11 matches found
rPSA-2008-0318-1 initscripts
rPath Security Advisory: 2008-0318-1 Published: 2008-11-12 Products: rPath Appliance Platform Linux Service 1 rPath Appliance Platform Linux Service 2 rPath Linux 1 rPath Linux 2 Rating: Major Exposure Level Classification: Local Root Deterministic Denial of Service Updated Versions:...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the rootpw plugin in rPath Appliance Platform Agent 2 and 3 allows remote attackers to reset the root password as the administrator via a crafted URL...
CVE-2008-2139
The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not re-validate requests from a browser with a valid administrator session, including requests to change the password, which makes it easier for physically proximate attackers to gain privileges and maintain control over the...
Design/Logic Flaw
The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not re-validate requests from a browser with a valid administrator session, including requests to change the password, which makes it easier for physically proximate attackers to gain privileges and maintain control over the...
CVE-2008-2140
CVE-2008-2140 corresponds to a CSRF vulnerability in the rootpw plugin of the rPath Appliance Platform Agent (versions 2 and 3). The underlying issue enables remote attackers to reset the root password for the administrator account through a crafted URL. The linked documents confirm the affected ...
CVE-2008-2140
Cross-site request forgery CSRF vulnerability in the rootpw plugin in rPath Appliance Platform Agent 2 and 3 allows remote attackers to reset the root password as the administrator via a crafted URL...
CVE-2008-2139
The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not re-validate requests from a browser with a valid administrator session, including requests to change the password, which makes it easier for physically proximate attackers to gain privileges and maintain control over the...
CVE-2008-2139
The CVE-2008-2139 entry concerns the rootpw plugin in rPath Appliance Platform Agent 2 and 3, where requests from a browser with a valid administrator session are not re-validated (including password-change requests). This weakens session handling and can allow physically proximate attackers to g...
rPSA-2008-0151-1 libpng
rPath Security Advisory: 2008-0151-1 Published: 2008-04-29 Products: rPath Linux 1 rPath Appliance Platform Linux Service 1 Rating: Major Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: libpng=conary.rpath.com@rpl:1/1.2.26-2.1-1 rPath Issue Trackin...
rPSA-2008-0132-1 lighttpd
rPath Security Advisory: 2008-0132-1 Published: 2008-03-31 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Denial of Service Updated Versions: lighttpd=conary.rpath.com@rpl:1/1.4.18-0.5-1 rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-24...
rPSA-2008-0118-1 bzip2
rPath Security Advisory: 2008-0118-1 Published: 2008-03-21 Products: rPath Linux 1 rPath Appliance Platform Linux Service 1 Rating: Minor Exposure Level Classification: Indirect Deterministic Denial of Service Updated Versions: bzip2=conary.rpath.com@rpl:1/1.0.4-1.1-1 rPath Issue Tracking System:...