SAP NetWeaver Dispatcher DiagTraceR3Info Packet Parsing Vulnerability

Added: 06/04/2012 CVE: CVE-2012-2611 OSVDB: 81759 Background SAP Netweaver is a technology platform for building and integrating SAP business applications. Problem SAP Netweaver is vulnerable to a stack buffer overflow when configured with the developer trace level set to 2 or higher. The...

Opera Browser Multiple Vulnerabilities-01 July-11 (Mac OS X)

The host is installed with Opera browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultvuln1macosxjuly11.nasl 6018 2017-04-24 09:02:24Z teissa $ Opera Browser Multiple Vulnerabilities-01 July-11 Mac OS X Authors: Madhuri D Copyright: Copyright c 2012 Greenbo...

Opera Browser Multiple Vulnerabilities-01 (Jul 2011) - Mac OS X

Opera browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Opera Browser Multiple Vulnerabilities-01 July-11 (Linux)

The host is installed with Opera browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultvulnlin01jul11.nasl 5988 2017-04-20 09:02:29Z teissa $ Opera Browser Multiple Vulnerabilities-01 July-11 Linux Authors: Madhuri D Copyright: Copyright c 2012 Greenbone...

Fedora Update for cyrus-imapd FEDORA-2011-13832

Check for the Version of cyrus-imapd OpenVAS Vulnerability Test Fedora Update for cyrus-imapd FEDORA-2011-13832 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

Adobe ColdFusion Hash Collision DoS (APSB12-06) (credentialed check)

The remote Windows host is running a version of ColdFusion that is affected by a hash collision denial of service. A flaw exists in the way ColdFusion generates hash tables for user-supplied values. By sending a small number of specially crafted requests to a web server that uses ColdFusion, an...

Direct access to issue via url discloses structure without authentication

If an issue is accessed via the direct url an error message discloses if the issue is existent or not - even when the use isn't logged-in. In contrast, an existing issue redirects to the login form. This knowledge may open an attack vector on private Jira instances that require authentication...

RSS feed over entire site gives information on restricted pages the user should not see

A customer has reported this issue via a comment on the documentation: http://confluence.atlassian.com/display/DOC/Working+with+RSS+Feeds?focusedCommentId=276627497comment-276627497 quote When someone has an RSS feed covering the whole Confluence instance, he is informed about changes in restrict...

MSSQL Schema Dump

This module attempts to extract the schema from a MSSQL Server Instance. It will disregard builtin and example DBs such as master, model, msdb, and tempdb. The module will create a note for each DB found, and store a YAML formatted output as loot for easy reading. This module requires Metasploit:...

Unable to process the workload: your license has been exceeded

Challenge A Veeam Backup & Replication job fails with either of the following errors: Error: Not enough licenses. Error: Unable to process the workload: your license has been exceeded Cause The limits of the installed license have been exceeded. Solution Information regarding Veeam Backup &...

Acunetix Web Vulnerability Scanner 8 BETA Released

Acunetix Web Vulnerability Scanner 8 BETA Released The next stage in the evolution of Acunetix Web Vulnerability Scanner has arrived — WVS 8 BETA! Many of you have been biting their nails in anticipation of this Beta, so sit tight and read on for the next most important stage in the evolution of...

Acunetix Web Vulnerability Scanner 8 BETA Released

Acunetix Web Vulnerability Scanner 8 BETA Released The next stage in the evolution of Acunetix Web Vulnerability Scanner has arrived — WVS 8 BETA! Many of you have been biting their nails in anticipation of this Beta, so sit tight and read on for the next most important stage in the evolution of...

Oracle Database Multiple Vulnerabilities (July 2008 CPU)

The remote Oracle database server is missing the July 2008 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Advanced Queuing - Advanced Replication - Authentication - Core RDBMS - Data Pump - Database Scheduler - Instance Managemen...

Design/Logic Flaw

The LTPA STS module support implementation in IBM Tivoli Federated Identity Manager TFIM 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway TFIMBG 6.2.0 before 6.2.0.9 relies on a static instance of a Java Development Kit JDK class, which might allow attackers to bypass...

CVE-2011-0879

Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect integrity via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, and 10.2.0.4, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect integrity via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the CMDB Metadata & Instance APIs component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote authenticated users to affect confidentialit...

CVE-2011-0879

CVE-2011-0879 refers to an Oracle vulnerability in the Oracle Enterprise Manager Grid Control/Instance Management component. The TeamSHATTER advisory describes a cross-site scripting (XSS) flaw on the metricDetail$type page that can be exploited remotely, potentially allowing an attacker to steal...

CVE-2011-0816

The CVE-2011-0816 entry describes an unspecified vulnerability in Oracle Database Server’s CMDB Metadata & Instance APIs across multiple versions, with remote authenticated access potentially affecting confidentiality and integrity via unknown vectors. Connected sources confirm involvement of CMD...

CVE-2011-0879

Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect integrity via unknown vectors...