Lucene search
K

299 matches found

Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.31 views

Oracle Linux 3 : vsftpd (ELSA-2008-0579)

From Red Hat Security Advisory 2008:0579 : An updated vsftpd package that fixes a security issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. vsftpd Very Secure File Transfer Protocol FTP daemon is a secure FTP server for...

7.1CVSS5.4AI score0.03717EPSS
Exploits2References2
NVD
NVD
added 2013/04/16 2:4 p.m.34 views

CVE-2013-1193

The Secure Shell SSH implementation on Cisco Adaptive Security Appliances ASA devices, and in Cisco Firewall Services Module FWSM, does not properly terminate sessions, which allows remote attackers to cause a denial of service SSH service outage by repeatedly establishing SSH connections, aka Bu...

5CVSS6.6AI score0.01233EPSS
Exploits0References1
Symantec
Symantec
added 2012/08/30 8:0 a.m.32 views

PGP Universal Server Unauthorized Key Exposure

SUMMARY Symantecs PGP Universal Server, under specific circumstances, may inadvertently expose a PGP clients private key. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- PGP Universal Server | 3.2.x | PGP Universal Server 3.2.1 MP2 ISSUES CVSS2 Base Score | Impact | Exploitability |...

2.9CVSS0.00627EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.25 views

Scientific Linux Security Update : vsftpd on SL3.x i386/x86_64

The version of vsftpd as shipped in Scientific Linux 3 when used in combination with Pluggable Authentication Modules PAM had a memory leak on an invalid authentication attempt. Since vsftpd prior to version 2.0.5 allows any number of invalid attempts on the same connection this memory leak could...

7.1CVSS5.5AI score0.03717EPSS
Exploits2References2
NVD
NVD
added 2011/11/09 11:55 p.m.14 views

CVE-2011-2740

EMC RSA Key Manager RKM Appliance 2.7 SP1 before 2.7.1.6, when Firefox 4.x or 5.0 is used, does not properly terminate a user session upon a logout action, which makes it easier for remote attackers to execute arbitrary code by leveraging an unattended workstation...

9.3CVSS7.6AI score0.03396EPSS
Exploits0References3
Prion
Prion
added 2011/11/09 11:55 p.m.12 views

Design/Logic Flaw

EMC RSA Key Manager RKM Appliance 2.7 SP1 before 2.7.1.6, when Firefox 4.x or 5.0 is used, does not properly terminate a user session upon a logout action, which makes it easier for remote attackers to execute arbitrary code by leveraging an unattended workstation...

9.3CVSS8.2AI score0.03396EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2011/11/09 11:0 p.m.45 views

CVE-2011-2740

CVE-2011-2740 affects EMC RSA Key Manager Appliance 2.7 SP1 prior to 2.7.1.6. When using Firefox 4.x or 5.0, it does not properly terminate a user session on logout, enabling potential remote code execution via an unattended workstation. The NVD lists a high CVSSv2 base score (9.3) with network a...

9.3CVSS7.8AI score0.03396EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2011/11/04 12:0 a.m.28 views

RSA Key Manager Appliance session termination vulnerabilty

Session may be not properly terminated after logout...

9.3CVSS4.2AI score0.03396EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2009/06/22 2:0 p.m.20 views

CVE-2009-2150

Multiple cross-site request forgery CSRF vulnerabilities in Campus Virtual-LMS allow 1 remote attackers to hijack the authentication of arbitrary users for requests that terminate a session via login/logout.php, and might allow remote attackers to hijack the authentication of certain users via a ...

7.3AI score0.00891EPSS
Exploits0References1
Prion
Prion
added 2009/06/08 7:30 p.m.16 views

Design/Logic Flaw

The disconnection feature in Citrix Web Interface 5.0 and 5.0.1 for Java Application Servers does not properly terminate a user's web interface session, which allows attackers with access to the same browser instance to gain access to the user's Web Interface session. NOTE: the attacker must also...

4CVSS7.2AI score0.0174EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2009/06/08 7:0 p.m.48 views

CVE-2008-6830

CVE-2008-6830 affects Citrix Web Interface 5.0 and 5.0.1 for Java Application Servers. The disconnection feature does not properly terminate a user Web Interface session, enabling an attacker with access to the same browser instance and valid credentials to gain access to that user’s Web Interfac...

4CVSS6.9AI score0.0174EPSS
Exploits0References7Affected Software1
securityvulns
securityvulns
added 2008/09/29 12:0 a.m.61 views

Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet Advisory ID: cisco-sa-20080924-ssl http://www.cisco.com/warp/public/707/cisco-sa-20080924-ssl.shtml Revision 1.0 For Public Release 2008 September 24 1600 UTC GMT -...

7.8CVSS0.4AI score0.03165EPSS
Exploits1
Cent OS
Cent OS
added 2008/07/24 10:17 p.m.71 views

vsftpd security update

CentOS Errata and Security Advisory CESA-2008:0579 An updated vsftpd package that fixes a security issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. vsftpd Very Secure File Transfer Protocol FTP daemon is a secure FTP serv...

7.1CVSS5.7AI score0.03717EPSS
Exploits2References9
RedHat Linux
RedHat Linux
added 2008/07/24 4:38 p.m.23 views

Moderate: Red Hat Security Advisory: vsftpd security and bug fix update

An updated vsftpd package that fixes a security issue and various bugs is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. vsftpd Very Secure File Transfer Protocol FTP daemon is a secure FTP server for Linux and Unix-like systems...

7.1CVSS5.7AI score0.03717EPSS
Exploits2References10
RedHat Linux
RedHat Linux
added 2005/09/28 2:32 p.m.5 views

security flaw

sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to...

5CVSS7.2AI score0.03366EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2005/05/05 4:0 a.m.37 views

CVE-2004-2069

sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to...

5CVSS6.3AI score0.03366EPSS
Exploits0
OSV
OSV
added 2004/12/31 5:0 a.m.2 views

DEBIAN-CVE-2004-2069

sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to...

5CVSS7.9AI score0.03366EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2004/12/31 12:0 a.m.12 views

PT-2004-2965 · Openbsd +2 · Openssh +2

Name of the Vulnerable Software and Affected Versions: OpenSSH versions 3.6.1p2 and 3.7.1p2 Description: The issue occurs in the sshd.c component of OpenSSH when using privilege separation. It does not properly signal the non-privileged process when a session has been terminated after exceeding t...

10CVSS7.7AI score0.99506EPSS
Exploits207References361
securityvulns
securityvulns
added 2000/04/11 12:0 a.m.28 views

Re: A funny way to DOS pcANYWHERE8.0 and 9.0

I also found on PCAnywhere version 8.0, if you accidently terminate a session e.g. unplug your network cable from your PC, get dropped from a dialup network connection, etc. that you hang up web, ftp, telnet, indexing, PCAnywhere and several other services on the host PC. The easiest way to recov...

0.4AI score
Exploits0
Rows per page
Query Builder