4 matches found
OracleVM 2.2 : ovs-agent (OVMSA-2010-0015)
The remote OracleVM system is missing necessary patches to address critical security updates : - Update changelog, fill CVE number. - Fix config-file access mode issue. - Fix file access vulnerability orabug 10142417 CVE-2010-3582 - Fix local privilege escalation orabug 10142476 CVE-2010-3584 - F...
[Onapsis Security Advisory 2010-008] Oracle Virtual Server Agent Arbitrary File Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2010-0008 : Oracle Virtual Server Agent Arbitrary File Access This advisory can be downloaded in PDF format from http://www.onapsis.com/research.html. By downloading this advisory from the Onapsis Resource Center, you will ga...
CVE-2010-3585
creationtimestamp| type| source ---|---|--- 2010-10-25 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16915 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/oraclevmagentutl.rb 2025-02-06 03:13:40+00:00| seen|...
CVE-2010-3585
Oracle VM 2.2.x ovs-agent exposed XML-RPC endpoints allowing authenticated remote users to trigger command execution as root, leading to potential full compromise of the Oracle VM Server and its guests. Public records indicate an XML-RPC exposure enabling function calls not aligned with intended ...