Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.23 views

openSUSE Security Update : webyast (openSUSE-SU-2013:1961-1)

Fixed CVE-2013-3709: make the secret token file secrettoken.rb readable only for the webyast user to avoid forging the session cookie bnc851116 reported by joernchen of Phenoelit %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

7.2CVSS5.3AI score0.00481EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.25 views

openSUSE Security Update : webyast (openSUSE-SU-2013:1954-1)

Fixed CVE-2013-3709: make the secret token file secrettoken.rb readable only for the webyast user to avoid forging the session cookie bnc851116 reported by joernchen of Phenoelit %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

7.2CVSS5.3AI score0.00481EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.27 views

openSUSE Security Update : webyast (openSUSE-SU-2013:1952-1)

Fixed CVE-2013-3709: make the secret token file secrettoken.rb readable only for the webyast user to avoid forging the session cookie bnc851116 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

7.2CVSS5.3AI score0.00481EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2013/12/30 12:0 a.m.24 views

SuSE Update for Fixes openSUSE-SU-2013:1952-1 (Fixes)

Check for the Version of Fixes OpenVAS Vulnerability Test $Id: gbsuse201319521.nasl 8466 2018-01-19 06:58:30Z teissa $ SuSE Update for Fixes openSUSE-SU-2013:1952-1 Fixes Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is...

7.2CVSS6.4AI score0.00481EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2013/12/30 12:0 a.m.19 views

SuSE Update for Fixes openSUSE-SU-2013:1954-1 (Fixes)

Check for the Version of Fixes OpenVAS Vulnerability Test $Id: gbsuse201319541.nasl 8045 2017-12-08 08:39:37Z santu $ SuSE Update for Fixes openSUSE-SU-2013:1954-1 Fixes Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is...

7.2CVSS6.4AI score0.00481EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2013/12/30 12:0 a.m.21 views

openSUSE: Security Advisory for Fixes (openSUSE-SU-2013:1954-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS5.2AI score0.00481EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2013/12/30 12:0 a.m.16 views

openSUSE: Security Advisory for Fixes (openSUSE-SU-2013:1952-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS5.2AI score0.00481EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/12/25 6:10 p.m.30 views

Fixes a local vulnerability (important)

Fixed CVE-2013-3709: make the secret token file secrettoken.rb readable only for the webyast user to avoid forging the session cookie bnc851116 reported by joernchen of Phenoelit...

7.2CVSS1.1AI score0.00481EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/12/25 6:4 p.m.27 views

Fixes a local vulnerability (important)

Fixed CVE-2013-3709: make the secret token file secrettoken.rb readable only for the webyast user to avoid forging the session cookie bnc851116...

7.2CVSS1.2AI score0.00481EPSS
Exploits1References1
CVE
CVE
added 2013/12/23 11:0 p.m.59 views

CVE-2013-3709

CVE-2013-3709 affects WebYaST 1.3 where the config/initializers/secret_token.rb file has weak permissions, allowing a local attacker to read the Rails secret token and potentially forge session cookies. SUSE/openSUSE advisories (openSUSE-SU-2013:1952/1954/1961) patch this by making secret_token.r...

7.2CVSS6.3AI score0.00481EPSS
Exploits1References7Affected Software3
OSV
OSV
added 2013/12/02 4:20 p.m.6 views

SUSE-RU-2015:0793-1 Security update for webyast

The following security issue has been fixed: CVE-2013-3709: webyast: local privilege escalation via secret rails tokens execution. This vulnerability was reported by joernchen of Phenoelit. Security Issue reference: CVE-2013-3709...

7.2CVSS6.5AI score0.00481EPSS
Exploits1References4
Rows per page
Query Builder