21 matches found
EUVD-2010-1354
Malware in sbrugna...
EUVD-2013-3643
Malware in sbrugna...
EUVD-2011-1005
Malware in sbrugna...
EUVD-2013-6842
Malware in sbrugna...
SUSE CVE-2011-0993
SUSE Lifecycle Management Server before 1.1 uses world readable postgres credentials, which allows local users to obtain sensitive information via unspecified vectors...
SUSE: Security Advisory (SUSE-SU-2012:0147-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1828-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:0948-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1260-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Information disclosure
SUSE Lifecycle Management Server before 1.1 uses world readable postgres credentials, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2011-0993
SUSE Lifecycle Management Server before 1.1 uses world readable postgres credentials, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2011-0993
SUSE Lifecycle Management Server is affected by CVE-2011-0993: before version 1.1, it uses world-readable PostgreSQL credentials, allowing local users to obtain sensitive information via unspecified vectors. The impact is information disclosure; no exploit details are provided in the connected do...
CVE-2013-3710
SUSE Lifecycle Management Server SLMS before 1.3.7 does not generate a new secret key when the service starts, which allows remote attackers to defeat intended cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere...
CVE-2013-3710
SUSE Lifecycle Management Server SLMS before 1.3.7 does not generate a new secret key when the service starts, which allows remote attackers to defeat intended cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere...
CVE-2013-3710
The provided documents identify CVE-2013-3710 as affecting SUSE Lifecycle Management Server (SLMS) before version 1.3.7. The root cause is that SLMS does not generate a new secret key when the service starts, enabling remote attackers to defeat intended cryptographic protections by deriving knowl...
CVE-2013-7042
CVE-2013-7042 affects SUSE Lifecycle Management Server (SLMS) prior to version 1.3.7. The issue is that secret keys are stored with world-readable permissions, enabling local users to gain privileges through unspecified vectors. The affected component is the SLMS secret key storage mechanism; roo...
CVE-2013-7042
SUSE Lifecycle Management Server SLMS before 1.3.7 uses world-readable permissions for the secret keys, which allows local users to gain privileges via unspecified vectors...
CVE-2010-1325
Cross-site request forgery CSRF vulnerability in the apache2-slms package in SUSE Lifecycle Management Server SLMS 1.0 on SUSE Linux Enterprise SLE 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the apache2-slms package in SUSE Lifecycle Management Server SLMS 1.0 on SUSE Linux Enterprise SLE 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources...
CVE-2010-1325
Summary (CVE-2010-1325) : A CSRF vulnerability affects the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise 11 . The issue arises from improper parameter quoting, enabling remote attackers to hijack the authentication of unspecified victims. The availab...