CVE-2019-0007

CVE-2019-0007 affects Juniper Networks Junos OS on the vMX Series, with affected releases: 15.1 versions prior to 15.1F5. The root cause is a predictable IP ID sequence number used by the device, enabling a family of attacks that rely on that predictability to compromise the system and clients pa...

CVE-2019-0007 Junos OS: vMX series: Predictable IP ID sequence numbers vulnerability

The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during...

Privilege Escalation

glusterfs is vulnerable to privilege escalation. It was found that glusterfs-server RPM package would write file with predictable name into world readable /tmp directory. A local attacker could potentially use this flaw to escalate their privileges to root by modifying the shell script during the...

Privilege Escalation Via Symlink Attack

sosreport is vulnerable to privilege escalation via symlink attack. It is possible because they use predictable names for temporary directory creation and handling under /tmp, and set the permission to 700. Therefore, the local attackers can create their own file, hijack the information in the fi...

Unauthorized File Creation

Nagios is vulnerable to symbolic link attack. Due to the flaw in nagios.upgradetov3.sh, it is possible for a local user to create a temporary nagioscfg file with a predictable name in /tmp/.Per: http://rhn.redhat.com/errata/RHSA-2013-1526.html...

Denial Of Service (DoS) Or Escalation Of Privileges

Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service prevent application start or gain privileges by pre-creating a temporary config file in a directory with a predictable name in /tmp/ before it is used by the gem...

Juniper Junos vMX Predictable IP ID Sequence Numbers (JSA10903)

According to its self-reported version number, the remote Junos device uses a predictable IP ID sequence number. It is, therefore, vulnerable to a family of attacks that rely on this property, including a susceptibility to being used as a 'zombie' host in an 'idle scan' blind port scan of another...

EulerOS 2.0 SP5 : rpm (EulerOS-SA-2019-1011)

According to the version of the rpm packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that rpm uses temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files...

BMC Network Automation 8.7.00.000 Session Hijacking

Intro: The BMC Network Automation allows authenticated users to hijack established remote sessions of other users, version v8.7.00.000 b383 u038 was confirmed to be vulnerable. Details: Authenticated users of the BMC Network Automation web application with assigned aviewera role are able to hijac...

SUSE SLED15 / SLES15 Security Update : cups (SUSE-SU-2018:4059-1)

This update for cups fixes the following issues : Security issue fixed : CVE-2018-4700: Fixed extremely predictable cookie generation that is effectively breaking the CSRF protection of the CUPS web interface bsc1115750. Note that Tenable Network Security has extracted the preceding description...

CVE-2018-11741

NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=&GOTO8 URIs...

Information disclosure

NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=&GOTO8 URIs...

CVE-2018-11741

NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=&GOTO8 URIs...

CVE-2018-11741

NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=&GOTO8 URIs...

Kaspersky: Web protection component in Anti-Virus products family uses predictable links for certificate warnings

Summary Websites can predict links used in certificate warnings, Safe Money prompts, anti-phishing warnings and similar pages. This allows them to initiate actions without the user's knowledge. Description The links used to override certificate warnings have the following format: https:///?kiscup...

Authentication Bypass

libcups.so is vulnerable to authentication bypass. The CUPS web interface uses an insecure function and seed to generate the session cookie, which results in a predictable token that can be guessed easily by a remote attacker to gain access to the application...

NEC Univerge Sv9100 WebPro 6.00.00 Predictable Session ID / Cleartext Passwords

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NEC-UNIVERGE-WEBPRO-v6.00-PREDICTABLE-SESSIONID-CLEARTEXT-PASSWORDS.txt + ISR: ApparitionSec Greetz: indoushka | Eduardo B. 0day Vendor www.necam.com Affected Product Code Base NEC Univerge...

NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID / Clear Text Password Storage

Exploit for hardware platform in category web applications ''' + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NEC-UNIVERGE-WEBPRO-v6.00-PREDICTABLE-SESSIONID-CLEARTEXT-PASSWORDS.txt + ISR: ApparitionSec Greetz: indoushka | Eduardo B...

NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID / Clear Text Password Storage

''' + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NEC-UNIVERGE-WEBPRO-v6.00-PREDICTABLE-SESSIONID-CLEARTEXT-PASSWORDS.txt + ISR: ApparitionSec Greetz: indoushka | Eduardo B. 0day Vendor www.necam.com Affected Product Code Base NEC...

NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID Clear Text Password Storage

NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID Clear Text Password Storage ''' + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NEC-UNIVERGE-WEBPRO-v6.00-PREDICTABLE-SESSIONID-CLEARTEXT-PASSWORDS.txt + ISR: ApparitionSec...