647 matches found
Design/Logic Flaw
A local user on F5 BIG-IQ Centralized Management 5.1.0-5.2.0 with the Access Manager role has privileges to change the passwords of other users on the system, including the local admin account password...
CVE-2017-6152
A local user on F5 BIG-IQ Centralized Management 5.1.0-5.2.0 with the Access Manager role has privileges to change the passwords of other users on the system, including the local admin account password...
Moderate: Red Hat Bug Fix Advisory: Red Hat Satellite 6.3 Base Libraries
Red Hat Satellite 6.3 Base Libraries Red Hat Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, remote management and monitoring of multiple Linux deployments with a single, centralized tool. It performs provisioning and configuration management of...
CFC - Linux Centralized Firewall Control
Centralized firewall control provides a centralized way to manage the firewall on multiple servers or loadbalancers running iptables. This way you can quickly allow/block/del/search abuse ranges etc. with one command on several servers. It accesses those servers through ssh. It supports both IPv4...
The vulnerability of the centralized version control system CVS lies in its improper handling of data when interacting with a remote repository via SSH protocol. This allows a malicious actor to execute arbitrary code.
The vulnerability of the centralized version control system CVS is related to improper data processing when interacting with a remote repository via SSH protocol. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted hostname in the repository’...
The Automated Collection and Enrichment Platform: ACE
The Automated Collection and Enrichment ACE platform is a suite of tools for threat hunters to collect data from many endpoints in a network and automatically enrich the data. The data is collected by running scripts on each computer without installing any software on the target. ACE supports...
Top Five Trends IT Security Pros Need to Think About Going into 2018
It’s that time of the year when we look back at the tech trends of 2017 to provide us with a hint of things to come. Accordingly, let’s engage in our favorite end-of-year pastime: predictions about the coming year. Equipped with Imperva’s own research, interactions with our customers, and a wealt...
Medium: sssd
Issue Overview: Unsanitized input when searching in local cache database It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for...
EulerOS 2.0 SP1 : sssd (EulerOS-SA-2017-1324)
According to the version of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In...
EulerOS 2.0 SP2 : sssd (EulerOS-SA-2017-1325)
According to the version of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In...
Password Management for SDX's and VPX's utilizing NMAS
To manage passwords and accounts from one centralized location...
Arbitrary User Password Reset Vulnerability in Bunker Busters
Bunker Fortress is the industry's first software form of the Fortress, providing a centralized authentication, centralized access authorization, centralized access management, centralized operation audit and a single point of simplified operation and management required for remote operations and...
Managing Security in a DevOps Environment
DevOps is a software development practice in which development and operations engineers collaborate during the entire product lifecycle. With the adoption of DevOps at mainstream levels, we now see security starting to take a bigger role in DevOps’ day-to-day responsibilities. From a security...
PHP vulnerabilities CVE-2017-9226 and CVE-2017-7890
F5 Product Development has evaluated the currently supported releases for potential vulnerability. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the...
RedHat Update for freeradius RHSA-2017:2389-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 26 Update: freeradius-3.0.15-1.fc26
The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2.0 server. While FreeRADIUS started as a variant of the Cistron RADIUS server, they don't share a lot in common any more. It now has many...
Moderate: Red Hat Enhancement Advisory: Red Hat Virtualization Manager (ovirt-engine) 4.1.4
An update is now available for Red Hat Virtualization Manager. The Red Hat Virtualization Manager is a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities,...
Trend Micro Deep Discovery Director Multiple Vulnerabilities
1. Advisory Information Title: Trend Micro Deep Discovery Director Multiple Vulnerabilities Advisory ID: CORE-2017-0005 Advisory URL:https://www.coresecurity.com/core-labs/advisories/trend-micro-deep-discovery-director-multiple-vulnerabilities Date published: 2017-07-12 Date of last update:...
[SECURITY] Fedora 26 Update: freeradius-3.0.14-1.fc26
The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2.0 server. While FreeRADIUS started as a variant of the Cistron RADIUS server, they don't share a lot in common any more. It now has many...
[SECURITY] Fedora 26 Update: puppet-4.6.2-4.fc26
Puppet lets you centrally manage every important aspect of your system usin g a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, an...