13 matches found
EUVD-2009-4972
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2010-3852
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The default configuration of Luci 0.22.4 and earlier in Red Hat Conga uses INSERT SECRET HERE as its secret key for cookies, which makes it easier for remote...
Fedora Update for luci FEDORA-2010-16848
Check for the Version of luci OpenVAS Vulnerability Test Fedora Update for luci FEDORA-2010-16848 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Fedora Update for luci FEDORA-2010-16848
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for luci FEDORA-2010-16601
Check for the Version of luci OpenVAS Vulnerability Test Fedora Update for luci FEDORA-2010-16601 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Fedora Update for luci FEDORA-2010-16601
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for luci FEDORA-2010-16617
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Authorization
The default quickstart configuration of TurboGears2 aka tg2 before 2.0.2 has a weak cookie salt, which makes it easier for remote attackers to bypass repoze.who authentication via a forged authorization cookie, a related issue to CVE-2010-3852...
CVE-2009-5014
The default quickstart configuration of TurboGears2 aka tg2 before 2.0.2 has a weak cookie salt, which makes it easier for remote attackers to bypass repoze.who authentication via a forged authorization cookie, a related issue to CVE-2010-3852...
CVE-2010-3852
CVE-2010-3852 affects Luci ( Luci 0.22.4 and earlier ) used in Red Hat Conga. The root cause is a weak default cookie secret key, rendered as [INSERT SECRET HERE], which enables remote attackers to forge a cookie and bypass repoze.who authentication. The vulnerability impact is partial confidenti...
CVE-2009-5014
Removed by vendor...
Fedora 12 : luci-0.22.4-2.0.b9faf868074git.fc12 (2010-16601)
Fix CVE-2010-3852 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Networ...
Fedora 13 : luci-0.22.4-2.0.b9faf868074git.fc13 (2010-16617)
Fix CVE-2010-3852 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Networ...