EUVD-2012-2589

Malware in sbrugna...

CVE-2012-2603

The server in CollabNet ScrumWorks Pro before 6.0 allows remote authenticated users to gain privileges and obtain sensitive information via a modified desktop client...

ScrumWorks Pro 6.7.0 RCE Vulnerability

ScrumWorks Pro is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Scrumworks Pro Detection

Detection of ScrumWorks Pro. The script sends a connection request to the server and attempts to detect Scrumworks Pro and to extract its version. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

Design/Logic Flaw

The server in CollabNet ScrumWorks Pro before 6.0 allows remote authenticated users to gain privileges and obtain sensitive information via a modified desktop client...

CVE-2012-2603

The server in CollabNet ScrumWorks Pro before 6.0 allows remote authenticated users to gain privileges and obtain sensitive information via a modified desktop client...

CVE-2012-2603

CVE-2012-2603 affects CollabNet ScrumWorks Pro prior to 6.0. The vulnerability allows remote authenticated users to escalate privileges and access sensitive information by using a modified desktop client; exploitation relies on recompiling the client to bypass normal privilege checks. CollabNet s...

CVE-2012-2603

The server in CollabNet ScrumWorks Pro before 6.0 allows remote authenticated users to gain privileges and obtain sensitive information via a modified desktop client...

ScrumWorks Pro privilege escalation vulnerability

Overview ScrumWorks Pro versions prior to ScrumWorks Pro 6.0 contain a privilege escalation vulnerability. Description ScrumWorks Pro versions prior to ScrumWorks Pro 6.0 contain a privilege escalation vulnerability where a malicious user can escalate the privileges of their ScrumWorks Pro accoun...

CVE-2011-0410

CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the internal database, which makes it easier for context-dependent attackers to obtain sensitive information by 1 sniffing the network for transmissions of Java objects or 2 reading the database...

Design/Logic Flaw

CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the internal database, which makes it easier for context-dependent attackers to obtain sensitive information by 1 sniffing the network for transmissions of Java objects or 2 reading the database...

CVE-2011-0410

CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the internal database, which makes it easier for context-dependent attackers to obtain sensitive information by 1 sniffing the network for transmissions of Java objects or 2 reading the database...

CVE-2011-0410

CVE-2011-0410 affects CollabNet ScrumWorks Basic 1.8.4. The server–client communications transmit credential information in plaintext via unencrypted Java objects, and the internal database may store unencrypted usernames/passwords, enabling credential exposure through network sniffing or databas...

CollabNet ScrumWorks Basic Server transmits credential information in plaintext

Overview Communication between the Collabnet ScrumWorks Basic Server and CollabNet ScrumWorks Desktop Client transmits credential information in plaintext. Description The communication between the CollabNet ScrumWorks Basic Server and CollabNet ScrumWorks Desktop Client is transmitting credentia...