114 matches found
openSUSE Security Update : sblim-sfcb (sblim-sfcb-505)
A tmp file race condition in the genSslCerts.sh helper script could be used by local attackers to gain root privileges. CVE-2009-0416 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : sblim-sfcb (sblim-sfcb-505)
A tmp file race condition in the genSslCerts.sh helper script could be used by local attackers to gain root privileges. CVE-2009-0416 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
CVE-2009-0416
The SSL certificate setup program genSslCert.sh in Standards Based Linux Instrumentation for Manageability SBLIM sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the 1 /var/tmp/key.pem, 2 /var/tmp/cert.pem, and 3 /var/tmp/ssl.cnf temporary files...
Code injection
The SSL certificate setup program genSslCert.sh in Standards Based Linux Instrumentation for Manageability SBLIM sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the 1 /var/tmp/key.pem, 2 /var/tmp/cert.pem, and 3 /var/tmp/ssl.cnf temporary files...
CVE-2009-0416
The SSL certificate setup program genSslCert.sh in Standards Based Linux Instrumentation for Manageability SBLIM sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the 1 /var/tmp/key.pem, 2 /var/tmp/cert.pem, and 3 /var/tmp/ssl.cnf temporary files...
CVE-2009-0416
The CVE-2009-0416 issue affects SBLIM’s sblim-sfcb 1.3.2: the SSL certificate setup program genSslCert.sh allows a local user to trigger a symlink attack that can overwrite the temporary files /var/tmp/key.pem, /var/tmp/cert.pem, and /var/tmp/ssl.cnf. Several connected sources (SU SE/openSUSE adv...
CVE-2009-0416
The SSL certificate setup program genSslCert.sh in Standards Based Linux Instrumentation for Manageability SBLIM sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the 1 /var/tmp/key.pem, 2 /var/tmp/cert.pem, and 3 /var/tmp/ssl.cnf temporary files...
CVE-2005-3144
httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service via long HTTP headers...
CVE-2005-3145
httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service resource consumption by connecting to sblim-sfcb but not sending any data...
CVE-2005-3144
httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service via long HTTP headers...
CVE-2005-3145
The CVE-2005-3145 issue affects sblim-sfcb (httpAdapter.c) where versions before 0.9.2 are vulnerable. Remote attackers can cause denial of service by establishing a connection to sblim-sfcb and not sending any data, leading to resource consumption. This is a network-based impact with no data exf...
CVE-2005-3144
CVE-2005-3144 affects httpAdapter.c in sblim-sfcb versions before 0.9.2, where long HTTP headers can trigger a remote denial of service. The vulnerability is documented in NVD CVE and CVE records; impact is limited to availability (partial), with network access and no authentication required. Rem...
CVE-2005-3145
httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service resource consumption by connecting to sblim-sfcb but not sending any data...
[SA16975] sblim-sfcb Multiple Requests Denial of Service Vulnerability
TITLE: sblim-sfcb Multiple Requests Denial of Service Vulnerability SECUNIA ADVISORY ID: SA16975 VERIFY ADVISORY: http://secunia.com/advisories/16975/ CRITICAL: Less critical IMPACT: DoS WHERE: From remote SOFTWARE: sblim-sfcb 0.x http://secunia.com/product/5777/ DESCRIPTION: A vulnerability has...