18 matches found
EUVD-2016-0029
Malware in sbrugna...
GHSA-FGQV-96V9-W23M Radicale vulnerable to arbitrary file read or write
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name...
CVE-2015-8747
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name...
CVE-2015-8747
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name...
DEBIAN-CVE-2015-8747
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name...
Code injection
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name...
CVE-2015-8747
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name...
PYSEC-2016-36
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name...
PYSEC-2016-36
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name...
UBUNTU-CVE-2015-8747
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name...
CVE-2015-8747
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name...
CVE-2015-8747
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name...
FreeBSD : radicale -- multiple vulnerabilities (ff824eea-c69c-11e5-96d6-14dae9d210b8)
Radicale reports : The multifilesystem backend allows access to arbitrary files on all platforms. Prevent regex injection in rights management. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML databas...
Debian DSA-3462-1 : radicale - security update
Two vulnerabilities were fixed in radicale, a CardDAV/CalDAV server. - CVE-2015-8747 The not configured by default and not available on Wheezy multifilesystem storage backend allows read and write access to arbitrary files still subject to the DAC permissions of the user the radicale server is...
[SECURITY] [DSA 3462-1] radicale security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3462-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez January 30, 2016 https://www.debian.org/security/faq -...
DSA-3462-1 radicale - security update
Bulletin has no description...
Debian DLA-403-1 : radicale security update
Several issues have been discovered by Unrud in Radicale, a calendar and addressbook server. A remote attacker could exploit these vulnerabilities and call arbitrary functions by sending crafted HTTP requests. CVE-2015-8748 Prevent regex injection in rights management. Prevent crafted HTTP reques...
radicale -- multiple vulnerabilities
Radicale reports: The multifilesystem backend allows access to arbitrary files on all platforms. Prevent regex injection in rights management...