12 matches found
EUVD-2014-0250
Malware in sbrugna...
EUVD-2014-0252
Malware in sbrugna...
CVE-2014-0199
The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports rhevm-reports package before 3.3.3, stores the reports database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file...
Design/Logic Flaw
The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports rhevm-reports package before 3.3.3, stores the reports database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file...
Design/Logic Flaw
ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package rhevm-reports before 3.3.3, uses world-readable permissions on configuration files, which allows local users to obtain sensitive information by reading the files...
CVE-2014-0199
The CVE-2014-0199 issue affects ovirt-engine-reports (as used by rhevm-reports) before version 3.3.3, where the setup script stores the reports database password in cleartext in a file readable by everyone. Local attackers with access to the Red Hat Enterprise Virtualization Manager server could ...
CVE-2014-0199
The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports rhevm-reports package before 3.3.3, stores the reports database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file...
CVE-2014-0201
CVE-2014-0201 concerns the ovirt-engine-reports component in the Red Hat Enterprise Virtualization reports package (rhevm-reports) prior to version 3.3.3. The root cause is that multiple configuration files are world-readable, enabling a local attacker with access to read sensitive information. P...
PT-2014-3531 · Ovirt · Ovirt Engine Reports
Name of the Vulnerable Software and Affected Versions: ovirt-engine-reports versions prior to 3.3.3 Description: The issue allows local users to obtain sensitive information by reading configuration files due to world-readable permissions. Recommendations: For versions prior to 3.3.3, update to...
PT-2014-3529 · Ovirt · Ovirt Engine Reports
Name of the Vulnerable Software and Affected Versions: ovirt-engine-reports versions prior to 3.3.3 Description: The setup script stores the reports database password in cleartext, allowing local users to obtain sensitive information by reading an unspecified file. Recommendations: For versions...
ovirt-engine-reports: setup script logs database password in cleartext
The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports rhevm-reports package before 3.3.3, stores the reports database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file...
ovirt-engine-reports: various configuration files are world-readable
ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package rhevm-reports before 3.3.3, uses world-readable permissions on configuration files, which allows local users to obtain sensitive information by reading the files...