93 matches found
DHS Warns ICS, SCADA Owners About Increase in Malicious Activity
An alert from the Department of Homeland Security late last week urges private- and public-sector industrial control system ICS owners to be proactive in auditing the security, particularly, authentication controls of their systems. The alert is in response to a growing concern over the number of...
CVE-2007-3945
Rule Set Based Access Control RSBAC before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked...
Authentication flaw
Rule Set Based Access Control RSBAC before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked...
CVE-2007-3945
Rule Set Based Access Control RSBAC before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked...
CVE-2007-0738
The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not display the screen saver authentication dialog in certain circumstances when waking from sleep, even though the "require a password to wake the computer from sleep" option is enabled, which allows local users to bypass authentication...
Authentication flaw
The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not display the screen saver authentication dialog in certain circumstances when waking from sleep, even though the "require a password to wake the computer from sleep" option is enabled, which allows local users to bypass authentication...
CVE-2007-0738
The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not display the screen saver authentication dialog in certain circumstances when waking from sleep, even though the "require a password to wake the computer from sleep" option is enabled, which allows local users to bypass authentication...
CVE-2007-0739
The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the software update window beneath the loginwindow authentication dialog in certain circumstances related to running scheduled tasks, which allows local users to bypass authentication controls...
CVE-2007-1471
admin/default.asp in Orion-Blog 2.0 allows remote attackers to bypass authentication controls and gain privileges via a direct URL request for admin/AdminBlogNewsEdit.asp...
CVE-2006-4502
ezPortal/ztml CMS 1.0 allows remote attackers to bypass authentication controls via a direct request to the "Administration Area" script...
Authentication flaw
profile.php in Reamday Enterprises Magic News Lite 1.2.3, when registerglobals is enabled, allows remote attackers to modify program behavior, potentially bypassing authentication controls, via modified 1 action, 2 passwd, 3 adminpassword, 4 newpasswd, and 5 confirmpasswd variables, which are not...
CVE-2006-0722
CVE-2006-0722 affects Reamday Enterprises’ Magic Downloads 1.1.3. When register_globals is ON, the vulnerable settings.php allows remote attackers to modify program behavior via uninitialized variables (action, passwd, admin_password, new_passwd, confirm_passwd), potentially bypassing authenticat...
CVE-2006-0724
profile.php in Reamday Enterprises Magic News Lite 1.2.3, when registerglobals is enabled, allows remote attackers to modify program behavior, potentially bypassing authentication controls, via modified 1 action, 2 passwd, 3 adminpassword, 4 newpasswd, and 5 confirmpasswd variables, which are not...