VYPR

Openwsman

by Openwsman

CVEs (4)

  • CVE-2019-3833HigMar 14, 2019
    risk 0.50cvss 7.5epss 0.15

    Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to…

  • CVE-2019-3816HigMar 14, 2019
    risk 0.50cvss 7.5epss 0.15

    Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request…

  • CVE-2008-2234Aug 18, 2008
    risk 0.00cvss epss 0.04

    Multiple buffer overflows in Openwsman 1.2.0 and 2.0.0 allow remote attackers to execute arbitrary code via a crafted "Authorization: Basic" HTTP header.

  • CVE-2008-2233Aug 18, 2008
    risk 0.00cvss epss 0.01

    The client in Openwsman 1.2.0 and 2.0.0, in unknown configurations, allows remote Openwsman servers to replay SSL sessions via unspecified vectors.