EUVD-2013-4130

Malware in sbrugna...

EUVD-2011-1328

Malware in sbrugna...

CVE-2011-1321

The AuthCache purge implementation in the Security component in IBM WebSphere Application Server WAS 6.1.0.x before 6.1.0.37 and 7.x before 7.0.0.15 does not purge a user from the PlatformCredential cache, which might allow remote authenticated users to gain privileges by leveraging a group...

CVE-2011-1320

The Security component in IBM WebSphere Application Server WAS 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15, when the Tivoli Integrated Portal / embedded WebSphere Application Server TIP/eWAS framework is used, does not properly delete AuthCache entries upon a logout, which might allow remote...

Unspecified Vulnerability in Drupal Authenticated User Page Caching

Drupal is the Drupal community of a set of open source content management system developed using the PHP language . Authenticated User Page Caching Authcache is one of the modules used to provide page caching for authenticated users . A security vulnerability in the Authenticated User Page Cachin...

CVE-2013-4226

The Authenticated User Page Caching Authcache module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to cached pages, which allows remote attackers with the same role-combination as the superuser to obtain sensitive information via the cached pages of the superuser...

CVE-2013-4226

The CVE-2013-4226 entry concerns the Drupal Authenticated User Page Caching (authcache) module. Affected component: authcache 7.x-1.x prior to 7.x-1.5. Root cause: the module does not properly restrict access to cached pages, enabling remote attackers with the same role-combination as the superus...

CVE-2013-4226

The Authenticated User Page Caching Authcache module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to cached pages, which allows remote attackers with the same role-combination as the superuser to obtain sensitive information via the cached pages of the superuser...

SA-CONTRIB-2013-063 - Authenticated User Page Caching (Authcache) - Information Disclosure

This module enables page caching for authenticated users. A separate version of each cacheable page is stored for each group of users with the same combination of roles. Users having the exact same role-combination like the superuser uid=1 might access cached pages generated with the superuser...

IBM WebSphere Application Server 6.1 < 6.1.0.37 Multiple Vulnerabilities

IBM WebSphere Application Server 6.1 before Fix Pack 37 appears to be running on the remote host. As such, it is potentially affected by the following vulnerabilities : - It is possible to trigger a DoS condition via SAAJ API provided by the WebSphere Web services runtime. PM19534 - An unspecifie...

IBM WebSphere Application Server 6.1.x < 6.1.0.37, 7.x < 7.0.0.15 Multiple Vulnerabilities

IBM WebSphere Application Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2011-1320

The Security component in IBM WebSphere Application Server WAS 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15, when the Tivoli Integrated Portal / embedded WebSphere Application Server TIP/eWAS framework is used, does not properly delete AuthCache entries upon a logout, which might allow remote...

CVE-2011-1321

The AuthCache purge implementation in the Security component in IBM WebSphere Application Server WAS 6.1.0.x before 6.1.0.37 and 7.x before 7.0.0.15 does not purge a user from the PlatformCredential cache, which might allow remote authenticated users to gain privileges by leveraging a group...

Code injection

The AuthCache purge implementation in the Security component in IBM WebSphere Application Server WAS 6.1.0.x before 6.1.0.37 and 7.x before 7.0.0.15 does not purge a user from the PlatformCredential cache, which might allow remote authenticated users to gain privileges by leveraging a group...

Design/Logic Flaw

The Security component in IBM WebSphere Application Server WAS 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15, when the Tivoli Integrated Portal / embedded WebSphere Application Server TIP/eWAS framework is used, does not properly delete AuthCache entries upon a logout, which might allow remote...

CVE-2011-1320

CVE-2011-1320 concerns IBM WebSphere Application Server (WAS) with the TIP/eWAS framework where, on logout, AuthCache entries are not properly deleted for WAS 6.1.0.x (before 6.1.0.35) and WAS 7.x (before 7.0.0.15). This may allow a remote attacker to access the server by exploiting an unattended...

CVE-2011-1320

The Security component in IBM WebSphere Application Server WAS 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15, when the Tivoli Integrated Portal / embedded WebSphere Application Server TIP/eWAS framework is used, does not properly delete AuthCache entries upon a logout, which might allow remote...

CVE-2011-1321

The AuthCache purge implementation in the Security component in IBM WebSphere Application Server WAS 6.1.0.x before 6.1.0.37 and 7.x before 7.0.0.15 does not purge a user from the PlatformCredential cache, which might allow remote authenticated users to gain privileges by leveraging a group...

CVE-2011-1321

The CVE concerns IBM WebSphere Application Server (WAS) where the AuthCache purge in the Security component fails to purge a user from the PlatformCredential cache. Affected products/versions are WAS 6.1.0.x before 6.1.0.37 and 7.x before 7.0.0.15. Root cause: the purge does not remove the user f...