Lucene search
+L

114 matches found

osv
osv
added 2015/09/28 8:59 p.m.4 views

UBUNTU-CVE-2015-5185

The lookupProviders function in providerMgr.c in sblim-sfcb 1.3.4 and 1.3.18 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an empty className in a packet...

5CVSS5.8AI score0.03357EPSS
Exploits1References4
cve
cve
added 2015/09/28 8:0 p.m.69 views

CVE-2015-5185

CVE-2015-5185 affects the SBLIM-SFCB component (sblim-sfcb). The root cause is a NULL pointer dereference in providerMgr.c when handling a packet with an empty className, allowing a remote attacker to cause a DoS (application crash). Affected products include IBM IMM2 ( IMM2 for System x, Flex, a...

5CVSS6.3AI score0.03357EPSS
Exploits1References6Affected Software1
nessus
nessus
added 2015/09/21 12:0 a.m.16 views

openSUSE Security Update : sblim-sfcb (openSUSE-2015-585)

sblim-sfcb was updated to fix a security issue with a crash due to a NULL pointer dereference in lookupProviders CVE-2015-5185 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2015-585...

5CVSS5.3AI score0.03357EPSS
Exploits1References2
osv
osv
added 2012/08/17 12:55 a.m.12 views

AZL-37030 CVE-2012-3381 affecting package sblim-sfcb 1.4.9-20

sfcb in sblim-sfcb places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

4.4CVSS5.7AI score0.0034EPSS
Exploits0References1
osv
osv
added 2012/08/17 12:55 a.m.9 views

AZL-7355 CVE-2012-3381 affecting package sblim-sfcb 1.4.9-20

sfcb in sblim-sfcb places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

4.4CVSS5.7AI score0.0034EPSS
Exploits0References1
nvd
nvd
added 2012/08/17 12:55 a.m.20 views

CVE-2012-3381

sfcb in sblim-sfcb places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

4.4CVSS6.4AI score0.0034EPSS
Exploits0References5
ubuntucve
ubuntucve
added 2012/08/17 12:55 a.m.22 views

CVE-2012-3381

sfcb in sblim-sfcb places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

4.4CVSS5.9AI score0.0034EPSS
Exploits0References5
prion
prion
added 2012/08/17 12:55 a.m.20 views

Directory traversal

sfcb in sblim-sfcb places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

4.4CVSS6.7AI score0.0034EPSS
Exploits0References5
cve
cve
added 2012/08/17 12:0 a.m.167 views

CVE-2012-3381

The CVE-2012-3381 issue affects the sblim-sfcb component, where sfcb places a zero-length directory name in LD_LIBRARY_PATH, enabling local privilege escalation via a Trojan horse shared library in the current working directory. Documented impact is local userPrivilege elevation with partial conf...

4.4CVSS6.6AI score0.0034EPSS
Exploits0References5Affected Software1
cvelist
cvelist
added 2012/08/17 12:0 a.m.26 views

CVE-2012-3381

sfcb in sblim-sfcb places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

6.4AI score0.0034EPSS
Exploits0References5
openvas
openvas
added 2012/03/15 12:0 a.m.56 views

VMware ESXi/ESX third party component updates (VMSA-2011-0013.2)

The remote ESXi is missing one or more security related Updates from VMSA-2011-0013.2. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS6.9AI score0.8425EPSS
Exploits29References1
nessus
nessus
added 2011/10/28 12:0 a.m.51 views

VMSA-2011-0013 : VMware third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

a. ESX third-party update for Service Console openssl RPM The Service Console openssl RPM is updated to openssl-0.9.8e.12.el55.7 resolving two security issues. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2008-7270 and CVE-2010-4180 to these issues. b...

10CVSS8.1AI score0.8425EPSS
Exploits29References65
securityvulns
securityvulns
added 2011/01/03 12:0 a.m.61 views

VMSA-2010-0020 VMware ESXi 4.1 Update Installer SFCB Authentication Flaw

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2010-0020 Synopsis: VMware ESXi 4.1 Update Installer SFCB Authentication Flaw Issue date: 2010-12-21 Updated on: 2010-12-21 CVE...

9.3CVSS6.6AI score0.02516EPSS
Exploits0
securityvulns
securityvulns
added 2011/01/03 12:0 a.m.84 views

VMware ESXi authentication bypass

SFCB access without authentication is possible during update...

9.3CVSS3.6AI score0.02516EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2010/12/22 9:0 p.m.27 views

CVE-2010-4573

The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is present, does not properly configure the SFCB authentication mode, which allows remote attackers to obtain access via an arbitrary username and password...

9.3CVSS6.9AI score0.02516EPSS
Exploits0References8
prion
prion
added 2010/12/22 9:0 p.m.17 views

Default credentials

The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is present, does not properly configure the SFCB authentication mode, which allows remote attackers to obtain access via an arbitrary username and password...

9.3CVSS7.4AI score0.02516EPSS
Exploits0References8Affected Software1
cve
cve
added 2010/12/22 8:0 p.m.59 views

CVE-2010-4573

Summary (CVE-2010-4573) : VMware ESXi 4.1 Update Installer may improperly configure SFCB authentication if /etc/sfcb/sfcb.cfg was modified during an upgrade from ESXi 3.5 or 4.0. The result is that SFCB authentication could allow login with any username and password, enabling remote access. The i...

9.3CVSS7AI score0.02516EPSS
Exploits0References8Affected Software1
vmware
vmware
added 2010/12/21 12:0 a.m.24 views

VMware ESXi 4.1 Update Installer SFCB Authentication Flaw

a. ESXi 4.1 Update Installer SFCB Authentication FlawUnder certain conditions, the ESXi 4.1 installer that upgrades an ESXi 3.5 or ESXi 4.0 host to ESXi 4.1 incorrectly handles the SFCB authentication mode. The result is that SFCB authentication could allow login with any username and password...

9.3CVSS1.4AI score0.02516EPSS
Exploits0References1Affected Software1
vmware
vmware
added 2010/12/19 12:0 a.m.60 views

VMSA-2010-0020:VMware ESXi 4.1 Update Installer SFCB Authentication Flaw

VMSA-2010-0020.1 VMware ESXi 4.1 Update Installer SFCB Authentication Flaw VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2010-0020.1 VMware Security Advisory Synopsis: VMware ESXi 4.1 Update Installer SFCB Authentication Flaw VMware Security Advisory Issue date: 2010-12-21...

9.3CVSS6.5AI score0.02516EPSS
Exploits0Affected Software1
openvas
openvas
added 2010/09/10 12:0 a.m.20 views

Fedora Update for sblim-sfcb FEDORA-2010-10323

Check for the Version of sblim-sfcb OpenVAS Vulnerability Test Fedora Update for sblim-sfcb FEDORA-2010-10323 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

10CVSS6.4AI score0.05818EPSS
Exploits0References2
Rows per page
Query Builder