79 matches found
CVE-2020-36658
In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...
CVE-2020-36658
In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...
Apache::Session::Browseable 信任管理问题漏洞
Apache::Session::Browseable is an Apache::Session implementation that allows indexes to be defined to speed up searches. A security vulnerability exists in Apache::Session::Browseable versions prior to 1.3.6 that stems from not checking the validity of X.509 certificates...
Apache::Session::LDAP 信任管理问题漏洞
Apache::Session::LDAP is a tool for storing Apache sessions in LDAP. A security vulnerability exists in Apache::Session::LDAP versions prior to 0.5 that stems from not checking the validity of an X.509 certificate...
CVE-2020-36659
In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-160...
PT-2023-11827 · Unknown · Net::Ldaps +1
Name of the Vulnerable Software and Affected Versions: Apache::Session::Browseable versions prior to 1.3.6 Description: The issue concerns the validity check of the X.509 certificate when connecting to remote LDAP backends. By default, the validity of the X.509 certificate is not checked due to t...
CVE-2013-3737
The CVE-2013-3737 issue affects the MobileUI (RT-Extension-MobileUI) for Request Tracker (RT) installations. It concerns MobileUI >=?
CVE-2013-3374
Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...
CVE-2013-3374
Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...
UBUNTU-CVE-2013-3374
Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...
CVE-2013-3374
Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...
Design/Logic Flaw
Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...
CVE-2013-3374
Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...
CVE-2013-3374
Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...
CVE-2013-3374
RT (Request Tracker) is affected by an unspecified vulnerability in the Apache::Session::File session store, impacting RT 3.8.x before 3.8.17 and RT 4.0.x before 4.0.13. The issue enables remote attackers to obtain sensitive information (user preferences and caches) via unknown vectors related to...
Request Tracker 3.8.x < 3.8.17 / 4.x < 4.0.13 Multiple Vulnerabilities
According to its self-reported version number, the Best Practical Solutions Request Tracker RT running on the remote web server is version 3.8.x prior to 3.8.17 or version 4.x prior to 4.0.13. It is, therefore, potentially affected by the following vulnerabilities : - A flaw exists that allows a...
FreeBSD : RT -- multiple vulnerabilities (3a429192-c36a-11e2-97a9-6805ca0b3d42)
Thomas Sibley reports : We discovered a number of security vulnerabilities which affect both RT 3.8.x and RT 4.0.x. We are releasing RT versions 3.8.17 and 4.0.13 to resolve these vulnerabilities, as well as patches which apply atop all released versions of 3.8 and 4.0. The vulnerabilities...
[SECURITY] [DSA 2670-1] request-tracker3.8 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2670-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 22, 2013 http://www.debian.org/security/faq -...
Переполнение буфера в mod_ssl под Apache (buffer overflow)
Переполнение буфера при работе с идентификатором сеанса...