114 matches found
mod_jk: information leak due to incorrect JkMount/JkUnmount directives processing
It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them...
DEBIAN-CVE-2014-8105
389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does not properly restrict access to the "cn=changelog" LDAP sub-tree, which allows remote attackers to obtain sensitive information from the changelog via unspecified vectors...
389-ds-base: information disclosure through 'cn=changelog' subtree
An information disclosure flaw was found in the way the 389 Directory Server stored information in the Changelog that is exposed via the 'cn=changelog' LDAP sub-tree. An unauthenticated user could in certain cases use this flaw to read data from the Changelog, which could include sensitive...
389-ds-base: information disclosure through 'cn=changelog' subtree
An information disclosure flaw was found in the way the 389 Directory Server stored information in the Changelog that is exposed via the 'cn=changelog' LDAP sub-tree. An unauthenticated user could in certain cases use this flaw to read data from the Changelog, which could include sensitive...
Can't push subtree
As requested in answer to my stackoverflow http://stackoverflow.com/questions/24637748/cant-push-subtree-using-sourcetree post I'm posting this potential bug here. Using a basic schema for git subtree I created 2 repository on Github: "project" and "framework" and made the followings: - Clone...
Can't push subtree
As requested in answer to my stackoverflow http://stackoverflow.com/questions/24637748/cant-push-subtree-using-sourcetree post I'm posting this potential bug here. Using a basic schema for git subtree I created 2 repository on Github: "project" and "framework" and made the followings: - Clone...
PYSEC-2014-53
Multiple unspecified vulnerabilities in 1 dataitems.py, 2 get.py, and 3 traverseName.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users with administrator access to a subtree to access nodes above the subtree via unknown vectors...
CentOS 5 : net-snmp (CESA-2013:0124)
Updated net-snmp packages that fix one security issue and multiple bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Moderate: Red Hat Security Advisory: net-snmp security and bug fix update
Updated net-snmp packages that fix one security issue and multiple bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
[ MDVSA-2012:099 ] net-snmp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:099 http://www.mandriva.com/security/ Package : net-snmp Date : June 21, 2012 Affected: 2010.1, 2011., Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected in net-snmp...
Mandriva Linux Security Advisory : net-snmp (MDVSA-2012:099)
A vulnerability has been discovered and corrected in net-snmp : An array index error, leading to out-of heap-based buffer read flaw was found in the way net-snmp agent performed entries lookup in the extension table. When certain MIB subtree was handled by the extend directive, a remote attacker...
Moderate: Red Hat Security Advisory: net-snmp security and bug fix update
Updated net-snmp packages that fix one security issue and multiple bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Microsoft Windows ReadDirectoryChangesW information leak
ReadDirectoryChangesW API function doesn't check user's privileges for subtree folders, making it's possible for unprivileged user to gather information about sensitive files...
Design/Logic Flaw
LDAP service in Sun Java System Directory Server 5.2, running on Linux and possibly other platforms, allows remote attackers to cause a denial of service memory allocation error via an LDAP packet with a crafted subtree search request, as demonstrated using the ProtoVer LDAP test suite...