284 matches found
Gratipay: csrf_token cookie don't have the flag "HttpOnly"
As the researcher @kuskumar pointed out, the cookie csrftoken doesn't have the HttpOnly flag. While it is often seen as bad practice to leave cookies without this flag since they are likely to be stolen via XSS, our session cookie has this flag set, making impersonation harder. Regarding csrftoke...
AlienVault OSSIM Arbitrary Command Injection
An arbitrary command injection vulnerability has been reported in AlienVault OSSIM. The vulnerability is due to insufficient validation of the password. A remote, authenticated attacker can exploit this vulnerability by sending maliciously crafted input to the affected server...
Humhub Insecure Password Validation / Reset
Humhub insecure password validation and reset design + Discovered by: Jos Wetzels + Affects: Humhub password == $this-hashPassword$password Here a hash of the user-supplied password gets compared to the stored hash in an insecure manner, since PHP's loose type comparison operators compare only...
CVE-2014-8424
ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass authentication...
PYSEC-2014-75
AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation...
PYSEC-2014-75
AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation...
CVE-2012-5507
AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation...
Design/Logic Flaw
The passwordCheck function in SAP Router 721 patch 117, 720 patch 411, 710 patch 029, and earlier terminates validation of a Route Permission Table entry password upon encountering the first incorrect character, which allows remote attackers to obtain passwords via a brute-force attack that relie...
MySQL Server COM_CHANGE_USER Command Security Bypass
The installed version of MySQL may be affected by a security bypass vulnerability because the salt used during password validation does not change when switching users with the 'COMCHANGEUSER' command. Additionally, the connection is not reset when invalid credentials are submitted. Normally, whe...
APPLE-SA-2013-10-03-1 OS X v10.8.5 Supplemental Update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-10-03-1 OS X v10.8.5 Supplemental Update OS X v10.8.5 Supplemental Update is now available and addresses the following: Directory Services Available for: OS X Mountain Lion v10.8 to v10.8.5 Impact: A local user may modify Directory...
Mac OS X 10.8 < 10.8.5 Supplemental Update
The remote host is running a version of Mac OS X 10.8 that is missing the OS X v10.8.5 Supplemental Update. This update fixes a logic issue in verification of authentication credentials by Directory Services, which could otherwise allow a local attacker to bypass password validation. TRUSTED...
9 1 Panda desktop app lock bypass vulnerability-vulnerability warning-the black bar safety net
Brief description: 9 1 Panda desktop app lock after setting the password can be bypassed. Detailed description: ! SIRI, open the application to bypass the vulnerability, for example,“open QQ”, you can bypass the password validation Vulnerability proof: SIRI, open the application to bypass the...
Ubuntu 9.10 : grub2 vulnerability (USN-868-1)
It was discovered that GRUB 2 did not properly validate passwords. An attacker with physical access could conduct a brute-force attack and bypass authentication by submitting a 1 character password. Note that Tenable Network Security has extracted the preceding description block directly from the...
CVE-2012-2368
Bytemark Symbiosis before Revision 1322 does not properly validate passwords, which allows remote attackers to gain access to email accounts via an arbitrary password...
Default credentials
Bytemark Symbiosis before Revision 1322 does not properly validate passwords, which allows remote attackers to gain access to email accounts via an arbitrary password...
CVE-2012-2368
Bytemark Symbiosis before Revision 1322 does not properly validate passwords, which allows remote attackers to gain access to email accounts via an arbitrary password...
CVE-2012-2368
Bytemark Symbiosis prior to Revision 1322 is vulnerable: it does not properly validate passwords, allowing remote attackers to access email accounts with arbitrary passwords. A fix is available in Revision 1322; systems should update to that revision or apply provided mitigations as per linked ad...
WinRadius Server 2009 - Denial of Service
WinRadius Server 2009 - Denial of Service Title: WinRadius Server Denial Of Service Vulnerability Software : WinRadius Software Version : v2009 Vendor: http://www.elite-school.com/saas/WinRadius/ Vulnerability Published : 2012-05-27 Vulnerability Update Time : Status : Impact : MediumCVSS2 Base :...
WinRadius Server 2009 - Denial of Service
Title: WinRadius Server Denial Of Service Vulnerability Software : WinRadius Software Version : v2009 Vendor: http://www.elite-school.com/saas/WinRadius/ Vulnerability Published : 2012-05-27 Vulnerability Update Time : Status : Impact : MediumCVSS2 Base : 5.0, AV:N/AC:L/Au:N/C:N/I:N/A:P Bug...
正方教务管理系统web端补考成绩录入漏洞
简要描述: web端成绩录入可绕过密码验证录入补考成绩。 详细说明: 此漏洞与 WooYun: 正方教务管理系统web端成绩录入漏洞 类似。 web端在进行成绩录入时可以通过直接将动态页面从jscjmm.aspx修改为xfjsbkcjlr.aspx进行绕过,只要具有教师的登录权限,不需要验证成绩录入密码即可直接进入成绩的录入和提交页面。 我写了一个脚本用于测试我所在学校的教师账户,发现有几百个教师账户仍旧使用默认账户密码,如果通过此漏洞将造成巨大影响,我也准备将所收集的资料上报校方处理。 漏洞证明: 此漏洞与 WooYun: 正方教务管理系统web端成绩录入漏洞 类似,就不再截图证明了。...