96 matches found
Can The Receiver Store Be Disabled In The Storefront Server To Prevent Users From Adding Storefront Sites Manually To The Receiver Client?
Question: Is it possible to prevent users from adding the Storefront Store to Native Receiver via Storefront settings? Answer: You are unable to disable this from the Storefront server. It needs to be configured on the client machine via the registry: Set the AllowAddStore parameter to N under...
CVE-2014-6116
The Telemetry Component in WebSphere MQ 8.0.0.1 before p000-001-L140910 allows remote attackers to bypass authentication by setting the JAASConfig property in an MQTT client configuration...
Authentication flaw
The Telemetry Component in WebSphere MQ 8.0.0.1 before p000-001-L140910 allows remote attackers to bypass authentication by setting the JAASConfig property in an MQTT client configuration...
mcollective: world readable client config
openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise 1.2.7 and 2.0.5, uses world-readable permissions for the mcollective client.cfg configuration file, which allows local users to obtain credentials and other sensitive information by reading the file...
mcollective: world readable client config
openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise 1.2.7 and 2.0.5, uses world-readable permissions for the mcollective client.cfg configuration file, which allows local users to obtain credentials and other sensitive information by reading the file...
DEBIAN-CVE-2013-6891
lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf...
Network UPS Tools Service STARTTLS Command Support
The remote Network UPS Tools service supports the use of the 'STARTTLS' command to switch from a cleartext to an encrypted communications channel. Since Network UPS Tools provides no configuration setting for the server to require authentication to occur after the 'STARTTLS' command, it is...
HP OpenView Client Configuration Manager Radia Notify Code Execution (CVE-2006-5782)
An authentication weakness vulnerability exists in the Radia Notify Daemon component of HP OpenView Client Configuration Manager. The flaw is created by improper handling of user supplied data passed to the affected Radia Notify Daemon on TCP port 3465. By sending a crafted message, the attacker...
CVE-2009-4080
Multiple unspecified vulnerabilities in ldapcachemgr aka the LDAP client configuration cache daemon in Sun Solaris 9 and 10, and OpenSolaris before snv78, allow local users to cause a denial of service daemon crash via vectors involving multiple serviceSearchDescriptor attributes and a call to th...
HP OpenView Client Configuration Manager Default Credentials
The remote host is running HP OpenView Client Configuration Manager OVCCM, a PC software configuration management application. The remote installation of OVCCM is configured to use default credentials to control access. Knowing these, an attacker can gain control of the affected application...
CVE-2007-5413
HP OpenView Radia Integration Server, specifically httpd.tkd, is affected in CM Infrastructure v4.0–4.2i and CCM v2.0. The vulnerability arises from insufficient validation of URLs containing tilde references (e.g., ~root) in the HTTP server bound to TCP port 3465, enabling remote attackers to re...
HP OpenView unauthorized access
HP OpenView Configuration Management CM Infrastructure Radia and Client Configuration Manager CCM unauthorized access thorugh httpd.tkd...
HPSBMA02279 SSRT071298 rev.1 - HP OpenView Configuration Management (CM) Infrastructure (Radia) and Client Configuration Manager (CCM) Running httpd.tkd, Remote Unauthorized Access to Data
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01205079 Version: 1 HPSBMA02279 SSRT071298 rev.1 - HP OpenView Configuration Management CM Infrastructure Radia and Client Configuration Manager CCM Running httpd.tkd,...
PPStream PowerPlayer.DLL ActiveX Control Buffer Overflow Vulnerability
Description PPStream PowerPlayer ActiveX control is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the...
HP OpenView Client Configuration Manager code execution
It's possible to make data to be downloaded and executed thorugh TCP/3465...
FreeBSD-SA-01:01.openssh
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:01 Security Advisory FreeBSD, Inc. Topic: Hostile server OpenSSH agent/X11 forwarding Category: core/ports Module: openssh Announced: 2001-01-15 Credits: Markus Friedl...