37 matches found
CVE-2015-2862
Directory traversal vulnerability in Kaseya Virtual System Administrator VSA 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote authenticated users to read arbitrary files via a crafted HTTP request...
Directory traversal
Directory traversal vulnerability in Kaseya Virtual System Administrator VSA 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote authenticated users to read arbitrary files via a crafted HTTP request...
CVE-2015-2863
Open redirect vulnerability in Kaseya Virtual System Administrator VSA 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...
CVE-2015-2862
Directory traversal vulnerability in Kaseya Virtual System Administrator VSA 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote authenticated users to read arbitrary files via a crafted HTTP request...
Kaseya Virtual System Administrator Multiple Vulnerabilities - Active Check
Kaseya Virtual System Administrator is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Kaseya Virtual System Administrator File Download / Open Redirect
tl;dr Two vulns in Kaseya Virtual System Administrator - an authenticated arbitrary file download and two lame open redirects. Full advisory text below and at 1. Thanks to CERT for helping me to disclose these vulnerabilities 2. Multiple vulnerabilities in Kaseya Virtual System Administrator...
Kaseya Virtual System Administrator contains multiple vulnerabilities
Overview Kaseya Virtual System Administrator VSA, versions R9 and possibly earlier, contains arbitrary file download and open redirect vulnerabilities. Description CWE-22: Improper Limitation of Pathname to a Restricted Directory 'Path Traversal' - CVE-2015-2862Kaseya VSA is an IT management...
CVE-2014-2926
kapfa.sys in Kaseya Virtual System Administrator VSA 6.5 before 6.5.0.17 and 7.0 before 7.0.0.16 allows local users to cause a denial of service NULL pointer dereference and application crash via unspecified vectors...
Null pointer dereference
kapfa.sys in Kaseya Virtual System Administrator VSA 6.5 before 6.5.0.17 and 7.0 before 7.0.0.16 allows local users to cause a denial of service NULL pointer dereference and application crash via unspecified vectors...
CVE-2014-2926
CVE-2014-2926 affects Kaseya Virtual System Administrator (VSA) with kapfa.sys vulnerable to a NULL pointer dereference. Versions affected: VSA 6.5 before 6.5.0.17 and 7.0 before 7.0.0.16. Local authenticated attackers could cause a denial of service (and, per CERT, potentially code execution in ...
CVE-2014-2926
kapfa.sys in Kaseya Virtual System Administrator VSA 6.5 before 6.5.0.17 and 7.0 before 7.0.0.16 allows local users to cause a denial of service NULL pointer dereference and application crash via unspecified vectors...
CVE-2013-5455
IBM SmartCloud Provisioning 2.1 before FP3 IF0001 allows remote authenticated users to modify virtual-system deployment via deployer.virtualsystems CLI commands, as demonstrated by a deletion using a deployer.virtualsystems.delete command...
CVE-2013-5455
Summary: IBM SmartCloud Provisioning 2.1 before FP3 IF0001 is vulnerable to an unaffordable remote-authenticated command that can delete or modify virtual-system deployments via the deployer.virtualsystems CLI (example: delete). The issue affects the CLI (not GUI) and can be triggered by commands...
CVE-2013-5455
IBM SmartCloud Provisioning 2.1 before FP3 IF0001 allows remote authenticated users to modify virtual-system deployment via deployer.virtualsystems CLI commands, as demonstrated by a deletion using a deployer.virtualsystems.delete command...
VSX Virtual System might be left without any policy, if installation of policy fails after running 'cpstop;cpstart' commands
...
Returnil Virtual System protection bypass
Configuraiton file encryption password is stored in cleartext in process memory...
Returnil Virtual System 2008 - Password Disclosure Issue
Returnil Virtual System 2008 - Password Disclosure Issue -=== Vulnerable ============================================- Product: Returnil Virtual System 2008 + Personal Edition 2.0.0.5011 Final + Premium Edition 2.0.0.5007 Final -=============================================================- Found...