5548 matches found
Design/Logic Flaw
The deleteinstallfiles function in control/ContentController.php in SilverStripe 2.3.x before 2.3.7 does not require ADMIN permissions, which allows remote attackers to delete index.php and "disrupt modrewrite-less URL routing."...
CVE-2010-5094
The deleteinstallfiles function in control/ContentController.php in SilverStripe 2.3.x before 2.3.7 does not require ADMIN permissions, which allows remote attackers to delete index.php and "disrupt modrewrite-less URL routing."...
[SECURITY] Fedora 17 Update: rubygem-actionpack-3.0.11-7.fc17
Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser...
broadcast-eigrp-discovery NSE Script
Performs network discovery and routing information gathering through Cisco's Enhanced Interior Gateway Routing Protocol EIGRP. The script works by sending an EIGRP Hello packet with the specified Autonomous System value to the 224.0.0.10 multicast address and listening for EIGRP Update packets. T...
Fedora Update for rubygem-actionpack FEDORA-2012-11353
Check for the Version of rubygem-actionpack OpenVAS Vulnerability Test Fedora Update for rubygem-actionpack FEDORA-2012-11353 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Cisco Carrier Routing System Security Bypass Vulnerability
Cisco Carrier Routing System contains a vulnerability that could allow an unauthenticated, remote attacker to bypass security protections and gain unauthorized network access. The vulnerability is due to improper handling of IP version 4 IPv4 fragments in the affected device. An unauthenticated,...
Debian: Security Advisory (DSA-2497-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 16 Update: rubygem-actionpack-3.0.10-8.fc16
Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser...
Design/Logic Flaw
Cisco Carrier Routing System CRS 3.9, 4.0, and 4.1 allows remote attackers to bypass ACL entries via fragmented packets, aka Bug ID CSCtj10975...
CVE-2012-1342
Cisco Carrier Routing System CRS 3.9, 4.0, and 4.1 allows remote attackers to bypass ACL entries via fragmented packets, aka Bug ID CSCtj10975...
mrinfo NSE Script
Queries targets for multicast routing information. This works by sending a DVMRP Ask Neighbors 2 request to the target and listening for DVMRP Neighbors 2 responses that are sent back and which contain local addresses and the multicast neighbors on each interface of the target. If no specific...
Scientific Linux Security Update : kernel on SL4.x i386/x86_64
This update fixes the following security issues : - a flaw was found in the Realtek r8169 Ethernet driver in the Linux kernel. pciunmapsingle presented a memory leak that could lead to IOMMU space exhaustion and a system crash. An attacker on the local network could trigger this flaw by using jum...
Scientific Linux Security Update : kernel on SL5.x i386/x86_64
These new kernel packages contain fixes for the following security issues : - a flaw in the handling of IPv6 type 0 routing headers that allowed remote users to cause a denial of service that led to a network amplification between two routers CVE-2007-2242, Important. - a flaw in the nfnetlinklog...
AVAVoIP 1.5.12 Cross Site Scripting / Shell Upload
Exploit for php platform in category web applications Title: ====== AVAVoIP v1.5.12 - Multiple Web Vulnerabilities Introduction: ============= Designed from the ground up to empower VoIP and to meet the needs of the changing business environment, the AVA VoIP platform provides best in class...
AVAVoIP 1.5.12 Cross Site Scripting / Shell Upload
Title: ====== AVAVoIP v1.5.12 - Multiple Web Vulnerabilities Date: ===== 2012-06-28 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=437 VL-ID: ===== 611 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= Designed fr...
Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities
Title: ====== Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities Date: ===== 2012-06-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=526 VL-ID: ===== 526 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= Die...
Fedora Update for rubygem-actionpack FEDORA-2012-9636
Check for the Version of rubygem-actionpack OpenVAS Vulnerability Test Fedora Update for rubygem-actionpack FEDORA-2012-9636 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Quagga < 0.98.6 / 0.99.4 Multiple Vulnerabilities
According to its self-reported version number, the installation of Quagga listening on the remote host is affected by multiple vulnerabilities : - An information disclosure vulnerability in RIPD can be triggered by a REQUEST packet, such as SEND UPDATE, on hosts that disable RIPv1 or require...
Quagga Zebra Detection
Zebra, the core daemon of the Quagga routing software suite, is running on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid59796; scriptversion"1.4"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"Quagga Zebra Detection";...
Fedora Update for quagga FEDORA-2012-9116
Check for the Version of quagga OpenVAS Vulnerability Test Fedora Update for quagga FEDORA-2012-9116 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...