8 matches found
EUVD-2011-2637
Malware in sbrugna...
SUSE CVE-2011-2654
The RPC implementation in the server in Novell Cloud Manager 1.1.2 before Patch 3 does not properly initialize objects, which allows remote attackers to execute arbitrary code by making RPC calls that leverage incorrect privileges associated with a partially initialized session...
ZDI-11-278: Novell Cloud Manager Insufficient Framework User Validation Vulnerability
ZDI-11-278: Novell Cloud Manager Insufficient Framework User Validation Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-278 September 2, 2011 -- CVE ID: CVE-2011-2654 -- CVSS: 9.3, AV:N/AC:M/Au:N/C:C/I:C/A:C -- Affected Vendors: Novell -- Affected Products: Novell eDirectory --...
CVE-2011-2654
The RPC implementation in the server in Novell Cloud Manager 1.1.2 before Patch 3 does not properly initialize objects, which allows remote attackers to execute arbitrary code by making RPC calls that leverage incorrect privileges associated with a partially initialized session...
Session fixation
The RPC implementation in the server in Novell Cloud Manager 1.1.2 before Patch 3 does not properly initialize objects, which allows remote attackers to execute arbitrary code by making RPC calls that leverage incorrect privileges associated with a partially initialized session...
CVE-2011-2654
The CVE-2011-2654 issue affects Novell Cloud Manager 1.1.2 prior to Patch 3. The RPC server fails to properly initialize objects, enabling remote attackers to execute arbitrary code by issuing privileged RPC calls tied to a partially initialized session. Impact is high (remote code execution with...
CVE-2011-2654
The RPC implementation in the server in Novell Cloud Manager 1.1.2 before Patch 3 does not properly initialize objects, which allows remote attackers to execute arbitrary code by making RPC calls that leverage incorrect privileges associated with a partially initialized session...
Novell Cloud Manager Insufficient Framework User Validation Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Cloud Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application implements an RPC method. Due to incompletely initializing an...