CVE-2006-5364

Technical details for CVE-2006-5364 are not publicly available in the provided documents; monitor for updates from official advisories.

CVE-2006-5364

Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 9.0.4.1 and 10.1.2.0.2, and Collaboration Suite 10.1.2, has unknown impact and remote authenticated attack vectors, aka Vuln OC4J05...

CVE-2006-5361

Technical details for CVE-2006-5361 are not publicly provided in the supplied documents; monitor for updates.

CVE-2006-5356

Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.1.0, and Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln OC4J02...

GLSA-200603-13 : PEAR-Auth: Potential authentication bypass

The remote host is affected by the vulnerability described in GLSA-200603-13 PEAR-Auth: Potential authentication bypass Matt Van Gundy discovered that PEAR-Auth did not correctly validate data passed to the DB and LDAP containers. Impact : A remote attacker could possibly exploit this vulnerabili...

PEAR-Auth: Potential authentication bypass

Background PEAR-Auth is a PEAR package that provides methods to create a PHP based authentication system. Description Matt Van Gundy discovered that PEAR-Auth did not correctly validate data passed to the DB and LDAP containers. Impact A remote attacker could possibly exploit this vulnerability t...

CVE-2006-0868

Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage containers."...

CVE-2005-3449

Multiple unspecified vulnerabilities in Oracle Application Server 9.0 up to 10.1.2.0 have unknown impact and attack vectors, as identified by Oracle Vuln 1 AS02 in Containers for J2EE, 2 AS07 in Internet Directory, 3 AS09 in Report Server, and 4 AS11 in Web Cache...

Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure

source: https://www.securityfocus.com/bid/8920/info It has been reported that Centrinity FirstClass HTTP server may be prone to an information disclosure vulnerability that may allow a remote attacker to disclose listings for server root and user web directories on a vulnerable system. This issue...

Multiple Server Crafted Request WEB-INF Directory Information Disclosure

By making a specially-formatted request to the remote web server, it is possible to retrieve files located under the 'WEB-INF' directory. Note that this vulnerability is known to affect the Win32 versions of multiple J2EE servlet containers / application servers. %NASLMINLEVEL 70300 This script w...