15 matches found
EUVD-2005-0686
Malware in sbrugna...
CVE-2023-39480
Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this...
WEM - All Organizational Units under Active Directory Objects are not listed
In some customer environment all OUs Organizational Unit may not be listed in WEM Administration Console - Active Directory Objects - Machines - Add OU. However, administrator can manually add computer objects without any issue...
PT-2023-26965 · Softing · Softing Secure Integration Server
Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to create directories on affected installations, despite requiring authentication to exploit. The flaw exists within the handlin...
PT-2023-26966 · Softing · Softing Secure Integration Server
Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to create arbitrary files on affected installations, despite requiring authentication, which can be bypassed. The flaw exists...
UBUNTU-CVE-2023-0225
A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory...
After Upgrade to WEM 4.6 agents not getting configurations with error: Agent (Agent name) is not bound to any configuration set
Upgrade WEM environment from 4.5 to 4.6. After upgrading, WEM agents are randomly reported with the following different status under Administration Agents Registrations: "Agent is bound to multiple configuration sets." Then the same agents are reported with the following status: "Agent is not be...
Microsoft Windows 10: Create permanent shared objects
This user right determines which accounts can be used by processes to create a directory object by using the object manager. Directory objects include Active Directory objects, files and folders, printers, registry keys, processes, and threads. Users who have this capability can create permanent...
Debian DLA-733-1 : openafs security update
It was discovered that there was an information leak vulnerability in openafs, a distributed filesystem. Due to incomplete initialization or clearing of reused memory, OpenAFS directory objects are likely to contain 'dead' directory entry information. For Debian 7 'Wheezy', this issue has been...
[SECURITY] Fedora 19 Update: php-horde-Horde-Ldap-2.0.6-1.fc19
A set of classes for connecting to LDAP servers and working with directory objects...
Design/Logic Flaw
Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging 1...
CVE-2012-4922
The tortimegm function in common/util.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.22-rc, does not properly validate time values, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a malformed directory object, a different vulnerability than...
CVE-2005-0298
The DIRECTORY objects in Oracle 8i through Oracle 10g contain the location of a specific operating system directory, which allows users with read privileges to a DIRECTORY object to obtain sensitive information...
CVE-2005-0298
The DIRECTORY objects in Oracle 8i through Oracle 10g contain the location of a specific operating system directory, which allows users with read privileges to a DIRECTORY object to obtain sensitive information...
PeteFinnigan.com - Oracle security advisory
Hi I have just created a security advisory for the issue I found that is fixed in Oracle latest security patch. The issue is with abuse of DIRECTORY objects and can be found here http://www.petefinnigan.com/directorytraversal.pdf - I have also updated my Oracle security alerts page to link to thi...