RSS   Vulnerabilities for 'Mobility pack'   RSS

2011-08-09
 
CVE-2011-3014

CWE-264
 

 
The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not properly restrict caching of HTTPS responses, which makes it easier for remote attackers to obtain sensitive information by leveraging an unattended workstation.

 
 
CVE-2011-3013

CWE-310
 

 
WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 supports weak SSL ciphers, which makes it easier for remote attackers to obtain access via a brute-force attack.

 
 
CVE-2011-2224

 

 
The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.

 
 
CVE-2011-2223

 

 
The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.

 
 
CVE-2011-2222

 

 
Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to hijack web sessions via unspecified vectors.

 
 
CVE-2011-2221

 

 
The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to bypass WebAdmin authentication and obtain sensitive GroupWise information via unspecified vectors.

 
2011-06-08
 
CVE-2011-1711

CWE-noinfo
 

 
Unspecified vulnerability in the Mobility Pack 1.1.2 and earlier in Novell Data Synchronizer 1.0.x, and 1.1.x through 1.1.1 build 428, allows remote authenticated users to access the accounts of other users via unknown vectors.

 

 >>> Vendor: Novell 110 Products
Web server
Netware
Http server
Groupwise
Unixware
Bordermanager
Client
Netware ftp server
Groupwise webaccess
Web search
Netmail
Netmail xe
Emframe
Small business suite
Edirectory
Netware client
Ichain
Zenworks desktops
Imanager
Internet messaging system
Client firewall
Linux desktop
Nsure audit
Zenworks
Zenworks remote management
Zenworks server management
Zenworks servers
Open enterprise server
Zenworks patch management server
Groupwise messenger
Imonitor
Identity manager
Zenworks asset management
Apache http server
Access manager identity server
Access manager
Securelogin
Extend director
Modular authentication service
Client login extension (cle)
Opensuse
Zenworks endpoint security management
Opensuse swamp
Zenworks patch management update agent
Challenge response client
Novell client for windows
Apparmor
Iprint
Iprint client
Novell forum
Zenworks desktop management
Identity manager roles based provisioning module
User application
Teaming
Suse linux
Netidentity client1.2.3
Suse linux enterprise server
Suse lifecycle management server
Zenworks configuration management
Moonlight
Zenworks handheld management
Vibe onprem
Zenworks configuration manager
Iprint open enterprise server
Opensuse build service
File reporter
Suse linux enterprise
Opensuse factory
Identity manager user application
Xtier framework
Data synchronizer
Mobility pack
File reporter engine
Suse studio onsite
Cloud manager
Iprint open enterprise server 2
Messenger
Sentinel log manager
Suse audit log keeper
Zenworks mobile management
Kanaka
Suse linux enterprise desktop
Libzypp
Suse linux software development kit
Suse manager
Suse linux enterprise for sap applications
Suse cloud
Suse linux enterprise software development kit
Suse linux for vmware
Suse linux sdk
LEAP
FILR
Service desk
Suse linux enterprise module for legacy software
Suse manager proxy
Suse openstack cloud
Suse package hub for suse linux enterprise
Suse linux enterprise debuginfo
Suse linux enterprise real time extension
Suse linux enterprise live patching
See all Products for Vendor Novell


Copyright 2019, cxsecurity.com

 

Back to Top