Christian Mock

**Name of the Vulnerable Software and Affected Versions** Dell iDRAC9 versions 5.00.00.00 through 5.10.10.00 **Description** The issue is related to an improper authentication vulnerability in the Dell iDRAC9 software. This vulnerability can be exploited by a remote unauthenticated attacker to gain access to the VNC Console. The vulnerability is associated with deficiencies in the authentication procedure of the Dell iDRAC9 embedded controllers. **Recommendations** For Dell iDRAC9 versions 5.00.00.00 through 5.10.10.00, update to a version later than 5.10.10.00 to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific vulnerability.

**Name of the Vulnerable Software and Affected Versions** Proc::Daemon module version 0.14 **Description** The issue concerns the Proc::Daemon module for Perl, which uses world-writable permissions for a file that stores a process ID. This allows local users to modify the file, potentially having an unspecified impact. **Recommendations** For Proc::Daemon module version 0.14, consider changing the permissions of the process ID file to prevent world-writable access until a patch is available.