[SECURITY] Fedora 10 Update: squidGuard-1.4-8.fc10

squidGuard can be used to - limit the web access for some users to a list of accepted/well known web servers and/or URLs only. - block access to some listed or blacklisted web servers and/or URLs for some users. - block access to URLs matching a list of regular expressions or words for some users...

SA-CONTRIB-2009-095 - Smartqueue OG - Access Bypass

The Smartqueueog module uses Nodequeue's Smartqueue API to provide a Nodequeue for organic groups which is editable by members of that group or the group's administrators. Users with the "administer nodequeue" permission have the option to batch create subqueues individual instances of a queue fo...

SA-CONTRIB-2009-097 - Organic Groups Vocabulary - Cross Site Scripting

The Organic Groups Vocabulary module enables a vocabulary to be restricted for use to a specific Organic Group. The module does not sanitize before outputting the group title in some cases, resulting in a cross-site scripting XSS vulnerability. Such an attack may lead to a malicious user gaining...

CVE-2009-3786

Cross-site scripting XSS vulnerability in Organic Groups OG Vocabulary 5.x before 5.x-1.1 and 6.x before 6.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the group title...

Cross site scripting

Cross-site scripting XSS vulnerability in Organic Groups OG Vocabulary 5.x before 5.x-1.1 and 6.x before 6.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the group title...

CVE-2009-3786

Cross-site scripting XSS vulnerability in Organic Groups OG Vocabulary 5.x before 5.x-1.1 and 6.x before 6.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the group title...

CVE-2009-3786

CVE-2009-3786 affects Drupal’s Organic Groups (OG) Vocabulary module. Vulnerable: OG Vocabulary 5.x before 5.x-1.1 and 6.x before 6.x-1.1. Issue: cross-site scripting via the group title, enabling remote injection of arbitrary web script/HTML. Impact as stated: script execution in user context; n...

Get all Windows Admin Users and Groups over WMI (win)

Get all Windows non System Services and Eventlog Servicestate over WMI. OpenVAS Vulnerability Test $Id: GSHBWMIgetAdminUsers.nasl 7279 2017-09-26 13:40:36Z cfischer $ Get all Windows Admin Users and Groups over WMI win Authors: Thomas Rotter Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Get all Windows Admin Users and Groups over WMI - Windows

Get all Windows non System Services and Eventlog Servicestate over WMI. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SA-CONTRIB-2009-071 - Organic Groups Vocabulary Access Bypass

Description The Organic Groups Vocabulary module enables an organic group to have a group specific vocabulary. A vulnerability in this module allows any group member, even if they are not a group admin, to view, edit, and create vocabularies and terms for all groups. Versions affected Organic...

Cross site scripting

Cross-site scripting XSS vulnerability in Organic Groups OG 5.x-7.x before 5.x-7.4, 5.x-8.x before 5.x-8.1, and 6.x-1.x before 6.x-1.4, a module for Drupal, allows remote authenticated users, with create or edit group nodes permissions, to inject arbitrary web script or HTML via the User-Agent HT...

CVE-2009-3652

Cross-site scripting XSS vulnerability in Organic Groups OG 5.x-7.x before 5.x-7.4, 5.x-8.x before 5.x-8.1, and 6.x-1.x before 6.x-1.4, a module for Drupal, allows remote authenticated users, with create or edit group nodes permissions, to inject arbitrary web script or HTML via the User-Agent HT...

CVE-2009-3652

The CVE-2009-3652 entry covers a Cross-site scripting (XSS) vulnerability in Drupal's Organic Groups (OG) module. It affects OG 5.x-7.x before 5.x-7.4, OG 5.x-8.x before 5.x-8.1, and OG 6.x-1.x before 6.x-1.4. The issue allows remote authenticated users (with create or edit group nodes permission...

DEBIAN-CVE-2009-3589

incron 0.5.5 does not initialize supplementary groups when running a process from a user's incrontabs, which causes the process to be run with the incrond supplementary groups and allows local users to gain privileges via an incrontab table...

CVE-2009-3589

incron 0.5.5 does not initialize supplementary groups when running a process from a user's incrontabs, which causes the process to be run with the incrond supplementary groups and allows local users to gain privileges via an incrontab table...

CVE-2009-3564

puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files...

Design/Logic Flaw

puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files...

DEBIAN-CVE-2009-3564

puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files...

CVE-2009-3564

puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files...

CVE-2009-3564

puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files...