133 matches found
PT-2013-58: Insufficient Session Security in Huawei M2000
The specialists of the Positive Research center have detected an Insufficient Session Security vulnerability in Huawei M2000. Access rights storage mechanism is vulnerable to cryptographic attacks. An attacker may calculate the new checksum and obtain elevated privileges via brute force attack. H...
Logout Button / Option Missing for some LDAP user accounts
Instance Details / Description: The logout option to kill sessions is not present for some user accounts i,e, the zzsvat01-05 test accounts. It is believed that this is caused by LDAP user accounts that don't have a first and / or last name present. For these specific rare instances i.e. probably...
Logout Button / Option Missing for some LDAP user accounts
Instance Details / Description: The logout option to kill sessions is not present for some user accounts i,e, the zzsvat01-05 test accounts. It is believed that this is caused by LDAP user accounts that don't have a first and / or last name present. For these specific rare instances i.e. probably...
TLS: MITM attacks via session renegotiation
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...
TLS: MITM attacks via session renegotiation
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...
CVE-2008-0128
Apache Tomcat 5.x before 5.5.21 is affected by CVE-2008-0128: when the SingleSignOn valve is used over HTTPS, the JSESSIONIDSSO cookie is not marked secure, allowing it to be sent over HTTP and potentially captured by an attacker via a crafted HTTP request. This information is supported by multip...
PHPMyInventory 2.8 - global.inc.php Remote File Inclusion
PHPMyInventory 2.8 - global.inc.php Remote File Inclusion phpMyInventory pmi v. 2.8 FOUND BY : o0xxdark0o o0xxdark0oatmsn.com DOWNLOAD : http://sourceforge.net/projects/phpmyinventory/ REMOTE FILE ICLUDE FILE : PATH\Includes\global.inc.php EXPLOIT:...
CVE-2006-1358
Unspecified vulnerability in BEA WebLogic Portal 8.1 up to SP5 causes a JSR-168 Portlet to be retrieved from the cache for the wrong session, which might allow one user to see a Portlet of another user...
Debian DSA-388-1 : kdebase - several vulnerabilities
Two vulnerabilities were discovered in kdebase : - CAN-2003-0690 : KDM in KDE 3.1.3 and earlier does not verify whether the pamsetcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain...
CVE-2004-0701
Sun Ray Server Software SRSS 1.3 and 2.0 for Solaris 2.6, 7 and 8 does not properly detect a smartcard removal when the card is quickly removed, reinserted, and removed again, which could cause a user session to stay logged in and allow local users to gain unauthorized access...
XFree86 X11R6 3.3 XDM - Session Cookie Guessing
XFree86 X11R6 3.3 XDM - Session Cookie Guessing // source: https://www.securityfocus.com/bid/2985/info xdm is the X Display Manager, a component of the XFree86 package. xdm manages the display of X sessions both locally and remotely. An xdm server compiled without WrapHelp.c is vulnerable to a...
CVE-2000-0519
Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities...
CVE-1999-1025
CDE screen lock program screenlock on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string...