-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathallitems.xml.test
37 lines (34 loc) · 2.46 KB
/
allitems.xml.test
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
<?xml version="1.0"?>
<cve xmlns="http://cve.mitre.org/cve/downloads/xml_schema_info.html" xmlns:cve="http://cve.mitre.org/cve/downloads/xml_schema_info.html" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://cve.mitre.org/cve/downloads/xml_schema_info.html cve_schema.xsd" schemaVersion="0.1">
<item type="CAN" name="CVE-2020-0001" seq="2020-0001">
<status>Candidate</status>
<phase date="20071208">Assigned</phase>
<desc>** TEST CVE ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.</desc>
<refs>
<ref source="CERT">CA-98-13-tcp-denial-of-service</ref>
<ref source="BUGTRAQ">19981223 Re: CERT Advisory CA-98.13 - TCP/IP Denial of Service</ref>
<ref source="CONFIRM" url="http://www.openbsd.org/errata23.html#tcpfix">http://www.openbsd.org/errata23.html#tcpfix</ref>
<ref source="OSVDB" url="http://www.osvdb.org/5707">5707</ref>
</refs>
<votes>
</votes>
<comments>
</comments>
</item>
<item type="CAN" name="CVE-2020-0002" seq="2020-0002">
<status>Candidate</status>
<phase date="20150204">Assigned</phase>
<desc>Ansible Tower (aka Ansible UI) before 2.0.5 allows remote attackers to bypass authentication and obtain sensitive information via a websocket connection to socket.io/1/.</desc>
<refs>
<ref source="BUGTRAQ" url="http://www.securityfocus.com/archive/1/archive/1/534464/100/0/threaded">20150113 SEC Consult SA-20150113-1 :: Privilege Escalation & XSS & Missing Authentication in Ansible Tower</ref>
<ref source="EXPLOIT-DB" url="http://www.exploit-db.com/exploits/35786">35786</ref>
<ref source="FULLDISC" url="http://seclists.org/fulldisclosure/2015/Jan/52">20150113 SEC Consult SA-20150113-1 :: Privilege Escalation & XSS & Missing Authentication in Ansible Tower</ref>
<ref source="MISC" url="http://packetstormsecurity.com/files/129944/Ansible-Tower-2.0.2-XSS-Privilege-Escalation-Authentication-Missing.html">http://packetstormsecurity.com/files/129944/Ansible-Tower-2.0.2-XSS-Privilege-Escalation-Authentication-Missing.html</ref>
<ref source="MISC" url="https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150113-1_Ansible-Tower_multiple-vulnerabilities_v10.txt">https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150113-1_Ansible-Tower_multiple-vulnerabilities_v10.txt</ref>
</refs>
<votes>
</votes>
<comments>
</comments>
</item>
</cve>