RSS   Vulnerabilities for 'Powerpc-utils'   RSS

2015-02-19
 
CVE-2014-8165

CWE-345
 

 
scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object.

 
2014-06-17
 
CVE-2014-4040

 

 
snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream.

 


Copyright 2024, cxsecurity.com

 

Back to Top