Lucene search
K

216 matches found

Tenable Nessus
Tenable Nessus
added 2010/07/20 12:0 a.m.21 views

Novell Teaming Detection

The remote web server hosts Novell Teaming, a web-based collaboration application. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid47803; scriptversion"1.6"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"Novell Teaming Detection"; scriptsummaryenglish:"Checks fo...

5.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/07/20 12:0 a.m.17 views

Novell Teaming Default Credentials

The installed version of Novell Teaming hosted on the remote web server uses the default username and password to control access to its administrative console. Knowing these, an attacker can gain control of the affected application. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/04/21 12:0 a.m.29 views

Novell Teaming Login User Account Enumeration Weakness

The remote host is running Novell Teaming, a collaboration and conferencing application. The version of Novell Teaming installed on the remote host allows an unauthenticated remote attacker to enumerate users during the login phase because the web application responds with different messages when...

5CVSS5.5AI score0.01818EPSS
Exploits2References4
securityvulns
securityvulns
added 2009/04/17 12:0 a.m.111 views

SEC Consult SA-20090415-0 :: Multiple Vulnerabilities in Novell Teaming

SEC Consult Security Advisory 20090415-0 ========================================================================== title: Novell Teaming Multiple Vulnerabilities Username Enumeration Multiple Cross Site Scripting Includes vulnerable Liferay portal program: Novell Teaming vulnerable version: 1.0....

6.4AI score
Exploits0
NVD
NVD
added 2009/04/16 3:12 p.m.25 views

CVE-2009-1293

The web login functionality c/portal/login in Novell Teaming 1.0 through SP3 1.0.3 generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames...

5CVSS6.6AI score0.01818EPSS
Exploits2References7
NVD
NVD
added 2009/04/16 3:12 p.m.25 views

CVE-2009-1294

Multiple cross-site scripting XSS vulnerabilities in web/guest/home in the Liferay 4.3.0 portal in Novell Teaming 1.0 through SP3 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 ppstate or 2 ppmode parameters...

4.3CVSS5.8AI score0.04696EPSS
Exploits2References7
Prion
Prion
added 2009/04/16 3:12 p.m.16 views

Code injection

The web login functionality c/portal/login in Novell Teaming 1.0 through SP3 1.0.3 generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames...

5CVSS7.2AI score0.01818EPSS
Exploits2References7Affected Software1
Prion
Prion
added 2009/04/16 3:12 p.m.19 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in web/guest/home in the Liferay 4.3.0 portal in Novell Teaming 1.0 through SP3 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 ppstate or 2 ppmode parameters...

4.3CVSS6AI score0.04696EPSS
Exploits2References7Affected Software2
Cvelist
Cvelist
added 2009/04/16 3:0 p.m.23 views

CVE-2009-1293

The web login functionality c/portal/login in Novell Teaming 1.0 through SP3 1.0.3 generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames...

6.6AI score0.01818EPSS
Exploits2References7
Cvelist
Cvelist
added 2009/04/16 3:0 p.m.21 views

CVE-2009-1294

Multiple cross-site scripting XSS vulnerabilities in web/guest/home in the Liferay 4.3.0 portal in Novell Teaming 1.0 through SP3 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 ppstate or 2 ppmode parameters...

5.8AI score0.04696EPSS
Exploits2References7
CVE
CVE
added 2009/04/16 3:0 p.m.50 views

CVE-2009-1293

The CVE-2009-1293 issue affects Novell Teaming 1.0–SP3 (1.0.3) web login (c/portal/login). The vulnerability enables remote user enumeration because the login responses differ for valid versus invalid usernames. Nessus also notes a likely related cross-site scripting risk due to unsanitized p_p_s...

5CVSS6.9AI score0.01818EPSS
Exploits2References7Affected Software1
CVE
CVE
added 2009/04/16 3:0 p.m.52 views

CVE-2009-1294

CVE-2009-1294 affects Novell Teaming 1.0 up to SP3 (1.0.3) with XSS in web/guest/home, caused by improper validation/escaping of p_p_state and p_p_mode parameters. Remote attackers can inject arbitrary scripts; impact is web-page script execution. Public details reference Liferay 4.3.0 portal con...

4.3CVSS5.9AI score0.04696EPSS
Exploits2References7Affected Software2
seebug.org
seebug.org
added 2009/04/16 12:0 a.m.40 views

Novell Teaming用户枚举和跨站脚本漏洞

BUGTRAQ ID: 34531 CVECAN ID: CVE-2009-1294,CVE-2009-1293 Novell Teaming是专为团队协同作业而设计的解决方案,内含各种企业社区网络与工作流程功能。 Novell Teaming通过以下登录表单执行用户认证: https://teaming.example.com/c/portal/login 对于有效的和无效的用户名,Web应用会返回不同的响应(Please enter a valid login/Auhtentication failed),这就允许攻击者通过字典或暴力猜测攻击推测出是否存在特定的用户名。 Novell...

5CVSS6.4AI score0.04696EPSS
Exploits3
exploitpack
exploitpack
added 2009/04/15 12:0 a.m.16 views

Novell Teaming 1.0 - User Enumeration Multiple Cross-Site Scripting Vulnerabilities

Novell Teaming 1.0 - User Enumeration Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/34531/info Novell Teaming is prone to a user-enumeration weakness and multiple cross-site scripting vulnerabilities. A remote attacker can exploit the user-enumeration...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2009/04/15 12:0 a.m.35 views

Novell Teaming Enumeration / XSS

SEC Consult Security Advisory ========================================================================== title: Novell Teaming Multiple Vulnerabilities Username Enumeration Multiple Cross Site Scripting Includes vulnerable Liferay portal program: Novell Teaming vulnerable version: 1.0.3 homepage:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/04/15 12:0 a.m.28 views

Novell Teaming 1.0 - User Enumeration / Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/34531/info Novell Teaming is prone to a user-enumeration weakness and multiple cross-site scripting vulnerabilities. A remote attacker can exploit the user-enumeration weakness to enumerate valid usernames and then perform brute-force attacks; other attac...

7AI score
Exploits0
Rows per page
Query Builder