UBUNTU-CVE-2013-7112

The dissectsipcommon function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...

Solr: XML eXternal Entity (XXE) flaw in DocumentAnalysisRequestHandler

The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Enti...

Adobe ColdFusion 9 Administrative Login Bypass

Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication using the RDS component. Due to default settings or misconfiguration, its password can be set to an empty value. This allows an attacker to create a session via the RDS login that can be carried over to th...

UBUNTU-CVE-2013-6408

The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Enti...

Varnish HTTP cache DoS

assert on empty request...

CVE-2013-2579

TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12sign6 have an empty password for the hardcoded "qmik" account, which allows remote attackers to obtain administrative access via a TELNET session...

CVE-2013-2579

TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12sign6 have an empty password for the hardcoded "qmik" account, which allows remote attackers to obtain administrative access via a TELNET session...

DEBIAN-CVE-2013-4130

The 1 redchannelpipesaddtype and 2 redchannelpipesaddemptymsg functions in server/redchannel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service reachable assertion and server exit by triggering a network error...

CVE-2013-2157

OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password...

DEBIAN-CVE-2013-2157

OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password...

CVE-2013-2157

OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password...

BELL-CVE-2013-4073 CVE-2013-4073 does not affect BellSoft software

Bulletin has no description...

Empty Folder(s) in Datastore after Replication job runs

Challenge When a replication job is ran, an empty folder is created in one of the datastores listed as the . Cause The cause of this behavior is Veeam getting pointed to write to one datastore, while the replica VM itself is on a different datastore. When the job is pointed to a different locatio...

Fedora 17 : livecd-tools-17.17-1.fc17 (2013-9111)

The livecd-tools package provides support for reading and executing Kickstart files in order to create a system image. It was discovered that livecd-tools gave the root user an empty password rather than leaving the password locked in situations where no 'rootpw' directive was used or when the...

openstack-keystone: Authentication bypass when using LDAP backend

OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password...

PCMan's FTP Server 2.0 Denial Of Service

!/usr/bin/python Exploit Title: PCMan's FTP Server 2.0 Empty Password Denial of Service Date: 2013/6/26 Exploit Author: Chako Vendor Homepage: http://pcman.openfoundry.org/ Software Download Link: https://files.secureserver.net/1sMltFOsytirTG Version: 2.0 Tested on: Windows 7 SP1 English...

CVE-2013-2157

OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password...

CVE-2013-2069

Red Hat livecd-tools before 13.4.4, 17.x before 17.17, 18.x before 18.16, and 19.x before 19.3, when a rootpw directive is not set in a Kickstart file, sets the root user password to empty, which allows local users to gain privileges...

apache-cxf: UsernameTokenPolicyValidator and UsernameTokenInterceptor allow empty passwords to authenticate

Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, when the plaintext UsernameToken WS-SecurityPolicy is enabled, allows remote attackers to bypass authentication via a security header of a SOAP request containing a UsernameToken element that lacks a password child element...

DEBIAN-CVE-2012-6139

libxslt before 1.1.28 allows remote attackers to cause a denial of service NULL pointer dereference and crash via an 1 empty match attribute in a XSL key to the xsltAddKey function in keys.c or 2 uninitialized variable to the xsltDocumentFunction function in functions.c...