15 matches found
EUVD-2024-39566
Malicious code in bioql PyPI...
EUVD-2024-39565
Malicious code in bioql PyPI...
CVE-2024-42349
FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.4 and earlier can leak authorized and rejected logins via logs stored directly on the root of the web server. FOG Server creates 2 logs on the root of the web server fogloginaccepted.log and fogloginfailed.log...
CVE-2024-42348
FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.2 can leak AD username and password when registering a computer. This vulnerability is fixed in 1.5.10.41.3 and 1.6.0-beta.1395...
CVE-2024-42349
FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.4 and earlier can leak authorized and rejected logins via logs stored directly on the root of the web server. FOG Server creates 2 logs on the root of the web server fogloginaccepted.log and fogloginfailed.log...
CVE-2024-42348
FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.2 can leak AD username and password when registering a computer. This vulnerability is fixed in 1.5.10.41.3 and 1.6.0-beta.1395...
CVE-2024-42349 FOG has a Log Information Disclosure
FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.4 and earlier can leak authorized and rejected logins via logs stored directly on the root of the web server. FOG Server creates 2 logs on the root of the web server fogloginaccepted.log and fogloginfailed.log...
CVE-2024-42349 FOG has a Log Information Disclosure
FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.4 and earlier can leak authorized and rejected logins via logs stored directly on the root of the web server. FOG Server creates 2 logs on the root of the web server fogloginaccepted.log and fogloginfailed.log...
CVE-2024-42349
CVE-2024-42349 affects FOG Server versions 1.5.10.41.4 and earlier. The issue allows disclosure of authorized and rejected logins via log files created at the web root: fog_login_accepted.log and fog_login_failed.log, exposing the login username, client IP, and User-Agent. The vulnerability is mi...
CVE-2024-42348 FOG leaks sensitive information (AD domain, username and password)
FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.2 can leak AD username and password when registering a computer. This vulnerability is fixed in 1.5.10.41.3 and 1.6.0-beta.1395...
CVE-2024-42348
CVE-2024-42348 concerns FOGServer in the FOGProject suite. The vulnerability in version 1.5.10.41.2 allows leakage of AD usernames and passwords when registering a computer, affecting confidentiality. The issue is fixed in 1.5.10.41.3 and in 1.6.0-beta.1395. There are no details about exploit vec...
PT-2024-29886 · Unknown · Fog Server
Name of the Vulnerable Software and Affected Versions: FOG Server versions 1.5.10.41.4 and earlier Description: The issue concerns the exposure of sensitive information via logs stored on the web server. Specifically, FOG Server creates two logs, fog login accepted.log and fog login failed.log, o...
PT-2024-29885 · Unknown · Fog Server
Name of the Vulnerable Software and Affected Versions: FOG Server versions prior to 1.5.10.41.3 FOG Server versions prior to 1.6.0-beta.1395 Description: The issue concerns a cloning/imaging/rescue suite/inventory management system where a specific version of the FOG Server can leak AD username a...
FOG Server Detection
Detection of FOG Server The script sends a connection request to the server and attempts to detect the presence of FOG Server and to extract its version SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
FOG Server < 1.3.0 Multiple Vulnerabilities - Active Check
FOG Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:fogproject:fog"; if description...