|
261241
|
- |
|
katello
|
katello
|
script/katello-generate-passphrase in Katello 1.1 uses world-readable permissions for /etc/katello/secure/passphrase, which allows local users to obtain the passphrase by reading the file.
|
CWE-200
Information Exposure
|
CVE-2012-5561
|
2013-03-2 00:51 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261242
|
- |
|
cisco
|
network_admission_control
|
The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle att…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1124
|
2013-03-2 00:09 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261243
|
- |
|
justsystems
|
hanako
hanako_police
hanako_police3
ichitaro
ichitaro_portable
|
Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanak…
|
NVD-CWE-noinfo
|
CVE-2013-0707
|
2013-03-1 14:40 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261244
|
- |
|
bayashi
|
dopvcomet*
|
Cross-site scripting (XSS) vulnerability in dopvCOMET* 0009b allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled during display o…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0708
|
2013-03-1 14:40 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261245
|
- |
|
bayashi
|
dopvstar*
|
Cross-site scripting (XSS) vulnerability in dopvSTAR* 0091 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled during display of …
|
CWE-79
Cross-site Scripting
|
CVE-2013-0709
|
2013-03-1 14:40 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261246
|
- |
|
claws-mail
|
claws-mail
|
The strchr function in procmime.c in Claws Mail (aka claws-mail) 3.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted email.
|
NVD-CWE-Other
|
CVE-2012-4507
|
2013-03-1 14:00 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261247
|
- |
|
claws-mail
|
claws-mail
|
Per: http://cwe.mitre.org/data/definitions/476.html
"CWE-476: NULL Pointer Dereference"
|
NVD-CWE-Other
|
CVE-2012-4507
|
2013-03-1 14:00 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261248
|
- |
|
cisco
|
unified_communications_manager
|
The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, …
|
CWE-287
Improper Authentication
|
CVE-2013-1134
|
2013-03-1 01:17 |
2013-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261249
|
- |
|
cisco
|
unified_presence_server
|
Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua899…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1137
|
2013-02-28 14:00 |
2013-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261250
|
- |
|
cisco
|
nx-os
nexus_7000
|
Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport Virtualization (OTV) configuration is used, allows remote attackers to cause a denial of service (M1-Series module reload) via crafted …
|
CWE-20
Improper Input Validation
|
CVE-2013-1122
|
2013-02-27 14:00 |
2013-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
