Lucene search
K

53 matches found

Tenable Nessus
Tenable Nessus
added 2010/11/08 12:0 a.m.23 views

FreeNAS Web Detection

The administrative web interface for FreeNAS was detected on the remote host. FreeNAS is an open source network attached storage NAS distribution based on FreeBSD. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid50509; scriptversion"1.9";...

5.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/11/08 12:0 a.m.30 views

FreeNAS 'exec_raw.php' Arbitrary Command Execution

The version of FreeNAS on the remote host fails to restrict access to its 'execraw.php' script. A remote, unauthenticated attacker can pass arbitrary commands through the script's 'cmd' parameter and have them executed with administrative privileges. %NASLMINLEVEL 70300 C Tenable Network Security...

5.7AI score
Exploits0References4
NVD
NVD
added 2009/08/11 6:30 p.m.15 views

CVE-2009-2738

Cross-site request forgery CSRF vulnerability in the WebGUI in FreeNAS before 0.7RC1 allows remote attackers to hijack the authentication of users for unspecified requests via unknown vectors...

4.3CVSS7.1AI score0.0109EPSS
Exploits0References4
NVD
NVD
added 2009/08/11 6:30 p.m.16 views

CVE-2009-2739

Cross-site scripting XSS vulnerability in FreeNAS before 0.69.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

4.3CVSS5.7AI score0.01033EPSS
Exploits0References4
Prion
Prion
added 2009/08/11 6:30 p.m.17 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the WebGUI in FreeNAS before 0.7RC1 allows remote attackers to hijack the authentication of users for unspecified requests via unknown vectors...

4.3CVSS7.6AI score0.0109EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2009/08/11 6:30 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in FreeNAS before 0.69.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

4.3CVSS6.1AI score0.01033EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2009/08/11 6:0 p.m.44 views

CVE-2009-2738

CVE-2009-2738 is a CSRF vulnerability affecting FreeNAS WebGUI prior to version 0.7RC1. The issue allows an attacker to hijack a user’s authenticated session and perform unspecified actions via forged requests, when the user is logged into the WebGUI, due to CSRF in the web interface. Public docu...

4.3CVSS7.3AI score0.0109EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2009/08/11 6:0 p.m.18 views

CVE-2009-2739

Cross-site scripting XSS vulnerability in FreeNAS before 0.69.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

5.7AI score0.01033EPSS
Exploits0References4
Cvelist
Cvelist
added 2009/08/11 6:0 p.m.20 views

CVE-2009-2738

Cross-site request forgery CSRF vulnerability in the WebGUI in FreeNAS before 0.7RC1 allows remote attackers to hijack the authentication of users for unspecified requests via unknown vectors...

7.1AI score0.0109EPSS
Exploits0References4
CVE
CVE
added 2009/08/11 6:0 p.m.48 views

CVE-2009-2739

CVE-2009-2739 is a cross-site scripting (XSS) vulnerability in FreeNAS prior to 0.69.2. The issue allows remote attackers to inject arbitrary web script or HTML in the browser, via unknown vectors, potentially enabling script execution in the context of the affected user. Affected versions includ...

4.3CVSS5.8AI score0.01033EPSS
Exploits0References4Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/08/05 6:59 a.m.2 views

Cross-site request forgery vulnerability in FreeNAS

Overview FreeNAS contains a cross-site request forgery vulnerability. FreeNAS is a NAS Network Attached Storage server software. FreeNAS contains a cross-site request forgery vulnerability. Hiroyuki Shinshiba of LAC:Little eArth Corporation Co., LTD. reported this vulnerability to IPA. JPCERT/CC...

7.1CVSS6.5AI score0.0109EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/08/05 12:0 a.m.31 views

JVN#15267895 Cross-site request forgery vulnerability in FreeNAS

FreeNAS is a NAS Network Attached Storage server software. FreeNAS contains a cross-site request forgery vulnerability. Impact If a user views a malicious web page while logged into the web-based interface, an attacker could modify configurations or delete data on the hard disk drive. Solution...

4.3CVSS6.2AI score0.0109EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/08/05 12:0 a.m.26 views

JVN#89791790 Cross-site scripting vulnerability in FreeNAS

FreeNAS is a NAS Network Attached Storage server software. FreeNAS contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the developer...

4.3CVSS5.9AI score0.01033EPSS
Exploits0
Rows per page
Query Builder