Lucene search
K

70 matches found

NVD
NVD
added 2018/01/29 4:29 p.m.19 views

CVE-2017-1779

IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. IBM X-Force ID: 136824...

7.8CVSS7.3AI score0.0041EPSS
Exploits0References6
OSV
OSV
added 2018/01/29 4:29 p.m.4 views

CVE-2017-1779

IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. IBM X-Force ID: 136824...

7.8CVSS5.8AI score0.0041EPSS
Exploits0References6
Cvelist
Cvelist
added 2018/01/29 4:0 p.m.24 views

CVE-2017-1779

IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. IBM X-Force ID: 136824...

7.2AI score0.0041EPSS
Exploits0References6
Kitploit
Kitploit
added 2017/08/31 2:30 p.m.40 views

RedSnarf - A Pen-Testing / Red-Teaming Tool For Windows Environments

RedSnarf is a pen-testing / red-teaming tool by Ed Williams for retrieving hashes and credentials from Windows workstations, servers and domain controllers using OpSec Safe Techniques. RedSnarf functionality includes: Retrieval of local SAM hashes Enumeration of user/s running with elevated syste...

7.8AI score
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.7 views

The vulnerability of Apache Subversion software allows a malicious intruder to compromise the confidentiality and integrity of protected information.

Vulnerability exists in Apache Subversion due to the storage of cached user credentials, based on MD5 hashes of URL addresses and authentication realms. Exploiting this vulnerability allows remote servers to gain access to user credentials by using a specially crafted authentication realm...

4CVSS7.7AI score0.07495EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.26 views

Mandriva Linux Security Advisory : subversion (MDVSA-2015:085)

Updated subversion packages fix security vulnerabilities : The moddavsvn module in Apache Subversion before 1.8.8, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service crash via an OPTIONS request CVE-2014-0032. Ben Reser discovered that Subversion did not...

5CVSS7.6AI score0.11052EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2015/02/10 11:11 p.m.39 views

Moderate: Red Hat Security Advisory: subversion security update

Updated subversion packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...

5CVSS7.3AI score0.1067EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2014/10/06 12:0 a.m.32 views

Apache Subversion 1.0.x - 1.7.17 / 1.8.x < 1.8.10 Multiple Vulnerabilities

The version of Subversion Server installed on the remote host is version 1.x.x prior to 1.7.18 or 1.8.x prior to 1.8.10. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the Serf RA layer. This flaw causes wildcards for HTTPS connections to be improperly evaluated,...

4CVSS7.6AI score0.07495EPSS
Exploits0References4
securityvulns
securityvulns
added 2014/08/26 12:0 a.m.97 views

[USN-2316-1] Subversion vulnerabilities

========================================================================== Ubuntu Security Notice USN-2316-1 August 14, 2014 subversion vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

4.3CVSS1.2AI score0.11052EPSS
Exploits0
OSV
OSV
added 2014/08/21 9:36 a.m.9 views

MGASA-2014-0339 Updated subversion packages fix security vulnerabilities

Updated subversion packages fix security vulnerabilities: Ben Reser discovered that Subversion did not correctly validate SSL certificates containing wildcards. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communicatio...

4CVSS6.1AI score0.07495EPSS
Exploits0References7
Mageia
Mageia
added 2014/08/21 9:36 a.m.49 views

Updated subversion packages fix CVE-2014-3528

Updated subversion packages fix security vulnerability: Bert Huijben discovered that Subversion did not properly handle cached credentials. A malicious server could possibly use this issue to obtain credentials cached for a different server CVE-2014-3528. The subversion package has been patched t...

4CVSS8.9AI score0.07495EPSS
Exploits0References3
OSV
OSV
added 2014/08/21 9:36 a.m.9 views

MGASA-2014-0338 Updated subversion packages fix CVE-2014-3528

Updated subversion packages fix security vulnerability: Bert Huijben discovered that Subversion did not properly handle cached credentials. A malicious server could possibly use this issue to obtain credentials cached for a different server CVE-2014-3528. The subversion package has been patched t...

4CVSS6.3AI score0.07495EPSS
Exploits0References4
NVD
NVD
added 2014/08/19 6:55 p.m.21 views

CVE-2014-3528

Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm...

4CVSS9.3AI score0.07495EPSS
Exploits0References13
OSV
OSV
added 2014/08/19 6:55 p.m.10 views

CVE-2014-3528

Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm...

4CVSS6.3AI score0.07495EPSS
Exploits0References14
Prion
Prion
added 2014/08/19 6:55 p.m.21 views

Authentication flaw

Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm...

4CVSS6.9AI score0.07495EPSS
Exploits0References13Affected Software9
Debian CVE
Debian CVE
added 2014/08/19 6:0 p.m.22 views

CVE-2014-3528

Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm...

4CVSS8.6AI score0.07495EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/08/15 12:0 a.m.33 views

Ubuntu 14.04 LTS : Subversion vulnerabilities (USN-2316-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2316-1 advisory. Lieven Govaerts discovered that the Subversion moddavsvn module incorrectly handled certain request methods when SVNListParentPath was enabled. A remote...

4.3CVSS7.8AI score0.11052EPSS
Exploits0References4
OSV
OSV
added 2014/08/14 5:42 p.m.4 views

USN-2316-1 subversion vulnerabilities

Lieven Govaerts discovered that the Subversion moddavsvn module incorrectly handled certain request methods when SVNListParentPath was enabled. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS...

4.3CVSS7.2AI score0.11052EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2014/08/14 5:42 p.m.63 views

USN-2316-1: Subversion vulnerabilities

Lieven Govaerts discovered that the Subversion moddavsvn module incorrectly handled certain request methods when SVNListParentPath was enabled. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS...

4.3CVSS7.6AI score0.11052EPSS
Exploits0
FreeBSD
FreeBSD
added 2014/08/06 12:0 a.m.39 views

subversion -- several vulnerabilities

Subversion Project reports: Using the Serf RA layer of Subversion for HTTPS uses the aprfnmatch API to handle matching wildcards in certificate Common Names and Subject Alternate Names. However, aprfnmatch is not designed for this purpose. Instead it is designed to behave like common shell...

4CVSS8.3AI score0.07495EPSS
Exploits0References2
Rows per page
Query Builder