rPSA-2008-0318-1 initscripts

rPath Security Advisory: 2008-0318-1 Published: 2008-11-12 Products: rPath Appliance Platform Linux Service 1 rPath Appliance Platform Linux Service 2 rPath Linux 1 rPath Linux 2 Rating: Major Exposure Level Classification: Local Root Deterministic Denial of Service Updated Versions:...

CVE-2008-2139

The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not re-validate requests from a browser with a valid administrator session, including requests to change the password, which makes it easier for physically proximate attackers to gain privileges and maintain control over the...

Design/Logic Flaw

The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not re-validate requests from a browser with a valid administrator session, including requests to change the password, which makes it easier for physically proximate attackers to gain privileges and maintain control over the...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the rootpw plugin in rPath Appliance Platform Agent 2 and 3 allows remote attackers to reset the root password as the administrator via a crafted URL...

CVE-2008-2140

Cross-site request forgery CSRF vulnerability in the rootpw plugin in rPath Appliance Platform Agent 2 and 3 allows remote attackers to reset the root password as the administrator via a crafted URL...

CVE-2008-2140

CVE-2008-2140 corresponds to a CSRF vulnerability in the rootpw plugin of the rPath Appliance Platform Agent (versions 2 and 3). The underlying issue enables remote attackers to reset the root password for the administrator account through a crafted URL. The linked documents confirm the affected ...

CVE-2008-2139

The CVE-2008-2139 entry concerns the rootpw plugin in rPath Appliance Platform Agent 2 and 3, where requests from a browser with a valid administrator session are not re-validated (including password-change requests). This weakens session handling and can allow physically proximate attackers to g...

CVE-2008-2139

The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not re-validate requests from a browser with a valid administrator session, including requests to change the password, which makes it easier for physically proximate attackers to gain privileges and maintain control over the...

rPSA-2008-0151-1 libpng

rPath Security Advisory: 2008-0151-1 Published: 2008-04-29 Products: rPath Linux 1 rPath Appliance Platform Linux Service 1 Rating: Major Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: libpng=conary.rpath.com@rpl:1/1.2.26-2.1-1 rPath Issue Trackin...

rPSA-2008-0132-1 lighttpd

rPath Security Advisory: 2008-0132-1 Published: 2008-03-31 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Denial of Service Updated Versions: lighttpd=conary.rpath.com@rpl:1/1.4.18-0.5-1 rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-24...

rPSA-2008-0118-1 bzip2

rPath Security Advisory: 2008-0118-1 Published: 2008-03-21 Products: rPath Linux 1 rPath Appliance Platform Linux Service 1 Rating: Minor Exposure Level Classification: Indirect Deterministic Denial of Service Updated Versions: bzip2=conary.rpath.com@rpl:1/1.0.4-1.1-1 rPath Issue Tracking System:...