816 matches found
Fedora Update for totpcgi FEDORA-2012-19605
Check for the Version of totpcgi OpenVAS Vulnerability Test Fedora Update for totpcgi FEDORA-2012-19605 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
[SECURITY] Fedora 17 Update: totpcgi-0.5.4-1.fc17
A CGI/FCGI application to centralize google-authenticator deployments...
qpid-cpp-server-cluster: unauthorized broker access caused by the use of NullAuthenticator catch-up shadow connections
Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication...
qpid-cpp-server-cluster: unauthorized broker access caused by the use of NullAuthenticator catch-up shadow connections
Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication...
Looking to Bolster Security, Dropbox Adds Two-Factor Authentication
Several weeks after announcing that some of its users’ log-ins and passwords had been stolen, file storage company Dropbox announced it has added a two-step authentication process over the weekend to help reinforce the security of its users’ accounts. The added layer of security is currently...
Report: Diablo III Users Find Accounts Hacked, Gold Stolen And New 'Mystery' Friends
Blizzard Entertainment’s update to the mega-popular Diablo game franchise hit a major snag over the weekend, after users started peppering support boards and the company with reports of raided accounts, missing virtual “gold” and mysterious new friends. The reports began on Saturday, just four da...
eap-info NSE Script
Enumerates the authentication methods offered by an EAP Extensible Authentication Protocol authenticator for a given identity or for the anonymous identity if no argument is passed. Script Arguments eap-info.identity Identity to use for the first step of the authentication methods if omitted...
tomcat: Multiple weaknesses in HTTP DIGEST authentication
DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret aka private key, which makes it easier for remote attackers to bypass cryptographic...
Provide an abstract Seraph authenticator for SSO authenticators to subclass that reduces the plumbing code required to interact with Embedded Crowd
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-24358. panel This is currently the most comprehensive version I have so far compiled of the code a custom SSO authenticator for...
Provide an abstract Seraph authenticator for SSO authenticators to subclass that reduces the plumbing code required to interact with Embedded Crowd
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-24358. panel This is currently the most comprehensive version I have so far compiled of the code a custom SSO authenticator for...
Provide an abstract Seraph authenticator for SSO authenticators to subclass that reduces the plumbing code required to interact with Embedded Crowd
This is currently the most comprehensive version I have so far compiled of the code a custom SSO authenticator for Seraph must provide in order to not break any of the functionality in Confluence: https://bitbucket.org/jaysee00/example-confluence-sso-authenticator. It would be great if we could...
PT-2011-3531 · Microsoft · Display Panning Cpl Extension +11
Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 versions Gold through SP1 Description: T...
Support web sudo and other password confirmation features with custom authenticators
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-22875. panel By default, web sudo and other password confirmation features in Confluence 3.5 and later are disabled if a custom...
Support web sudo and other password confirmation features with custom authenticators
By default, web sudo and other password confirmation features in Confluence 3.5 and later are disabled if a custom authenticator is detected. However, there is an override flag that was added as part of CONF-20958 that allows administrators to turn it on again. If it is turned on manually, in mos...
websudo does not work with Confluence when it's integrated with Crowd SSO
h5. Steps to reproduce Integrate with Crowd with SSO|http://confluence.atlassian.com/display/DOC/Connecting+to+Crowd+or+JIRA+for+User+Management Go to Confluence Admin, it does not prompt to enter password websudo Go to Security Configuration. Note that it will look something like this:...
websudo does not work with Confluence when it's integrated with Crowd SSO
h5. Steps to reproduce Integrate with Crowd with SSO|http://confluence.atlassian.com/display/DOC/Connecting+to+Crowd+or+JIRA+for+User+Management Go to Confluence Admin, it does not prompt to enter password websudo Go to Security Configuration. Note that it will look something like this:...
Seraph in Confluence 3.5 environment no longer able to instantiate custom authenticator
Customer using custom authenticator no longer works in Confluence 3.5 despite updates to latest API, latest Atlassian SDK, and building against Confluence 3.5 and embedded Crowd. See attached error log from customer. In brief, error is: noformat Caused by:...
Seraph in Confluence 3.5 environment no longer able to instantiate custom authenticator
Customer using custom authenticator no longer works in Confluence 3.5 despite updates to latest API, latest Atlassian SDK, and building against Confluence 3.5 and embedded Crowd. See attached error log from customer. In brief, error is: noformat Caused by:...
Seraph in Confluence 3.5 environment no longer able to instantiate custom authenticator
Customer using custom authenticator no longer works in Confluence 3.5 despite updates to latest API, latest Atlassian SDK, and building against Confluence 3.5 and embedded Crowd. See attached error log from customer. In brief, error is: noformat Caused by:...
VSR Advisories: Citrix Access Gateway Command Injection Vulnerability
VSR Security Advisory http://www.vsecurity.com/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Citrix Access Gateway Command Injection Vulnerability Release Date: 2010-12-21 Application: Citrix Access Gateway Versions: Access Gateway Enterprise...