Lucene search
+L

149 matches found

OpenVAS
OpenVAS
added 2009/06/23 12:0 a.m.20 views

CISCO IDS Manager Detection (HTTP)

Detects if CISCO IDS Manager is running on a given host and port. The IDS Device Manager is a web-based Java application that resides on the sensor and is accessed via a secure, encrypted TLS link using standard Netscape and Internet Explorer web browsers to perform various management and...

6.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2008/07/02 12:48 p.m.4 views

Firefox self signed certificate flaw

Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also...

4CVSS5.9AI score0.0124EPSS
Exploits1References4
Mozilla
Mozilla
added 2008/07/01 12:0 a.m.44 views

Peer-trusted certs can use alt names to spoof — Mozilla

Mozilla developer John G. Myers reported a weakness in the trust model used by Mozilla regarding alternate names on self-signed certificates and those with mismatched names that if accepted could be used to spoof a secure connection to any other site. This problem was independently reported by...

4CVSS2.1AI score0.0124EPSS
Exploits1References2Affected Software3
securityvulns
securityvulns
added 2008/06/23 12:0 a.m.45 views

n.runs-SA-2008.001 - Jscape Secure FTP Applet

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2008.001 23-June-2008 Vendor: Jscape, http://www.jscape.com/ Affected Products: Jscape Secure FTP Applet http://www.jscape.com/sftpapplet/index.html Vulnerability: SSH Host key is not verified allowing for Man in the Middle attacks Ris...

0.1AI score
Exploits0
Fedora
Fedora
added 2008/01/15 10:56 p.m.14 views

[SECURITY] Fedora 8 Update: python-paramiko-1.7.1-3.fc8

Paramiko a combination of the esperanto words for "paranoid" and "friend" is a module for python 2.3 or greater that implements the SSH2 protocol for se cure encrypted and authenticated connections to remote machines. Unlike SSL a ka TLS, the SSH2 protocol does not require heirarchical certificat...

1.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.30 views

Debian DSA-956-1 : lsh-server - filedescriptor leak

Stefan Pfetzing discovered that lshd, a Secure Shell v2 SSH2 protocol server, leaks a couple of file descriptors, related to the randomness generator, to user shells which are started by lshd. A local attacker can truncate the server's seed file, which may prevent the server from starting, and wi...

3.6CVSS5.5AI score0.00362EPSS
Exploits0References3
OSV
OSV
added 2006/01/26 12:0 a.m.24 views

DSA-956-1 lsh-server - filedescriptor leak

Bulletin has no description...

3.6CVSS6.2AI score0.00362EPSS
Exploits0
securityvulns
securityvulns
added 2003/12/18 12:0 a.m.38 views

osCommerce Malformed Session ID XSS Vuln

Vendor : osCommerce URL : http://www.oscommerce.com Version : All Current Versions Risk : Cross Site Scripting Description: osCommerce is an online shop e-commerce solution under on going development by the open source community. Its feature packed out-of-the-box installation allows store owners ...

6.1AI score
Exploits0
securityvulns
securityvulns
added 2000/10/24 12:0 a.m.32 views

Проблемы с Secure Session Id в IIS

При использовании защищенного соединения не генируется Secure Cookie для передачи Session Id, вместо это используется тот же ID что и для незащищенного соединения, что позволяет перехватить защищенное соединение...

0.6AI score
Exploits0References2Affected Software1
Rows per page
Query Builder