CentOS 7 : xmlrpc (CESA-2018:1780)

An update for xmlrpc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

[SECURITY] Fedora 27 Update: xmlrpc-3.1.3-20.fc27

Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls. Apache XML-RPC was previously known as Helma XML-RPC. If you have code using the Helma library, all you should have to do is change the import statements in your cod...

[SECURITY] Fedora 28 Update: xmlrpc-3.1.3-20.fc28

Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls. Apache XML-RPC was previously known as Helma XML-RPC. If you have code using the Helma library, all you should have to do is change the import statements in your cod...

CentOS Update for xmlrpc-client CESA-2018:1780 centos7

Check the version of xmlrpc-client SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882909";...

xmlrpc security update

CentOS Errata and Security Advisory CESA-2018:1780 An update for xmlrpc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

xmlrpc3 security update

CentOS Errata and Security Advisory CESA-2018:1779 An update for xmlrpc3 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Oracle Linux 7 : xmlrpc (ELSA-2018-1780)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-1780 advisory. 1:3.1.3-9 - Disallow deserialization of tags by default - Resolves: CVE-2016-5003 Tenable has extracted the preceding description block directly from the Oracle...

Oracle Linux 6 : xmlrpc3 (ELSA-2018-1779)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-1779 advisory. - Related: CVE-2016-5003 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested...

xmlrpc: Deserialization of untrusted Java object through <ex:serializable> tag

A flaw was discovered in the Apache XML-RPC ws-xmlrpc library that deserializes untrusted data when enabledForExtensions setting is enabled. A remote attacker could use this vulnerability to execute arbitrary code via a crafted serialized Java object in a element...

Important: Red Hat Security Advisory: xmlrpc security update

An update for xmlrpc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: xmlrpc3 security update

An update for xmlrpc3 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

WordPress XML-RPC Interface Detected

A public facing WordPress XML-RPC interface has been detected. An attacker may be able to launch attacks against the web server Via XML-RPC including: - Login into WordPress backend Administrative interface - Brute force user credentials - Use pingbacks for scanning or fingerprinting for example ...

Beware; rTorrent Client Exploited to Mine Monero Cryptocurrency

By Waqas rTorrent Client Exploited to Mine Monero Cryptocurrency Thanks to XML-RPC This is a post from HackRead.com Read the original post: Beware; rTorrent Client Exploited to Mine Monero Cryptocurrency...

HomeMatic CCU2 Multiple Vulnerabilities

HomeMatic CCU2 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eq-3:homematicccu2";...

CVE-2018-7301

eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port without authentication. This can be exploited by sending arbitrary XML-RPC requests to control the attached BidCos devices...

Design/Logic Flaw

eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port without authentication. This can be exploited by sending arbitrary XML-RPC requests to control the attached BidCos devices...

CVE-2018-7301

eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port without authentication. This can be exploited by sending arbitrary XML-RPC requests to control the attached BidCos devices...

CVE-2018-7301

The CVE-2018-7301 entry concerns eQ-3 AG HomeMatic CCU2 devices (version 2.29.22) with an open XML-RPC port that requires no authentication. This allows arbitrary XML-RPC requests to control attached BidCos devices. Public details from NVD indicate a high/critical impact profile (cvss2 base 7.5, ...

Debian: Security Advisory (DLA-975-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache Roller < 5.0.3 XXE Vulnerability

Apache Roller is prone to an XML external entity XXE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:roller...