1801 matches found
CVE-2013-1836
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access...
Design/Logic Flaw
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access...
CVE-2013-1836
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access...
[USN-1762-1] APT vulnerability
========================================================================== Ubuntu Security Notice USN-1762-1 March 14, 2013 apt vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...
CVE-2013-1051
apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories...
CVE-2013-1051
apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories...
Code injection
apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories...
CVE-2013-1051
CVE-2013-1051 affects apt versions 0.8.16 and 0.9.7 (and possibly others) through improper handling of InRelease files, enabling man-in-the-middle modification of packages before installation via unknown vectors. The underlying issue relates to repository integrity checks and third‑party reposito...
CVE-2013-1051
apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories...
Ubuntu Update for apt USN-1762-1
Check for the Version of apt OpenVAS Vulnerability Test $Id: gbubuntuUSN17621.nasl 8483 2018-01-22 06:58:04Z teissa $ Ubuntu Update for apt USN-1762-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you c...
Ubuntu 11.10 / 12.04 LTS / 12.10 : apt vulnerability (USN-1762-1)
Ansgar Burchardt discovered that APT incorrectly handled InRelease files. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. This update corrects the issue by disabling InRelease file support completely. Please no...
CVE-2013-1051
apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories...
UBUNTU-CVE-2013-1835
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the loginas feature...
UBUNTU-CVE-2013-1836
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access...
Sparx Systems Enterprise Architect 9.3.931 Corporate Password Disclosure
Subject ======= Simple password obfuscation in Sparx Systems "Enterprise Architect" when using server based repositories Affected product ================ Product: Enterprise Architect Vendor: Sparx Systems Affected versions ================= Tested with 9.3.931 Corporate, other versions likely t...
IBM WebSphere Application Server 8.0 < Fix Pack 5 Multiple Vulnerabilities
IBM WebSphere Application Server 8.0 before Fix Pack 5 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - An unspecified error exists related to the Administrative Console that can allow an attacker to hijack sessions...
IBM WebSphere Application Server 8.5 < Fix Pack 1 Multiple Vulnerabilities
IBM WebSphere Application Server 8.5 before Fix Pack 1 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities : - An input validation error exists related to the 'Eclipse Help System' that can allow arbitrary redirect responses to HTTP...
[SECURITY] Fedora 17 Update: viewvc-1.1.17-1.fc17
ViewVC is a browser interface for CVS and Subversion version control repositories. It generates templatized HTML to present navigable directory, revision, and change log listings. It can display specific versions of files as well as diffs between those versions. Basically, ViewVC provides the bul...
Directory traversal
Directory traversal vulnerability in gitolite 3.x before 3.1, when wild card repositories and a pattern matching "../" are enabled, allows remote authenticated users to create arbitrary repositories and possibly perform other actions via a .. dot dot in a repository name...
CVE-2012-4506
CVE-2012-4506 affects gitolite 3.x prior to 3.1. When wild card repositories are used and a pattern matching ".." is enabled, a directory traversal vulnerability can allow remote authenticated users to create arbitrary repositories and potentially perform other actions via a ".." in a repository ...