SMB User Authentication Bypass - ownCloud

ownCloud includes an optional and not by default enabled SMB authentication component that allows to authenticate users against an SMB server. This backend is implemented in a way that it tries to connect to a SMB server and if that succeeded consider the user logged-in. The backend did not...

Outfront Spooky 2.x Login SQL Query Manipulation Password Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4661/info Spooky Login is a commerical web access control and account management software package. It is distributed and maintained by Outfront, and is designed for Microsoft IIS Webservers. Under some circumstances, it m...

CVE-2014-3944

The Authentication component in TYPO3 6.2.0 before 6.2.3 does not properly invalidate timed out user sessions, which allows remote attackers to bypass authentication via unspecified vectors...

OpenSSO: unspecified vulnerability in the authentication component

Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 8.0 allows remote attackers to affect availability via unknown vectors related to Authentication...

CVE-2009-2000

Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors...

Authentication flaw

Unspecified vulnerability in the Authentication component in Oracle Database 10.2.0.3 and 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors...

CVE-2009-1997

Unspecified vulnerability in the Authentication component in Oracle Database 10.2.0.3 and 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors...

CVE-2009-2000

Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors...

CVE-2009-1979

Unspecified vulnerability in the Network Authentication component in Oracle Database 10.1.0.5 and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2009 CPU. Oracle has not...

CVE-2009-1997

Unspecified vulnerability in the Authentication component in Oracle Database 10.2.0.3 and 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors...

CVE-2008-2605

Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.6 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2604...

CVE-2008-1818

Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.6 has unknown impact and remote attack vectors, aka DB08...

CVE-2007-2112

Unspecified vulnerability in the Authentication component for Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and attack vectors, aka DB05. NOTE: as of 20070424, Oracle has not disputed reliable claims that this issue allows remote authenticated users to bypass the AUTHALTERSESSION...