1091 matches found
Authentication flaw
Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833...
Command injection
The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a TCP request, related to a "command injection vulnerability," aka Bug ID CSCtb52587...
CVE-2011-0378
Summary: CVE-2011-0378 affects Cisco TelePresence endpoint devices running 1.2.x–1.5.x. The vulnerability is an XML-RPC Command Injection that could allow an unauthenticated attacker within the broadcast domain to execute arbitrary commands with elevated privileges. Exploitation would involve sen...
CVE-2011-0392
CVE-2011-0392 affects Cisco TelePresence Recording Server 1.6.x with an unauthenticated XML-RPC interface exposed on TCP port 8080. The connected Cisco advisory documents that this XML-RPC Interface vulnerability allows an unauthenticated remote attacker to perform actions that should be restrict...
CVE-2011-0390
The XML-RPC implementation on Cisco TelePresence Multipoint Switch CTMS devices with software 1.0.x, 1.1.x, 1.5.x, 1.6.x, and 1.7.0 allows remote attackers to cause a denial of service process crash via a crafted request, aka Bug ID CSCtj44534...
CVE-2011-0386
The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739...
CVE-2011-0378
The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a TCP request, related to a "command injection vulnerability," aka Bug ID CSCtb52587...
CVE-2011-0390
CVE-2011-0390 affects Cisco TelePresence Multipoint Switch (CTMS). A remote, unauthenticated attacker can crash the call-geometry process by sending a crafted XML-RPC request to the device (TCP port 9000), causing a denial of service. Affected software versions include CTMS 1.0.x, 1.1.x, 1.5.x, 1...
CVE-2011-0386
CVE-2011-0386 affects Cisco TelePresence Recording Server devices running 1.6.x and 1.7.x (before 1.7.1). The issue is an XML-RPC Arbitrary File Overwrite vulnerability that allows an unauthenticated, remote attacker to overwrite files and consequently execute arbitrary code via a malformed reque...
bo-blog upload vulnerability-vulnerability warning-the black bar safety net
| Attention to the following recent of several large cattle site was hacked the message, The know with bo-blog, just under the sleeve 2. 1. 1 See, found a point problem. This program and F2blog the presence of the same upload bug, just use the hard point, to a certain permissions. But the...
WordPress < 3.0.3 XML-RPC Interface Access Restriction Bypass
According to its version number, the installation of WordPress is prior to 3.0.3. It is, therefore, affected by a security bypass vulnerability. Certain access control restrictions are not properly enforced, which could allow a remote, authenticated user to perform unauthorized actions such as...
CentOS Update for php CESA-2010:0919 centos4 i386
Check for the Version of php OpenVAS Vulnerability Test CentOS Update for php CESA-2010:0919 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Oracle Virtual Server Agent Command Injection (CVE-2010-3582)
Oracle VM software provides virtualization technology that allows the running of multiple instances of x86 virtual computers simultaneously within the hosting operating system. A command injection vulnerability exists in Oracle VM. The vulnerability is due to an input validation error in proxy...
CentOS 4 / 5 : php (CESA-2010:0919)
Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...
php security update
CentOS Errata and Security Advisory CESA-2010:0919 Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS...
RHEL 4 / 5 : php (RHSA-2010:0919)
Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...
Moderate: Red Hat Security Advisory: php security update
Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...
Oracle Virtual Server Agent Command Injection
Added: 11/26/2010 CVE: CVE-2010-3582 BID: 44031 Background Oracle VM software provides virtualization technology that allows running multiple instances of x86 virtual computers simultaneously within the host operating system. It supports many Oracle and non-Oracle based systems such as Windows,...
Oracle Virtual Server Agent Command Injection
Added: 11/26/2010 CVE: CVE-2010-3582 BID: 44031 Background Oracle VM software provides virtualization technology that allows running multiple instances of x86 virtual computers simultaneously within the host operating system. It supports many Oracle and non-Oracle based systems such as Windows,...
Oracle Virtual Server Agent Command Injection
Added: 11/26/2010 CVE: CVE-2010-3582 BID: 44031 Background Oracle VM software provides virtualization technology that allows running multiple instances of x86 virtual computers simultaneously within the host operating system. It supports many Oracle and non-Oracle based systems such as Windows,...