Lucene search
K

20 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Novell Sentinel Log Manager <= 1.2.0.2 - Retention Policy Vulnerability

No description provided by source. Novell Sentinel Log Manager ver. =1.2.0.2 allows unauthenticated users configuring retention policies. Vendor informed: 2012/09/06 Patch Released: 2012/09/21 PoC: !/bin/bash TARGET=$1 PORT=8443 if $ -ne 1 ; then echo Usage: basename $0 target exit 1 fi echo POST...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

novell sentinel log manager <= 1.2.0.1 - Directory Traversal

No description provided by source...

7.1AI score
Exploits0
NVD
NVD
added 2013/03/29 4:8 p.m.19 views

CVE-2012-6534

Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote authenticated Report Administrators to create data retention policies via a search-results "Save...

4.3CVSS6.2AI score0.04486EPSS
Exploits1References5
Prion
Prion
added 2013/03/29 4:8 p.m.20 views

Design/Logic Flaw

Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote authenticated Report Administrators to create data retention policies via a search-results "Save...

4.3CVSS6.7AI score0.04486EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2013/03/29 10:0 a.m.57 views

CVE-2012-6534

CVE-2012-6534 affects Novell Sentinel Log Manager prior to 1.2.0.3. The vulnerability allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and enables remote authenticated Report Administrators to create data re...

4.3CVSS6.4AI score0.04486EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2013/03/29 10:0 a.m.25 views

CVE-2012-6534

Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote authenticated Report Administrators to create data retention policies via a search-results "Save...

6.2AI score0.04486EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2012/11/23 12:0 a.m.35 views

Novell Sentinel Log Manager Retention Policy Security Bypass Vulnerability

Novell Sentinel Log Manager is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.7AI score0.04486EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2012/11/19 12:0 a.m.25 views

Novell Sentinel Log Manager Authentication Bypass

The version of Novell Sentinel Log Manager hosted on the remote web server has an authentication bypass vulnerability. It is possible to execute GWT-RPC methods without authentication. A remote, unauthenticated attacker could exploit this to perform actions that should require administrative...

4.3CVSS5.6AI score0.04486EPSS
Exploits1References3
exploitpack
exploitpack
added 2012/10/04 12:0 a.m.11 views

Novell Sentinel Log Manager 1.2.0.2 - Retention Policy

Novell Sentinel Log Manager 1.2.0.2 - Retention Policy Novell Sentinel Log Manager ver. =1.2.0.2 allows unauthenticated users configuring retention policies. Vendor informed: 2012/09/06 Patch Released: 2012/09/21 PoC: !/bin/bash TARGET=$1 PORT=8443 if $ -ne 1 ; then echo "Usage: basename $0 targe...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2012/10/03 12:0 a.m.17 views

Novell Sentinel Log Manager 1.2.0.2 Bypass

Hello, Novell Sentinel Log Manager ver. =1.2.0.2 allows unauthenticated users configuring retention policies. Vendor informed: 2012/09/06 Patch Released: 2012/09/21 PoC: !/bin/bash TARGET=$1 PORT=8443 if $ -ne 1 ; then echo "Usage: basename $0 target" exit 1 fi echo "POST...

Exploits0
0day.today
0day.today
added 2012/09/05 12:0 a.m.28 views

Novell Sentinel Log Manager <= 1.2.0.1 Directory Traversal

Exploit for php platform in category web applications Exploit Title: Novell Sentinel Log Manager directory traversal Date: 2011-12-18 Exploit Author: Andrea Fabrizi Vendor Homepage: http://www.novell.com/ Version: = 1.2.0.1 Tested on: Sentinel Log Manager Appliance 1.2.0.1 CVE: 2011-5028 The late...

7.1AI score0.0352EPSS
Exploits3
NVD
NVD
added 2011/12/29 10:55 p.m.17 views

CVE-2011-5028

Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1938 and earlier, as used in Novell Sentinel before 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. dot dot in the filename parameter...

4CVSS6.2AI score0.0352EPSS
Exploits3References7
Prion
Prion
added 2011/12/29 10:55 p.m.17 views

Directory traversal

Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1938 and earlier, as used in Novell Sentinel before 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. dot dot in the filename parameter...

4CVSS6.7AI score0.0352EPSS
Exploits3References7Affected Software1
securityvulns
securityvulns
added 2011/12/26 12:0 a.m.121 views

Novell Sentinel Log Manager &lt;=1.2.0.1 Path Traversal

Vuln: Path Traversal Application: Sentinel Log Manager Vendor: Novell Version affected: = 1.2.0.1 Website: http://www.novell.com/products/sentinel-log-manager/ Discovered By: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it The latest version of Sentinel Log Manager...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2011/12/18 12:0 a.m.34 views

Novell Sentinel Log Manager 1.2.0.1 Directory Traversal

Vuln: Path Traversal Application: Sentinel Log Manager Vendor: Novell Version affected: = 1.2.0.1 Website: http://www.novell.com/products/sentinel-log-manager/ Discovered By: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it The latest version of Sentinel Log Manager...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2011/12/18 12:0 a.m.38 views

novell sentinel log manager 1.2.0.1 - Directory Traversal

novell sentinel log manager 1.2.0.1 - Directory Traversal Exploit Title: Novell Sentinel Log Manager directory traversal Date: 2011-12-18 Exploit Author: Andrea Fabrizi Vendor Homepage: http://www.novell.com/ Version: = 1.2.0.1 Tested on: Sentinel Log Manager Appliance 1.2.0.1 CVE: 2011-5028 The...

4CVSS6.8AI score0.0352EPSS
Exploits3
Exploit DB
Exploit DB
added 2011/12/18 12:0 a.m.39 views

novell sentinel log manager 1.2.0.1 - Directory Traversal

Exploit Title: Novell Sentinel Log Manager directory traversal Date: 2011-12-18 Exploit Author: Andrea Fabrizi Vendor Homepage: http://www.novell.com/ Version: = 1.2.0.1 Tested on: Sentinel Log Manager Appliance 1.2.0.1 CVE: 2011-5028 The latest version of Sentinel Log Manager is prone to a...

4CVSS7AI score0.0352EPSS
Exploits3
securityvulns
securityvulns
added 2010/08/12 12:0 a.m.23 views

Novell Sentinel Log Manager code execution

fileDownload and reportPluginUpload servlets allow privileged operations to be executed without authentication...

3.3AI score
Exploits0References1
securityvulns
securityvulns
added 2010/08/12 12:0 a.m.42 views

ZDI-10-143: Novell Sentinel Log Manager Multiple Servlet Remote Code Execution Vulnerabilities

ZDI-10-143: Novell Sentinel Log Manager Multiple Servlet Remote Code Execution Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-10-143 August 9, 2010 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Novell -- Affected Products: Novell Security Manager -- Vulnerability...

0.7AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2010/08/09 12:0 a.m.16 views

Novell Sentinel Log Manager Multiple Servlet Remote Code Execution Vulnerabilities

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Log Manager. Authentication is not required to exploit this vulnerability. The specific flaws exist within the fileDownload and reportPluginUpload Tomcat servlets which do not require...

10CVSS8.3AI score
Exploits0References1
Rows per page
Query Builder