Lucene search
K

31 matches found

Veracode
Veracode
added 2018/11/23 5:57 a.m.15 views

Information Disclosure

tryton is vulnerable to an information disclosure. The library does not properly connect with SSL encryption when connecting to a bus, causing the connection to be attempted in plaintext. A malicious user can gain access to sensitive session information with a man-in-the-middle MitM attack...

5.9CVSS5.3AI score0.00856EPSS
Exploits0References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/08/02 4:50 a.m.3 views

Information Disclosure Vulnerability in Hitachi Command Suite

Overview An Information Disclosure Vulnerability was found in Hitachi Command Suite. Impact An attacker might exploit this vulnerability to obtain sensitive session information. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

3.5CVSS6.3AI score
Exploits0References2
Prion
Prion
added 2016/04/25 12:59 a.m.40 views

Design/Logic Flaw

The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted applicatio...

4.3CVSS7.4AI score0.18171EPSS
Exploits2References41Affected Software2
OpenVAS
OpenVAS
added 2016/04/14 12:0 a.m.67 views

Samba Badlock Critical Vulnerability

Samba is prone to badlock vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:samba:samba"; ifdescription...

7.5CVSS7.2AI score0.3693EPSS
Exploits0References2
Samba
Samba
added 2016/04/12 12:0 a.m.583 views

NETLOGON Spoofing Vulnerability.

Description It's basically the same as CVE-2015-0005 for Windows: The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a...

6.3CVSS0.5AI score0.18171EPSS
Exploits2
NVD
NVD
added 2015/03/11 10:59 a.m.17 views

CVE-2015-0005

The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, ...

4.3CVSS6.2AI score0.18171EPSS
Exploits2References6
Cvelist
Cvelist
added 2015/03/11 10:0 a.m.33 views

CVE-2015-0005

The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, ...

6.4AI score0.18171EPSS
Exploits2References6
OSV
OSV
added 2012/09/15 5:55 p.m.20 views

PYSEC-2012-1

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...

4.3CVSS5.2AI score0.02447EPSS
Exploits0References7
NVD
NVD
added 2009/04/01 10:30 a.m.27 views

CVE-2009-1214

GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-readable permissions, which might allow local users to obtain sensitive session information...

4.9CVSS6AI score0.00343EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2009/04/01 10:0 a.m.28 views

CVE-2009-1214

GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-readable permissions, which might allow local users to obtain sensitive session information...

4.9CVSS1.4AI score0.00343EPSS
Exploits0
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.29 views

CentOS Update for firefox CESA-2008:0103 centos3 x86_64

Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2008:0103 centos3 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

9.3CVSS0.1AI score0.08633EPSS
Exploits3References2
Rows per page
Query Builder