|
291231
|
- |
|
saltstack
|
salt
|
Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4439
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291232
|
- |
|
saltstack
|
salt
|
Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute arbitrary YAML code via unspecified vectors. NOTE: the vendor states that this might not be a vulnerability because the YAML to …
|
CWE-94
Code Injection
|
CVE-2013-4438
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291233
|
- |
|
saltstack
|
salt
|
Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 has unspecified impact and vectors related to "insecure Usage of /tmp."
|
NVD-CWE-noinfo
|
CVE-2013-4437
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291234
|
- |
|
saltstack
|
salt
|
The default configuration for salt-ssh in Salt (aka SaltStack) 0.17.0 does not validate the SSH host key of requests, which allows remote attackers to have unspecified impact via a man-in-the-middle …
|
CWE-20
Improper Input Validation
|
CVE-2013-4436
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291235
|
- |
|
saltstack
|
salt
|
Salt (aka SaltStack) 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another rou…
|
CWE-287
Improper Authentication
|
CVE-2013-4435
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291236
|
- |
|
linux
|
linux_kernel
|
The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service (memory consumption or syst…
|
CWE-189
Numeric Errors
|
CVE-2013-4483
|
2024-11-21 10:55 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291237
|
- |
|
linux
|
linux_kernel
|
The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4470
|
2024-11-21 10:55 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291238
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of …
|
CWE-399
Resource Management Errors
|
CVE-2013-4348
|
2024-11-21 10:55 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291239
|
- |
|
openstack
|
havana
grizzly
|
The LDAP backend in OpenStack Identity (Keystone) Grizzly and Havana, when removing a role on a tenant for a user who does not have that role, adds the role to the user, which allows local users to g…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4477
|
2024-11-21 10:55 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291240
|
- |
|
xen
|
xen
|
The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4416
|
2024-11-21 10:55 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
