539 matches found
Siemens RUGGEDCOM ROS IP forwarding Vulnerability(CVE-2 0 1 5-6 6 7 5)-vulnerability warning-the black bar safety net
Affected system: Siemens RuggedCom ROS 3.8.0-4.2.0 Description: CVECAN ID: CVE-2 0 1 5-6 6 7 5 Siemens RuggedCom ROS and ROX devices used in harsh environments for equipment connections, such as substations, traffic management, chassis, etc. RUGGEDCOM ROS 3.8.0-4.2.0 version of the IP forwarding...
[security bulletin] HPSBHF03151 rev.1 - HP Integrated Lights-Out 2 and 4 (iLO 2, iLO 4), Chassis Management (iLO CM), Remote Denial of Service, Remote Execution of Code, Elevation of Privilege
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04486432 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04486432 Version: 1 HPSBHF03151 rev....
Dell-iDRAC-IPMI-1.5
Dell iDRAC IPMI v1.5 Implementation contains a flaw that is triggered as session IDs are assigned incrementally rather than randomly, and limit the overall pool. This may allow a remote attacker trivially predict session IDs, hijack a session, and inject arbitrary commands. from time import sleep...
Huawei Tecal E9000 Chassis IPMICommand Handling Elevation of Privilege Vulnerability
The Tecal E9000 Converged Architecture Blade Server is a new generation of powerful infrastructure platform from Huawei. An elevation of privilege vulnerability exists in Huawei Tecal E9000 Chassis IPMICommand processing, which can be exploited by an attacker to bypass certain security restrictio...
Information disclosure
The Configuration Patterns component in IBM Flex System Manager FSM 1.2.0.x, 1.2.1.x, 1.3.0.x, and 1.3.1.x uses a weak algorithm in an encryption step during Chassis Management Module CMM account creation, which makes it easier for remote authenticated users to defeat cryptographic protection...
CVE-2014-0860
The firmware before 3.66E in IBM BladeCenter Advanced Management Module AMM, the firmware before 1.43 in IBM Integrated Management Module IMM, and the firmware before 4.15 in IBM Integrated Management Module II IMM2 contains cleartext IPMI credentials, which allows attackers to execute arbitrary...
Design/Logic Flaw
The firmware before 3.66E in IBM BladeCenter Advanced Management Module AMM, the firmware before 1.43 in IBM Integrated Management Module IMM, and the firmware before 4.15 in IBM Integrated Management Module II IMM2 contains cleartext IPMI credentials, which allows attackers to execute arbitrary...
Cisco NX-OS Detection (SSH Login)
SSH login-based detection of Cisco NX-OS. Copyright C 2013 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribut...
[SECURITY] Fedora 15 Update: ipmitool-1.8.11-7.fc15
This package contains a utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. This utility can communicate with IPMI-enabled devices through either a kernel...
IBM BladeCenter Advanced Management Module Multiple vulnerabilities
Louhi Networks Information Security Research Security Advisory Advisory: IBM BladeCenter Advanced Management Module Multiple vulnerabilities XSS type 2 & 1, CSRF, Information Disclosure Release Date: 2009-04-09 Last Modified: 2009-04-09 Authors: Henri Lindberg [email protected], CISA Device...
Sun M4000-M9000 chassis DoS
Crash on a single domain requires long repair procedure and rebooting of whole chassis...
CVE-2004-2188
Cross-site scripting XSS vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
CVE-2004-2189
Affected software: DMXReady Site Chassis Manager. Vulnerability: SQL injection in the Site Chassis Manager allows remote attackers to execute arbitrary SQL via unknown vectors. Impact as per CVSS: Confidentiality, Integrity, and Availability partially affected (score 7.5). Exploitation details, a...
CVE-2004-2188
CVE-2004-2188 is an XSS vulnerability in DMXReady Site Chassis Manager. The available sources (NVD/Red Hat/CVE listing) confirm remote attackers can inject arbitrary web script or HTML via unknown vectors. The exact vulnerable component/file, affected versions, and root cause are not explicitly e...
CVE-2004-2189
SQL injection vulnerability in DMXReady Site Chassis Manager allows remote attackers to execute arbitrary SQL commands via unknown vectors...
CVE-2004-2188
Cross-site scripting XSS vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
CVE-2004-2189
SQL injection vulnerability in DMXReady Site Chassis Manager allows remote attackers to execute arbitrary SQL commands via unknown vectors...
[SA12841] Dmxready Site Chassis Manager Unspecified Cross-Site Scripting and SQL Injection
TITLE: Dmxready Site Chassis Manager Unspecified Cross-Site Scripting and SQL Injection SECUNIA ADVISORY ID: SA12841 VERIFY ADVISORY: http://secunia.com/advisories/12841/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: Dmxready Site...
CVE-1999-1389
US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 and 3.7.24 does not properly enforce access filters when the "set host prompt" setting is made for a port, which allows attackers to bypass restrictions by providing the hostname twice at the "host: " prompt...