233 matches found
VMSA-2011-0003:Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2011-0003.2 VMware Security Advisory Synopsis: Third party component updates for VMware vCenter Server, vCenter Update...
VMware vCenter Update Manager XSS
The version of VMware vCenter Update Manager running on the remote host has a cross-site scripting vulnerability. This is due to a bug in Jetty, the underlying web server. When Jetty displays a directory listing, arbitrary text can be inserted into the page. A remote attacker could exploit this b...
VMware vCenter Update Manager fix for Jetty Web server addresses important security vulnerabilities
a. VMware vCenter Update Manager Jetty Web server vulnerabilities VMware vCenter Update Manager is an automated patch management solution for VMware ESX hosts and Microsoft virtual machines. Update Manager embeds the Jetty Web server which is a third party component. The default version of the...
VMSA-2010-0012:VMware vCenter Update Manager fix for Jetty Web server addresses HIGH security vulnerabilities
VMSA-2010-0012.2 VMware vCenter Update Manager fix for Jetty Web server addresses important security vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2010-0012.2 VMware Security Advisory Synopsis: VMware vCenter Update Manager fix for Jetty Web server addresses...
CVE-2010-1183
Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager...
Design/Logic Flaw
Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager...
CVE-2010-1183
Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager...
Symlink attack with Solaris Update manager and Sun Patch Cluster
Symlink attack with Solaris Update manager and Sun Patch Cluster Larry W. Cashdollar Vapid Labs http://vapid.dhs.org 1/24/2010 With the GUI Sun Update Manager being used to install patches on a system local users can easily run scripts and create symlinks in an attempt to clobber files and...
Solaris Update Manager / Sun Patch Cluster Symlink Attack
Symlink attack with Solaris Update manager and Sun Patch Cluster Larry W. Cashdollar Vapid Labs http://vapid.dhs.org 1/24/2010 With the GUI Sun Update Manager being used to install patches on a system local users can easily run scripts and create symlinks in an attempt to clobber files and...
Solaris Update manager and Sun Patch Cluster symlink vulnerability
Exploit for solaris platform in category local exploits ================================================================== Solaris Update manager and Sun Patch Cluster symlink vulnerability ================================================================== Symlink attack with Solaris Update manag...
Sun Connection Update Manager for Solaris - Multiple Insecure Temporary File Creation Vulnerabilities
Sun Connection Update Manager for Solaris - Multiple Insecure Temporary File Creation Vulnerabilities source: https://www.securityfocus.com/bid/38928/info Sun Connection Update Manager for Solaris creates temporary files in an insecure manner. An attacker with local access could potentially explo...
AIX 530008 : U825133
The remote host is missing AIX PTF U825133 which is related to the security of the package devices.pciex.8680c71014108003.rte You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...
AIX 530004 : U804438
The remote host is missing AIX PTF U804438 which is related to the security of the package devices.pci.1410d002.diag You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc...