JVN Info.
- Id
- 34612
- Name
- JVNDB-2011-004854
- Title
- WordPress におけるユーザ名を特定される脆弱性
- Summary
- WordPress には、ユーザ名を特定される脆弱性が存在します。
- Nvdinfo
- CVE-2011-3126
- Cvssv2
- 5
- Jvnurl
- http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-004854.html
- Published Date
- 2011-05-25
- Registered Date
- 2012-03-27
- Last Updated Date
- 2012-03-27
Related Nessuslogs
| Id | Log ID | Jvninfo Id | Plugin ID | CVE | CVSS | Risk | Host | Protocol | Port | Name | Synopsis | Description | Solution | See Also | Plugin Output | Actions |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 51178 | H28_MUN_DWEB_Q4_172_16_240_seg.csv | 34612 | 87680 | CVE-2014-7169 | 10 | Critical | 172.16.240.115 | tcp | 443 | VMware ESX Multiple Bash Vulnerabilities (VMSA-2014-0010) (Shellshock) | The remote VMware ESX host is missing a security-related patch. | The remote VMware ESX host is affected by multiple vulnerabilities in the Bash shell : - A command injection vulnerability exists in GNU Bash known as Shellshock. The vulnerability is due to the processing of trailing strings after function definitions in the values of environment variables. This allows a remote attacker to execute arbitrary code via environment variable manipulation depending on the configuration of the system. (CVE-2014-6271, CVE-2014-7169, CVE-2014-6277, CVE-2014-6278) - A out-of-bounds read error exists in the redirection implementation in file parse.y when evaluating untrusted input during stacked redirects handling. A remote attacker can exploit this to cause a denial of service or possibly have other unspecified impact. (CVE-2014-7186) - An off-by-one overflow condition exists in the read_token_word() function in file parse.y when handling deeply nested flow control structures. A remote attacker can exploit this, by using deeply nested for-loops, to cause a denial of service or possibly execute arbitrary code. (CVE-2014-7187) | Apply the appropriate patch according to the vendor advisory that pertains to ESX version 4.0 / 4.1. | https://www.vmware.com/security/advisories/VMSA-2014-0010 http://lists.vmware.com/pipermail/security-announce/2014/000278.html http://seclists.org/oss-sec/2014/q3/650 http://www.nessus.org/u?dacf7829 https://www.invisiblethreat.ca/2014/09/cve-2014-6271/ http://www.nessus.org/u?e40f2f5a | Version : ESX 4.0 Installed build : 208167 Fixed build : 2167889 | |
| 56759 | H28_DWEB_NW_Scan_Q1_172_16_240_Seg_20160518_hepxqa.csv | 34612 | 87680 | CVE-2014-7169 | 10 | Critical | 172.16.240.115 | tcp | 443 | VMware ESX Multiple Bash Vulnerabilities (VMSA-2014-0010) (Shellshock) | The remote VMware ESX host is missing a security-related patch. | The remote VMware ESX host is affected by multiple vulnerabilities in the Bash shell : - A command injection vulnerability exists in GNU Bash known as Shellshock. The vulnerability is due to the processing of trailing strings after function definitions in the values of environment variables. This allows a remote attacker to execute arbitrary code via environment variable manipulation depending on the configuration of the system. (CVE-2014-6271, CVE-2014-7169, CVE-2014-6277, CVE-2014-6278) - A out-of-bounds read error exists in the redirection implementation in file parse.y when evaluating untrusted input during stacked redirects handling. A remote attacker can exploit this to cause a denial of service or possibly have other unspecified impact. (CVE-2014-7186) - An off-by-one overflow condition exists in the read_token_word() function in file parse.y when handling deeply nested flow control structures. A remote attacker can exploit this, by using deeply nested for-loops, to cause a denial of service or possibly execute arbitrary code. (CVE-2014-7187) | Apply the appropriate patch according to the vendor advisory that pertains to ESX version 4.0 / 4.1. | https://www.vmware.com/security/advisories/VMSA-2014-0010 http://lists.vmware.com/pipermail/security-announce/2014/000278.html http://seclists.org/oss-sec/2014/q3/650 http://www.nessus.org/u?dacf7829 https://www.invisiblethreat.ca/2014/09/cve-2014-6271/ http://www.nessus.org/u?e40f2f5a | Version : ESX 4.0 Installed build : 208167 Fixed build : 2167889 |
