20 matches found
Virtuozzo Hybrid Infrastructure 5.4 (5.4.0-133)
In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover compute services, management node high availability, monitoring and alerts, and the user interface. Additionally, this release delivers stability improvements and addresses issues found in previous...
OracleVM 3.2 : ovs-agent (OVMSA-2014-0037) (POODLE)
The remote OracleVM system is missing necessary patches to address critical security updates : - disable sslv3 due to CVE-2014-3566 - Allow to create more than 6 bonds Singed-off-by: Adnan Misherfi %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were extract...
OracleVM 2.2 : ovs-agent (OVMSA-2014-0029)
The remote OracleVM system is missing necessary patches to address critical security updates : - disable sslv3 in ovs-agent orabug 19893287 - Remove changing manualshutdown value when doing syncvmstatus function orabug 16682111 - A test 2.3-88 version for bug 16695624, improve the log of startvm...
Oracle VM Server Virtual Server Agent Command Injection
No description provided by source. $Id: oraclevmagentutl.rb 10821 2010-10-25 20:58:49Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...
OracleVM 2.2 : ovs-agent (OVMSA-2010-0015)
The remote OracleVM system is missing necessary patches to address critical security updates : - Update changelog, fill CVE number. - Fix config-file access mode issue. - Fix file access vulnerability orabug 10142417 CVE-2010-3582 - Fix local privilege escalation orabug 10142476 CVE-2010-3584 - F...
CVE-2010-3585
Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented...
CVE-2010-3584
Unspecified vulnerability in the Oracle VM component in Oracle VM 2.2.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims fro...
CVE-2010-3583
Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented...
CVE-2010-3582
Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent...
Design/Logic Flaw
Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent...
Buffer overflow
Unspecified vulnerability in the Oracle VM component in Oracle VM 2.2.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims fro...
Design/Logic Flaw
Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented...
Design/Logic Flaw
Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented...
CVE-2010-3582
Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent...
CVE-2010-3585
Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented...
CVE-2010-3582
CVE-2010-3582 concerns Oracle VM 2.2.1, where an input validation flaw in the Oracle VM Server Agent’s XML-RPC processing (utl_test_url) enables a remote authenticated attacker to inject commands with root privileges, compromising confidentiality, integrity, and availability. The issue is specifi...
CVE-2010-3584
Unspecified vulnerability in the Oracle VM component in Oracle VM 2.2.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims fro...
CVE-2010-3583
Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented...
CVE-2010-3584
CVE-2010-3584 affects Oracle VM 2.2.1, specifically the ovs-agent component. The issue, described as a local privilege escalation, arises from how Oracle VM Agent stores authentication data in files with weak permissions, enabling a local user to affect confidentiality, integrity and availability...
CVE-2010-3585
Oracle VM 2.2.x ovs-agent exposed XML-RPC endpoints allowing authenticated remote users to trigger command execution as root, leading to potential full compromise of the Oracle VM Server and its guests. Public records indicate an XML-RPC exposure enabling function calls not aligned with intended ...