69 matches found
PT-2009-4796 · Iomega · Iomega Storcenter Pro
Name of the Vulnerable Software and Affected Versions: Iomega StorCenter Pro affected versions not specified Description: The issue allows remote attackers to hijack active sessions and gain privileges via brute force guessing attacks on the session id parameter in the "cgi-bin/makecgi-pro"...
Predictable session ID vulnerability in Serene Bach
Overview Serene Bach from SerendipityNZ Limited contains a vulnerability in which it generates predictable session ID's. Serene Bach from SerendipityNZ Limited is a weblog management system. Serene Bach contains a vulnerability in which it generates predictable session ID's. Impact A remote...
CVE-2009-1629
ajaxterm.js in AjaxTerm 0.10 and earlier generates session IDs with predictable random numbers based on certain JavaScript functions, which makes it easier for remote attackers to 1 hijack a session or 2 cause a denial of service session ID exhaustion via a brute-force attack...
CVE-2009-1629
Removed by vendor...
CVE-2004-0944
The web management interface for Mitel 3300 Integrated Communications Platform ICP before 4.2.2.11 generates easily predictable web session IDs, which allows remote attackers to hijack other sessions via the parentsessionid cookie...
CVE-2004-0944
The web management interface for Mitel 3300 Integrated Communications Platform ICP before 4.2.2.11 generates easily predictable web session IDs, which allows remote attackers to hijack other sessions via the parentsessionid cookie...
CVE-2003-0945
CVE-2003-0945 affects SAP DB Web-tools Web Database Manager prior to 7.4.03.30. The vulnerability stems from generating predictable session IDs in the Web Database Manager, with IDs placed in the URL, enabling remote attackers to perform unauthorized activities. The issue is addressed by SAP with...
CVE-2003-0945
The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities...
CVE-2001-1284
Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users...