49 matches found
UBUNTU-CVE-2018-1128
It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions...
DEBIAN-CVE-2018-1128
It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions...
UBUNTU-CVE-2018-10861
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected...
CVE-2018-1128
CVE-2018-1128 describes a replay vulnerability in the Cephx authentication protocol where a packet sniffer on a Ceph cluster network can authenticate to Ceph services due to insufficient verification of clients. The issue affects the msgr2 protocol (used by most Ceph communication) and can compro...
CVE-2018-1128
It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions...
PT-2018-10454
Name of the Vulnerable Software and Affected Versions Ceph branches master, mimic, luminous, and jewel are believed to be vulnerable. Description A flaw was found in the way signature calculation was handled by the cephx authentication protocol. An attacker with access to the Ceph cluster network...
Luminous Kika Keyboard Theme - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Luminous Kika Keyboard Theme published at the 'play' market has multiple vulnerabilities...
Luminous Hola Launcher Theme - Dangerous filesystem permissions, Exported components, External URLs vulnerabilities
HackApp vulnerability scanner discovered that application Luminous Hola Launcher Theme published at the 'play' market has multiple vulnerabilities...
Persistent XSS vulnerability in eBuddy Web Messenger
Persistent XSS vulnerability in eBuddy Web Messenger A team member from Virtual Luminous Security, Russian Federation, has discovered a persistent XSS vulnerability in eBuddy the biggest web IM solution in the world by transmitting messages with embedded encoded javascript code. In-depth detail...