Awaiting Analysis This vulnerability is currently awaiting analysis. Yaws 1.91 has a directory traversal vulnerability in the way certain URLs are processed. A remote authenticated user could use this flaw…

Awaiting Analysis This vulnerability is currently awaiting analysis. The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of ‘1’ to be…

Awaiting Analysis This vulnerability is currently awaiting analysis. Yubico PAM Module before 2.10 performed user authentication when ‘use_first_pass’ PAM configuration option was not used and the module was configured as…

References to Advisories, Solutions, and Tools By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information…

Awaiting Analysis This vulnerability is currently awaiting analysis. A local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain values of the “Accept-Language” HTTP header.…

Awaiting Analysis This vulnerability is currently awaiting analysis. OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_KEY (equivalent to a…

References to Advisories, Solutions, and Tools By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information…

Awaiting Analysis This vulnerability is currently awaiting analysis. Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in…

Awaiting Analysis This vulnerability is currently awaiting analysis. Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed.…

Awaiting Analysis This vulnerability is currently awaiting analysis. Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers in requests,…