CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30 matches found

Cvelist•added 2006/07/07 12:0 a.m.•22 views

CVE-2006-3426

Directory traversal vulnerability in a PatchLink Update Server PLUS before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and b Novell ZENworks 6.2 SR1 and earlier allows remote attackers to overwrite arbitrary files and directories via a .. dot dot sequence in the 1 action, 2 agentid, or 3 index parameters ...

6.8AI score0.0202EPSS

Exploits0References9

Cvelist•added 2006/07/07 12:0 a.m.•17 views

CVE-2006-3430

SQL injection vulnerability in checkprofile.asp in 1 PatchLink Update Server PLUS before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and 2 Novell ZENworks 6.2 SR1 and earlier, allows remote attackers to execute arbitrary SQL commands via the agentid parameter...

8.4AI score0.0226EPSS

Exploits0References10

CVE•added 2006/07/07 12:0 a.m.•48 views

CVE-2006-3426

CVE-2006-3426 affects PatchLink Update Server (PLUS) and related Novell ZENworks components. The vulnerability is a directory traversal in the /dagent/nwupload.asp endpoint, where the parameters (1) action, (2) agentid, or (3) index are used as pathname components. An unauthenticated attacker can...

5CVSS6.8AI score0.0202EPSS

Exploits0References9Affected Software2

CVE•added 2006/07/07 12:0 a.m.•48 views

CVE-2006-3425

CVE-2006-3425 is a remote-authentication bypass affecting PatchLink Update Server (PLUS) prior to 6.1 P1 and 6.2.x prior to 6.2 SR1 P1, and Novell ZENworks 6.2 SR1 and earlier. The vulnerability allows an unauthenticated attacker to access dagent/proxyreg.asp and enumerate, add, or delete PatchLi...

7.5CVSS7AI score0.01977EPSS

Exploits0References9Affected Software2

Packet Storm•added 2006/07/02 12:0 a.m.•36 views

patchlink6.txt

------------------------------------------------------------- PatchLink Update Server 6 SQL Injection ------------------------------------------------------------- Severity: Critical Date: June 28, 2006 Class: Remote Status: Patch Available Discovered by: Chris Steipp, Novacoast csteipp at...

7.4AI score

Exploits0

securityvulns•added 2006/06/30 12:0 a.m.•40 views

PatchLink Update Server / Novell ZenWorks multiple security vulnerabilities

SQL injections, unauthorized access...

2.6AI score

Exploits0References1Affected Software2

securityvulns•added 2006/06/30 12:0 a.m.•22 views

Multiple Vulnerabilities in PatchLink Update Server 6

0.2AI score

Exploits0

securityvulns•added 2006/02/18 12:0 a.m.•31 views

Bugs/Security issues with PatchLink's Update Server

Security Focus, I have been reporting issues to PatchLink Support for two years now with little & no resolution on most of the things I find. Because they are such a large patch management platform I think it is important that they be responsible for their coding practices. But even trying to wor...

7.6AI score

Exploits0

securityvulns•added 2006/02/18 12:0 a.m.•47 views

Multiple PatchLink Update Server patch management solution vulnerabilities

No description provided...

1.7AI score

Exploits0References1Affected Software1

Tenable Nessus•added 2005/10/06 12:0 a.m.•22 views

Patchlink Detection

This script uses Windows credentials to detect whether the remote host is running Patchlink and extracts the version number if so. Patchlink is a fully Internet-based, automated, cross-platform, security patch management system. Josh Zlatin-Amishav josh at ramat dot cc GPLv2 Tenable grants a...

5.5AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by