17 matches found
OSV-2024-1054 Bad-cast to Assimp::LogStream from invalid vptr
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538150 Crash type: Bad-cast Crash state: Bad-cast to Assimp::LogStream from invalid vptr CallbackToLogRedirector Assimp::DefaultLogger::WriteToStreams...
CVE-2022-33878
An exposure of sensitive information to an unauthorized actor vulnerabiltiy CWE-200 in FortiClient for Mac versions 7.0.0 through 7.0.5 may allow a local authenticated attacker to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTray process in the terminal...
CVE-2022-33878
An exposure of sensitive information to an unauthorized actor vulnerabiltiy CWE-200 in FortiClient for Mac versions 7.0.0 through 7.0.5 may allow a local authenticated attacker to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTray process in the terminal...
Default credentials
An exposure of sensitive information to an unauthorized actor vulnerabiltiy CWE-200 in FortiClient for Mac versions 7.0.0 through 7.0.5 may allow a local authenticated attacker to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTray process in the terminal...
PT-2022-21879 · Fortinet · Forticlient +1
Name of the Vulnerable Software and Affected Versions: FortiClient for Mac versions 7.0.0 through 7.0.5 Description: The issue allows a local authenticated attacker to obtain the SSL-VPN password in cleartext by running a logstream for the FortiTray process in the terminal, potentially exposing...
CVE-2022-33878
An exposure of sensitive information to an unauthorized actor vulnerabiltiy CWE-200 in FortiClient for Mac versions 7.0.0 through 7.0.5 may allow a local authenticated attacker to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTray process in the terminal...
CVE-2022-33878
An exposure of sensitive information to an unauthorized actor vulnerabiltiy CWE-200 in FortiClient for Mac versions 7.0.0 through 7.0.5 may allow a local authenticated attacker to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTray process in the terminal...
FortiClient (MAC) - FortiTray stores the SSLVPN password in cleartext
An exposure of sensitive information to an unauthorized actor vulnerabiltiy CWE-200 in FortiClient for Mac may allow a local authenticated attacker to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTray process in the terminal...
How to change Logstream source IP to NSIP on ADC.
By default, Logstream communication from ADC to ADM uses the SNIP address to source traffic. Administrators may wish to use the NSIP for this communication. Prior to the introduction of Logstream, the IPFIX protocol used NSIP so customers may want to maintain this flow...
Citrix ADM Ports and URL's That Need To Be Opened for Communication
Additional notes: If using ULFD LogStream: The -logstreamOverNSIP option is available from Citrix ADC 13.0 41.x and 12.1 55.x onwards to alter the SRC IP. Default is SNIP. This is a global setting. set appflow param -logstreamOverNSIP If using IPFix AppFlow: The -IPAddress parameter can be used t...
OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...
OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...
OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...
OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...
OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...
OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...
OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...