45 matches found
CVE-2015-3026
Icecast before 2.4.2, when a streamauth handler is defined for URL authentication, allows remote attackers to cause a denial of service NULL pointer dereference and crash via a request without login credentials, as demonstrated by a request to "admin/killsource?mount=/test.ogg."...
Design/Logic Flaw
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to spoof the address bar via vectors involving authentication information in...
SA-CONTRIB-2012-091 - Token Authentication - Access bypass
The Token Authentication module provides a token for use in the URL to authenticate users to a site. Under certain uncommon situations, the module may not revert a user's session properly. Depending on how tokenauth is used, this could result in subsequent requests being performed as a user with...
For the new network domain name Management System Security reviews-exploits warning-the black bar safety net
It is well known, the new network users in China domain name registration industry, the proportion of the column is still very large. But I found a new web domain system, there exists a safety hazard. One day I From the agent the domain Control Panel login to the new network there, accidentally...
Fedora Core 3 : curl-7.12.3-6.fc3 (2005-1136)
This package fixes a security buffer overflow bug in URL authentication code of curl CVE-2005-4077, previous patch did not fix this problem completely. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempte...