Lucene search
K

69 matches found

Positive Technologies
Positive Technologies
added 2009/07/08 12:0 a.m.8 views

PT-2009-4796 · Iomega · Iomega Storcenter Pro

Name of the Vulnerable Software and Affected Versions: Iomega StorCenter Pro affected versions not specified Description: The issue allows remote attackers to hijack active sessions and gain privileges via brute force guessing attacks on the session id parameter in the "cgi-bin/makecgi-pro"...

9.8CVSS9.3AI score0.23195EPSS
Exploits3References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/06/18 8:53 a.m.3 views

Predictable session ID vulnerability in Serene Bach

Overview Serene Bach from SerendipityNZ Limited contains a vulnerability in which it generates predictable session ID's. Serene Bach from SerendipityNZ Limited is a weblog management system. Serene Bach contains a vulnerability in which it generates predictable session ID's. Impact A remote...

7.5CVSS6.5AI score0.01402EPSS
Exploits0References8
OSV
OSV
added 2009/05/14 5:30 p.m.5 views

CVE-2009-1629

ajaxterm.js in AjaxTerm 0.10 and earlier generates session IDs with predictable random numbers based on certain JavaScript functions, which makes it easier for remote attackers to 1 hijack a session or 2 cause a denial of service session ID exhaustion via a brute-force attack...

6.3AI score
Exploits0References7
Debian CVE
Debian CVE
added 2009/05/14 5:0 p.m.21 views

CVE-2009-1629

Removed by vendor...

6.8CVSS6.7AI score0.02325EPSS
Exploits1
Cvelist
Cvelist
added 2005/02/28 5:0 a.m.15 views

CVE-2004-0944

The web management interface for Mitel 3300 Integrated Communications Platform ICP before 4.2.2.11 generates easily predictable web session IDs, which allows remote attackers to hijack other sessions via the parentsessionid cookie...

6.7AI score0.01373EPSS
Exploits0References3
NVD
NVD
added 2004/02/28 5:0 a.m.10 views

CVE-2004-0944

The web management interface for Mitel 3300 Integrated Communications Platform ICP before 4.2.2.11 generates easily predictable web session IDs, which allows remote attackers to hijack other sessions via the parentsessionid cookie...

5CVSS6.7AI score0.01373EPSS
Exploits0References3
CVE
CVE
added 2003/11/21 5:0 a.m.46 views

CVE-2003-0945

CVE-2003-0945 affects SAP DB Web-tools Web Database Manager prior to 7.4.03.30. The vulnerability stems from generating predictable session IDs in the Web Database Manager, with IDs placed in the URL, enabling remote attackers to perform unauthorized activities. The issue is addressed by SAP with...

7.5CVSS6.7AI score0.01457EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2003/11/21 5:0 a.m.22 views

CVE-2003-0945

The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities...

6.7AI score0.01457EPSS
Exploits1References2
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.21 views

CVE-2001-1284

Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users...

6.8AI score0.02238EPSS
Exploits0References3
Rows per page
Query Builder