299 matches found
Oracle Linux 3 : vsftpd (ELSA-2008-0579)
From Red Hat Security Advisory 2008:0579 : An updated vsftpd package that fixes a security issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. vsftpd Very Secure File Transfer Protocol FTP daemon is a secure FTP server for...
CVE-2013-1193
The Secure Shell SSH implementation on Cisco Adaptive Security Appliances ASA devices, and in Cisco Firewall Services Module FWSM, does not properly terminate sessions, which allows remote attackers to cause a denial of service SSH service outage by repeatedly establishing SSH connections, aka Bu...
PGP Universal Server Unauthorized Key Exposure
SUMMARY Symantecs PGP Universal Server, under specific circumstances, may inadvertently expose a PGP clients private key. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- PGP Universal Server | 3.2.x | PGP Universal Server 3.2.1 MP2 ISSUES CVSS2 Base Score | Impact | Exploitability |...
Scientific Linux Security Update : vsftpd on SL3.x i386/x86_64
The version of vsftpd as shipped in Scientific Linux 3 when used in combination with Pluggable Authentication Modules PAM had a memory leak on an invalid authentication attempt. Since vsftpd prior to version 2.0.5 allows any number of invalid attempts on the same connection this memory leak could...
CVE-2011-2740
EMC RSA Key Manager RKM Appliance 2.7 SP1 before 2.7.1.6, when Firefox 4.x or 5.0 is used, does not properly terminate a user session upon a logout action, which makes it easier for remote attackers to execute arbitrary code by leveraging an unattended workstation...
Design/Logic Flaw
EMC RSA Key Manager RKM Appliance 2.7 SP1 before 2.7.1.6, when Firefox 4.x or 5.0 is used, does not properly terminate a user session upon a logout action, which makes it easier for remote attackers to execute arbitrary code by leveraging an unattended workstation...
CVE-2011-2740
CVE-2011-2740 affects EMC RSA Key Manager Appliance 2.7 SP1 prior to 2.7.1.6. When using Firefox 4.x or 5.0, it does not properly terminate a user session on logout, enabling potential remote code execution via an unattended workstation. The NVD lists a high CVSSv2 base score (9.3) with network a...
RSA Key Manager Appliance session termination vulnerabilty
Session may be not properly terminated after logout...
CVE-2009-2150
Multiple cross-site request forgery CSRF vulnerabilities in Campus Virtual-LMS allow 1 remote attackers to hijack the authentication of arbitrary users for requests that terminate a session via login/logout.php, and might allow remote attackers to hijack the authentication of certain users via a ...
Design/Logic Flaw
The disconnection feature in Citrix Web Interface 5.0 and 5.0.1 for Java Application Servers does not properly terminate a user's web interface session, which allows attackers with access to the same browser instance to gain access to the user's Web Interface session. NOTE: the attacker must also...
CVE-2008-6830
CVE-2008-6830 affects Citrix Web Interface 5.0 and 5.0.1 for Java Application Servers. The disconnection feature does not properly terminate a user Web Interface session, enabling an attacker with access to the same browser instance and valid credentials to gain access to that user’s Web Interfac...
Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet Advisory ID: cisco-sa-20080924-ssl http://www.cisco.com/warp/public/707/cisco-sa-20080924-ssl.shtml Revision 1.0 For Public Release 2008 September 24 1600 UTC GMT -...
vsftpd security update
CentOS Errata and Security Advisory CESA-2008:0579 An updated vsftpd package that fixes a security issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. vsftpd Very Secure File Transfer Protocol FTP daemon is a secure FTP serv...
Moderate: Red Hat Security Advisory: vsftpd security and bug fix update
An updated vsftpd package that fixes a security issue and various bugs is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. vsftpd Very Secure File Transfer Protocol FTP daemon is a secure FTP server for Linux and Unix-like systems...
security flaw
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to...
CVE-2004-2069
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to...
DEBIAN-CVE-2004-2069
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to...
PT-2004-2965 · Openbsd +2 · Openssh +2
Name of the Vulnerable Software and Affected Versions: OpenSSH versions 3.6.1p2 and 3.7.1p2 Description: The issue occurs in the sshd.c component of OpenSSH when using privilege separation. It does not properly signal the non-privileged process when a session has been terminated after exceeding t...
Re: A funny way to DOS pcANYWHERE8.0 and 9.0
I also found on PCAnywhere version 8.0, if you accidently terminate a session e.g. unplug your network cable from your PC, get dropped from a dialup network connection, etc. that you hang up web, ftp, telnet, indexing, PCAnywhere and several other services on the host PC. The easiest way to recov...