|
288901
|
- |
|
apache
|
tomcat
|
java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationship…
|
CWE-287
Improper Authentication
|
CVE-2013-2067
|
2024-11-21 10:50 |
2013-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288902
|
- |
|
redhat
|
livecd-tools
|
Red Hat livecd-tools before 13.4.4, 17.x before 17.17, 18.x before 18.16, and 19.x before 19.3, when a rootpw directive is not set in a Kickstart file, sets the root user password to empty, which all…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2069
|
2024-11-21 10:50 |
2013-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288903
|
- |
|
redhat
|
libvirt
|
The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service (file descriptor consumption) via a large number…
|
CWE-399
Resource Management Errors
|
CVE-2013-1962
|
2024-11-21 10:50 |
2013-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288904
|
- |
|
moodle
|
moodle
|
Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not consider "don't send" attributes during hub registration, which allows remote hubs to obtain sensitive …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2081
|
2024-11-21 10:50 |
2013-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288905
|
- |
|
moodle
|
moodle
|
The core_grade component in Moodle through 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly consider the existence of hidden grades, which allows remote authenticated users to obt…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2080
|
2024-11-21 10:50 |
2013-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288906
|
- |
|
moodle
|
moodle
|
mod/assign/locallib.php in the assignment module in Moodle 2.3.x before 2.3.7 and 2.4.x before 2.4.4 does not consider capability requirements during the processing of ZIP assignment-archive download…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2079
|
2024-11-21 10:50 |
2013-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288907
|
- |
|
openstack
|
keystone
|
OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, w…
|
CWE-287
Improper Authentication
|
CVE-2013-2059
|
2024-11-21 10:50 |
2013-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288908
|
- |
|
qemu
|
qemu
|
The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2007
|
2024-11-21 10:50 |
2013-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288909
|
- |
|
openstack
|
keystone
|
OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the (1) admin_token and (2) LDAP password in plaintext, which allows local users to obtain sensitive by readin…
|
CWE-200
Information Exposure
|
CVE-2013-2006
|
2024-11-21 10:50 |
2013-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288910
|
- |
|
openstack
|
devstack
|
OpenStack devstack uses world-readable permissions for keystone.conf, which allows local users to obtain sensitive information such as the LDAP password and admin_token secret by reading the file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1977
|
2024-11-21 10:50 |
2013-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
