15 matches found
CVE-2012-0215
model/modelstorage.py in the Tryton application framework trytond before 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authenticated users to modify the privileges of arbitrary users via a 1 create, 2 write, 3 delete, or 4 cop...
Fedora Update for trytond FEDORA-2012-4923
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2012-0215
model/modelstorage.py in the Tryton application framework trytond before 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authenticated users to modify the privileges of arbitrary users via a 1 create, 2 write, 3 delete, or 4 cop...
DEBIAN-CVE-2012-0215
model/modelstorage.py in the Tryton application framework trytond before 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authenticated users to modify the privileges of arbitrary users via a 1 create, 2 write, 3 delete, or 4 cop...
CVE-2012-0215
model/modelstorage.py in the Tryton application framework trytond before 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authenticated users to modify the privileges of arbitrary users via a 1 create, 2 write, 3 delete, or 4 cop...
CVE-2012-0215
model/modelstorage.py in the Tryton application framework trytond before 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authenticated users to modify the privileges of arbitrary users via a 1 create, 2 write, 3 delete, or 4 cop...
CVE-2012-0215
CVE-2012-0215 affects the Trytond application framework prior to 2.4.0 (Python). The flaw is an improper restriction on the Many2Many field in the relation model, allowing remote authenticated users to modify privileges of arbitrary users via rpc calls: (1) create, (2) write, (3) delete, or (4) c...
Fedora 17 : trytond-2.2.2-1.fc17 (2012-4923)
update for CVE-2012-0215 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Fedora Update for trytond FEDORA-2012-4988
Check for the Version of trytond OpenVAS Vulnerability Test Fedora Update for trytond FEDORA-2012-4988 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for trytond FEDORA-2012-4988
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 16 : trytond-2.0.4-1.fc16 (2012-4963)
update for CVE-2012-0215 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Fedora 15 : trytond-1.8.6-1.fc15 (2012-4988)
update for CVE-2012-0215 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Debian DSA-2444-1 : tryton-server - privilege escalation
It was discovered that the Tryton application framework for Python allows authenticated users to escalate their privileges by editing the Many2Many field. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Securit...
[SECURITY] [DSA 2444-1] tryton-server security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2444-1 [email protected] http://www.debian.org/security/ Florian Weimer March 29, 2012 http://www.debian.org/security/faq -...
EasyVista single sign-on authentication bypass vulnerability
Overview EasyVista contains an authentication bypass vulnerability in the EasyVista single sign-on feature. Description EasyVista contains an authentication bypass vulnerability in the EasyVista single sign-on feature that does not use encoded values. If an attacker can obtain the login names for...