network, server and endpoint security agents. A local elevation of privilege vulnerability exists in IBM Security SiteProtector System. This vulnerability could be exploited to allow a...
CVE-2012-4245
The scriptfu network server in GIMP 2.6 does not require authentication, which allows remote attackers to execute arbitrary commands via the python-fu-eval command...
CVE-2012-4245
The scriptfu network server in GIMP 2.6 does not require authentication, which allows remote attackers to execute arbitrary commands via the python-fu-eval command...
CVE-2012-4245
Removed by vendor...
CVE-2012-4245
CVE-2012-4245 concerns the GIMP 2.6 scriptfu network server which does not require authentication, enabling remote attackers to execute arbitrary commands via the python-fu-eval command. Multiple connected sources document this remote code execution vector in GIMP's scriptfu. Affected product/ver...
GIMP Scriptfu Python Remote Command Execution
Summary ======= There is an arbitrary command execution vulnerability in the scriptfu network server console in the GIMP 2.6 branch. It is possible to use a python scriptfu command to run arbitrary operating-system commands and potentially take full control of the host. The advisory is posted her...
CVE-2012-2282
EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 aka MR1 SP3.2 and 2.2 before 2.2.0.19078 aka MR2 SP0.2 do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a 1 NFSv2, 2...
Cross site request forgery (csrf)
EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 aka MR1 SP3.2 and 2.2 before 2.2.0.19078 aka MR2 SP0.2 do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a 1 NFSv2, 2...
CVE-2012-2282
Summary of CVE-2012-2282 : EMC Celerra Network Server 6.x (before 6.0.61.0), VNX 7.x (before 7.0.53.2), and VNXe 2.0/2.1 prior to 2.1.3.19077 (MR1 SP3.2) or 2.2 before 2.2.0.19078 (MR2 SP0.2) has improper NFS access control. This allows remote authenticated users to read or modify files via NFSv2...
[oCERT-2008-016] Multiple OpenSSL signature verification API misuses
2008-016 multiple OpenSSL signature verification API misuse Description: Several functions inside the OpenSSL library incorrectly check the result after calling the EVPVerifyFinal function. This bug allows a malformed signature to be treated as a good signature rather than as an error. This issue...
CVE-2006-5873
CVE-2006-5873 affects l2tpns: Buffer overflow in cluster_process_heartbeat() of cluster.c can cause remote denial of service via a large heartbeat packet. Connected sources confirm the issue in l2tpns before 2.1.21. Debian security advisories indicate the patch is in 2.1.21-1 (unstable) with 2.0....
l2tpns layer 2 tunnelling protocol network server buffer overflow
No description provided...
Derby Network Server Detection
The remote host is running a Derby formerly Cloudscape Network Server, which allows for network access to the Derby database engine on that host. Derby itself is a Java-based relational database developed by the Apache Software Foundation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
JavaScript code can cause the browser attack-vulnerability warning-the black bar safety net
Security researchers have found a Use JavaScript to scan the family and the enterprise network, and attacks on the network server, and the router and printer and other equipment of the method. Researchers say the malicious JavaScript code can be embedded in a Web page, use the browser to browse t...
Anglers of the three typical means of attack-vulnerability warning-the black bar safety net
In most people the impression that phishing is one of those tricking people into providing Bank account or identity information of the fake e-mail. However, according to the honey network project group&honey network research Alliance Honeynet Project & Research Alliance recently published study...
HALO Network Server Detection
The remote host is running a version of HALO Network Server. The server is used to host Internet and Local Area Network LAN games. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid12117; scriptversion"1.14";...
L2TP Network Server Detection
The report host understands the L2TP tunneling protocol and appears to be a VPN endpoint, or more specifically, an L2TP Network Server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11387; scriptversion"1.17"; scriptsetattributeattribute:"pluginmodificationdate",...
CVE-1999-1281
CVE-1999-1281 affects the Breeze Network Server (development version). The vulnerability allows remote attackers to reboot the system by accessing the configbreeze CGI program. Impact is indicated as partial availability (per CVSS data), with network access and no authentication required in the d...