81 matches found
[SECURITY] [DLA 1331-1] mercurial security update
Package : mercurial Version : 2.2.2-4+deb7u7 CVE ID : CVE-2018-1000132 Debian Bug : 892964 Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network...
Mercurial Protocol Server Access Control Error Vulnerability
Mercurial is a software developer Matt Mackall developed a set of cross-platform distributed version control software written in Python. The software supports simultaneous processing of plain text and binary files , etc. Protocol server is one of the protocol server . An access control error...
PYSEC-2018-87
Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...
UBUNTU-CVE-2018-1000132
Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...
CVE-2018-1000132
Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...
Improper access control
Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...
ALPINE-CVE-2018-1000132
Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...
DEBIAN-CVE-2018-1000132
Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...
CVE-2018-1000132
Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...
CVE-2018-1000132
Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...
CVE-2018-1000132
Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...
CVE-2018-1000132
Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...
CVE-2018-1000132
Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...
CVE-2017-12724
A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The FTP server on the pump contains hardcoded credentials, which are not fully initialized. The FTP server is only accessible if the pump is configured ...
CVE-2017-12230
A vulnerability in the web-based user interface web UI of Cisco IOS XE 16.2 could allow an authenticated, remote attacker to elevate their privileges on an affected device. The vulnerability is due to incorrect default permission settings for new users who are created by using the web UI of the...
CVE-2007-6737
FTPServer.py in pyftpdlib before 0.2.0 does not increment the attemptedlogins count for a USER command that specifies an invalid username, which makes it easier for remote attackers to obtain access via a brute-force attack...
iDefense Security Advisory 05.02.07: LiveData Protocol Server Heap Overflow Vulnerability
LiveData Protocol Server Heap Overflow Vulnerability iDefense Security Advisory 05.02.07 http://labs.idefense.com/intelligence/vulnerabilities/ May 02, 2007 I. BACKGROUND LiveData is a provider of real-time data acquisition and processing software. LiveData Protocol Server is used in SCADA...
CVE-2007-2489
Heap-based buffer overflow in LiveData Protocol Server 5.00.045, and other versions before update 500062 5.00.062, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted request for a WSDL file that causes a negative length to be used in a...
CVE-2007-2489
Affected software : LiveData Protocol Server (5.00.045 and older up to 5.00.062). Vulnerability : Heap-based buffer overflow caused by a crafted WSDL request that makes a negative length be passed to strncpy, leading to possible code execution or denial of service. The issue is triggered by overs...
LiveData Protocol Server fails to properly handle requests for WSDL files
Overview The LiveData Protocol Server fails to properly handle requests. This vulnerability may allow a remote attacker to execute arbitrary code. Description The LiveData Protocol Server is real-time data acquisition and processing software used to record and transmit data among process control...