11 matches found
EUVD-2007-6166
Malware in sbrugna...
BEA AquaLogic Interaction 6.0/6.1 Plumtree Portal Multiple Information Disclosure Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/26620/info BEA AquaLogic Interaction is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to access valid usernames in the Plumtree portal as well as the server hostname, build...
Plumtree Portal User Object User Enumeration
The version of the Plumtree portal included with BEA AquaLogic Interaction / Plumtree Foundation and installed on the remote host allows an attacker to obtain a list of users defined to the portal through its search facility. This may aide in further attacks against the affected application...
PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability
PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability Description: BEA Plumtree portal is vulnerable to a internal hostname disclosure vulnerability. The internal hostname of the server hosting BEA Plumtree portal is always included at the bottom of every requested HTML page...
PR06-09: BEA Plumtree portal full version disclosure vulnerability
PR06-09: BEA Plumtree portal full version disclosure vulnerability Description: BEA Plumtree portal 6.0 is vulnerable to a full version disclosure vulnerability. The exact version along with the build date is always included at the bottom of every requested HTML page within HTML comments. Date...
Plumtree Portal Default Credentials
The remote host is running Plumtree portal, a corporate web portal. The remote installation of the Plumtree portal is configured to use default credentials to control administrative access. Knowing these, an attacker can gain control of the affected application. %NASLMINLEVEL 70300 C Tenable...
CVE-2007-6197
The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows remote attackers to obtain version numbers and internal hostnames by reading comments in the HTML source of any page...
CVE-2007-6197
The CVE-2007-6197 entry affects BEA AquaLogic Interaction Plumtree Portal 5.0.2–5.0.4 and 6.0.1.218452. The root cause is information disclosure via comments in the HTML source of any page, allowing remote attackers to learn version numbers and internal hostnames. Impact is partial confidentialit...
BEA AquaLogic Interaction 6.06.1 Plumtree Portal - Multiple Information Disclosure Vulnerabilities
BEA AquaLogic Interaction 6.06.1 Plumtree Portal - Multiple Information Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/26620/info BEA AquaLogic Interaction is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to access valid usernam...
BEA AquaLogic Interaction 6.0/6.1 Plumtree Portal - Multiple Information Disclosure Vulnerabilities
source: https://www.securityfocus.com/bid/26620/info BEA AquaLogic Interaction is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to access valid usernames in the Plumtree portal as well as the server hostname, build date, and server version. Informati...
Plumtree Corporate Portal Cross-Site Scripting (Patch Available)
Plumtree Corporate Portal Cross-Site Scripting Patch Available ---------------------------------------------------------------- SYNOPSIS Plumtree www.plumtree.com Corporate Portal versions 4.5, 4.0, 4.0SP1, 4.0i, 4.0iSP1, and 3.5 should be modified to remediate potential cross-site scripting...