102 matches found
Oracle Linux 5 : conga (ELSA-2012-0151)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0151 advisory. - Fix bz711494 CVE-2011-1948 plone: reflected XSS vulnerability - Fix bz771920 CVE-2011-4924 Zope: Incomplete upstream patch for CVE-2010-1104/bz577019...
Oracle Linux 5 : conga (ELSA-2011-0394)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-0394 advisory. 0.12.2-24.0.1.el56.1 - Added conga-enterprise.patch - Added conga-enterprise-Carthage.patch to support OEL5 - Recreated Data.fs in lucidb.tar.gz - Replaced redh...
RHEL 5 : conga (RHSA-2012:0151)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0151 advisory. - zope: XSS on error page CVE-2010-1104 - plone: A reflected cross site scripting vulnerability CVE-2011-1948 Note that Nessus has not teste...
RHEL 5 : conga (RHSA-2013:0128)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0128 advisory. - conga: insecure handling of luci web interface sessions CVE-2012-3359 Note that Nessus has not tested for this issue but has instead relied only on...
RHEL 5 : conga (RHSA-2011:0394)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:0394 advisory. The conga packages provide a web-based administration tool for remote cluster and storage management. A privilege escalation flaw was found in luci,...
RHEL 5 : conga (RHSA-2007:0640)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2007:0640 advisory. The Conga package is a web-based administration tool for remote cluster and storage management. A flaw was found in ricci during a code audit. A remo...
CentOS 5 : conga (CESA-2013:0128)
Updated conga packages that fix one security issue, multiple bugs, and add two enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives ...
Scientific Linux Security Update : conga on SL5.x i386/x86_64 (20130108)
It was discovered that luci stored usernames and passwords in session cookies. This issue prevented the session inactivity timeout feature from working correctly, and allowed attackers able to get access to a session cookie to obtain the victim's authentication credentials. CVE-2012-3359 This...
conga security, bug fix, and enhancement update
0.12.2-64.0.2.el5 - Remove conga-enterprise.patch 0.12.2-64.0.1.el5 - Added conga-enterprise.patch - Added conga-enterprise-Carthage.patch to support OEL5 - Replaced redhat logo image in conga-0.12.2.tar.gz and Data.fs 0.12.2-64 - Improvements for bz786372 Better protect luci's authentication...
luci, ricci security update
CentOS Errata and Security Advisory CESA-2013:0128 Updated conga packages that fix one security issue, multiple bugs, and add two enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common...
Low: Red Hat Security Advisory: conga security, bug fix, and enhancement update
Updated conga packages that fix one security issue, multiple bugs, and add two enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives ...
Scientific Linux Security Update : conga on SL5.x i386/x86_64
A privilege escalation flaw was found in luci, the Conga web-based administration application. A remote attacker could possibly use this flaw to obtain administrative access, allowing them to read, create, or modify the content of the luci application. CVE-2011-0720 %NASLMINLEVEL 70300 C Tenable...
Scientific Linux Security Update : conga on SL5.x i386/x86_64 (20120221)
The conga packages provide a web-based administration tool for remote cluster and storage management. Multiple cross-site scripting XSS flaws were found in luci, the conga web-based administration application. If a remote attacker could trick a user, who was logged into the luci interface, into...
Scientific Linux Security Update : conga on SL4.x i386/x86_64
The conga packages provide a web-based administration tool for remote cluster and storage management. A privilege escalation flaw was found in luci, the Conga web-based administration application. A remote attacker could possibly use this flaw to obtain administrative access, allowing them to rea...
conga security, bug fix, and enhancement update
0.12.2-51.0.1.el5 - Added conga-enterprise.patch - Added conga-enterprise-Carthage.patch to support OEL5 - Replaced redhat logo image in conga-0.12.2.tar.gz 0.12.2-51 - Fix bz711494 CVE-2011-1948 plone: reflected XSS vulnerability - Fix bz771920 CVE-2011-4924 Zope: Incomplete upstream patch for...
Moderate: Red Hat Security Advisory: conga security, bug fix, and enhancement update
Updated conga packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, whic...
CentOS Update for luci CESA-2011:0394 centos5 i386
Check for the Version of luci OpenVAS Vulnerability Test CentOS Update for luci CESA-2011:0394 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
CentOS Update for luci CESA-2011:0394 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS 5 : conga (CESA-2011:0394)
Updated conga packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
plone: unauthorized remote administrative access
Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors...