20 matches found
EUVD-2011-1005
Malware in sbrugna...
EUVD-2013-3643
Malware in sbrugna...
EUVD-2013-6842
Malware in sbrugna...
EUVD-2010-1354
Malware in sbrugna...
SUSE CVE-2013-7042
SUSE Lifecycle Management Server SLMS before 1.3.7 uses world-readable permissions for the secret keys, which allows local users to gain privileges via unspecified vectors...
SUSE: Security Advisory (SUSE-SU-2013:1260-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1828-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2012:0147-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:0948-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2011-0993
SUSE Lifecycle Management Server before 1.1 uses world readable postgres credentials, which allows local users to obtain sensitive information via unspecified vectors...
Information disclosure
SUSE Lifecycle Management Server before 1.1 uses world readable postgres credentials, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2011-0993
SUSE Lifecycle Management Server before 1.1 uses world readable postgres credentials, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2013-3710
SUSE Lifecycle Management Server SLMS before 1.3.7 does not generate a new secret key when the service starts, which allows remote attackers to defeat intended cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere...
CVE-2013-3710
The provided documents identify CVE-2013-3710 as affecting SUSE Lifecycle Management Server (SLMS) before version 1.3.7. The root cause is that SLMS does not generate a new secret key when the service starts, enabling remote attackers to defeat intended cryptographic protections by deriving knowl...
CVE-2013-3710
SUSE Lifecycle Management Server SLMS before 1.3.7 does not generate a new secret key when the service starts, which allows remote attackers to defeat intended cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere...
CVE-2013-7042
SUSE Lifecycle Management Server SLMS before 1.3.7 uses world-readable permissions for the secret keys, which allows local users to gain privileges via unspecified vectors...
CVE-2010-1325
Cross-site request forgery CSRF vulnerability in the apache2-slms package in SUSE Lifecycle Management Server SLMS 1.0 on SUSE Linux Enterprise SLE 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the apache2-slms package in SUSE Lifecycle Management Server SLMS 1.0 on SUSE Linux Enterprise SLE 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources...
CVE-2010-1325
Cross-site request forgery CSRF vulnerability in the apache2-slms package in SUSE Lifecycle Management Server SLMS 1.0 on SUSE Linux Enterprise SLE 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources...
CVE-2010-1325
Summary (CVE-2010-1325) : A CSRF vulnerability affects the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise 11 . The issue arises from improper parameter quoting, enabling remote attackers to hijack the authentication of unspecified victims. The availab...