8823 matches found
IBM System Networking Switch Center Contention Condition Vulnerability
IBM System Networking Switch Center is a suite of applications used to remotely monitor and manage Ethernet converged switches from IBM USA, which was acquired by Lenovo of China. A contention condition vulnerability exists in IBM System Networking Switch Center versions prior to 7.3.1.5 and Leno...
CVE-2015-7820
Race condition in the administration-panel web service in IBM System Networking Switch Center SNSC before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide ZipDownload.jsp input containing directory traversal...
Design/Logic Flaw
The DB service in IBM System Networking Switch Center SNSC before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain sensitive administrator-account information via a request on port 40999, as demonstrated by an improperly encrypted password...
Race condition
Race condition in the administration-panel web service in IBM System Networking Switch Center SNSC before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide FileReader.jsp input containing directory traversal...
Race condition
Race condition in the administration-panel web service in IBM System Networking Switch Center SNSC before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide ZipDownload.jsp input containing directory traversal...
CVE-2015-7819
The DB service in IBM System Networking Switch Center SNSC before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain sensitive administrator-account information via a request on port 40999, as demonstrated by an improperly encrypted password...
CVE-2015-7817
CVE-2015-7817 affects IBM System Networking Switch Center (SNSC) prior to 7.3.1.5 and Lenovo Switch Center prior to 8.1.2.0. A race condition in the administration-panel web service enables remote attackers to obtain privileged-account access, then feed FileReader.jsp input containing directory t...
CVE-2015-7818
The administration-panel web service in IBM System Networking Switch Center SNSC before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows local users to execute arbitrary JSP code with SYSTEM privileges by using the Apache Axis AdminService deployment method to install a .jsp file...
CVE-2015-7820
Race condition in the administration-panel web service in IBM System Networking Switch Center SNSC before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide ZipDownload.jsp input containing directory traversal...
CVE-2015-7817
Race condition in the administration-panel web service in IBM System Networking Switch Center SNSC before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide FileReader.jsp input containing directory traversal...
Lenovo Switch Center Remote Privilege Vulnerability
Lenovo Switch Center formerly known as IBM System Networking Switch Center is a suite of applications used by Lenovo in China to remotely monitor and manage Ethernet converged switches. A remote elevation vulnerability exists in IBM System Networking Switch Center version 7.1.3.4 and earlier and...
IBM System Networking Switch Center DB Service Remote Elevation of Privilege Vulnerability
This vulnerability allows remote attackers to disclose information on vulnerable installations of IBM System Networking Switch Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IBM SNSC DB Service, that listens by default on port 40999. This...
IBM System Networking Switch Center ZipDownload.jsp Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose information on vulnerable installations of IBM System Networking Switch Center. Authentication is not required to exploit this vulnerability. The specific flaws exist within the IBM SNSC Web Service, which listens by default on ports 40080 HT...
IBM System Networking Switch Center Local Privilege Escalation Vulnerability
This vulnerability allows local unprivileged attackers to execute arbitrary code on vulnerable installations of IBM System Networking Switch Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IBM SNSC Web Service, which listens by default on...
tools.cisco.com Cross Site Scripting
Exploit Title: Cisco.com sub-domain Reflected XSS RXSS Date: 31/10/2015 Author: Yann CAM @ Synetis - ASafety Vendor or Software Link: www.cisco.com Version: / Category: Reflected Cross Site Scripting Google dork: Tested on: cisco.com sub-domains Cisco description :...
CVE-2011-1173
The econetsendmsg function in net/econet/afeconet.c in the Linux kernel before 2.6.39 on the x8664 platform allows remote attackers to obtain potentially sensitive information from kernel stack memory by reading uninitialized data in the ah field of an Acorn Universal Networking AUN packet...
SUSE-SU-2015:1853-1 Security update for xen
xen was updated to fix nine security issues. These security issues were fixed: - CVE-2015-4037: The slirpsmb function in net/slirp.c created temporary files with predictable names, which allowed local users to cause a denial of service instantiation failure by creating /tmp/qemu-smb.- files befor...
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2778-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2778-1 advisory. It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route...
Ubuntu: Security Advisory (USN-2779-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2779-1: Linux kernel vulnerabilities
It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service...