11 matches found
CVE-2015-8748
creationtimestamp| type| source ---|---|--- 2026-01-14 23:13:30+00:00| seen| https://gist.github.com/ilya-startcode/36aae702894882b7b005b436448a38a0...
Debian: Security Advisory (DLA-403-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 22 : radicale-1.1.1-1.fc22 (2016-cf9e2429b5)
Version 1.1.1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...
Mageia: Security Advisory (MGASA-2016-0057)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2016-0057 Updated radicale packages fix CVE-2015-8748
Updated radicale package fixes security vulnerabilities: If an attacker is able to authenticate with a user name like .', he can bypass read/write limitations imposed by regex-based rules, including the built-in rules ownerwrite' read for everybody, write for the calendar owner and owneronly' rea...
CVE-2015-8748
CVE-2015-8748 affects Radicale prior to 1.1. It allows remote authenticated users to bypass read/write restrictions (owner_write/owner_only) by using regex metacharacters in the user name (demonstrated with ".*"). The issue originates from regex-based rights handling and can permit privilege esca...
Debian DSA-3462-1 : radicale - security update
Two vulnerabilities were fixed in radicale, a CardDAV/CalDAV server. - CVE-2015-8747 The not configured by default and not available on Wheezy multifilesystem storage backend allows read and write access to arbitrary files still subject to the DAC permissions of the user the radicale server is...
[SECURITY] [DSA 3462-1] radicale security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3462-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez January 30, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3462-1 (radicale - security update)
Two vulnerabilities were fixed in radicale, a CardDAV/CalDAV server. CVE-2015-8747 The not configured by default and not available on Wheezy multifilesystem storage backend allows read and write access to arbitrary files still subject to the DAC permissions of the user the radicale server is...
Debian: Security Advisory (DSA-3462-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 403-1] radicale security update
Package : radicale Version : 0.3-2+deb6u1 CVE ID : CVE-2015-8747 CVE-2015-8748 Debian Bug : 809920 Several issues have been discovered by Unrud in Radicale, a calendar and addressbook server. A remote attacker could exploit these vulnerabilities and call arbitrary functions by sending crafted HTT...