3 matches found
CVE-2007-5962
CVE-2007-5962 describes a memory-leak vulnerability in vsftpd triggered by a large number of CWD commands when the deny_file option is set. The issue affects vsftpd 2.0.5 on Red Hat Enterprise Linux 5 and Fedora 6–8, as well as Foresight Linux and rPath appliances. Remote attackers could cause de...
CVE-2008-2139
The CVE-2008-2139 entry concerns the rootpw plugin in rPath Appliance Platform Agent 2 and 3, where requests from a browser with a valid administrator session are not re-validated (including password-change requests). This weakens session handling and can allow physically proximate attackers to g...
CVE-2008-2140
CVE-2008-2140 corresponds to a CSRF vulnerability in the rootpw plugin of the rPath Appliance Platform Agent (versions 2 and 3). The underlying issue enables remote attackers to reset the root password for the administrator account through a crafted URL. The linked documents confirm the affected ...