Cisco Linksys WRT310N 2.0.00 Denial Of Service

Summary -------------------- Software : Cisco/Linksys Router OS Hardware : WRT310N v2 others currently untested Version : 2.0.00 others currently untested Website : http://www.linksys.com Issue : Remote Denial of Service Severity : High Researcher: Carl Benedict theinfinitenigma Product Descripti...

External image sources can trigger a basic authentication dialogue

When an external resourcee.g. http://foo.com/image.jpeg is used as the source of an image tag, if the external resource returns a 401 response code and sets a WWW-Authenticate header then the browsers standard 'Basic authentication' dialogue will pop up within on the confluence page. While this i...

External image sources can trigger a basic authentication dialogue

When an external resourcee.g. http://foo.com/image.jpeg is used as the source of an image tag, if the external resource returns a 401 response code and sets a WWW-Authenticate header then the browsers standard 'Basic authentication' dialogue will pop up within on the confluence page. While this i...

External image sources can trigger a basic authentication dialogue

When an external resourcee.g. http://foo.com/image.jpeg is used as the source of an image tag, if the external resource returns a 401 response code and sets a WWW-Authenticate header then the browsers standard 'Basic authentication' dialogue will pop up within on the confluence page. While this i...

CVE-2013-0922

Google Chrome before 26.0.1410.43 does not properly restrict brute-force access attempts against web sites that require HTTP Basic Authentication, which has unspecified impact and attack vectors...

CVE-2013-0922

Google Chrome before 26.0.1410.43 does not properly restrict brute-force access attempts against web sites that require HTTP Basic Authentication, which has unspecified impact and attack vectors...

Design/Logic Flaw

Google Chrome before 26.0.1410.43 does not properly restrict brute-force access attempts against web sites that require HTTP Basic Authentication, which has unspecified impact and attack vectors...

CVE-2013-0922

CVE-2013-0922 affects Google Chrome (pre-26.0.1410.43) and describes insufficient restriction of brute-force attempts against sites using HTTP Basic Authentication. The connected OpenVAS/Gentoo entries confirm this CVE and point to remediation via upgrading Chromium/Chrome to newer versions (Gent...

CVE-2013-0922

Google Chrome before 26.0.1410.43 does not properly restrict brute-force access attempts against web sites that require HTTP Basic Authentication, which has unspecified impact and attack vectors...

CVE-2013-0922

Removed by vendor...

Google Chrome < 26.0.1410.43 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 26.0.1410.43 and is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to 'Web Audio' and the extension bookmarks API. CVE-2013-0916, CVE-2013-0920 - An out-of-bounds read...

CVE-2012-5952

IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, and 8.0 before 8.0.0.2 does not validate Basic Authentication credentials before proceeding to WS-Addressing and WS-Security operations, which allows remote attackers to trigger transmission of unauthenticated messages via...

IBM Lotus Domino 8.5.3 XSS / CSRF / Redirection

Hello list! These are Cross-Site Request Forgery, Cross-Site Scripting and Redirector vulnerabilities in IBM Lotus Domino. At 30th of November IBM released the advisory concerning these vulnerabilities. CVE ID: CVE-2012-4842, CVE-2012-4844. SecurityVulns ID: 12789. IBM Security Bulletin for Open...

Google Chrome Silent HTTP Authentication

Exploit for multiple platform in category dos / poc VULNERABILITY DETAILS The latest version of Google Chrome Tested on Version 24.0.1312.57 fails to properly recognize HTTP Basic Authentication when injected in various HTML tags. As a result of this behavior Chrome will not alert the user when...

Google Chrome - Silent HTTP Authentication

Exploit Title: Google Chrome Silent HTTP Authentication Date: 2-5-2013 Exploit Author: T355 Vendor Homepage: http://www.google.com/chrome Version: 24.0.1312.57 Tested on: Tested on: Windows 7 & Mac OSX Mountain Lion CVE : n/a VULNERABILITY DETAILS The latest version of Google Chrome Tested on...

Not being able to create webhooks with basic authentication.

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-31953. panel Using the procedures to use basic auth described on https://extranet.atlassian.com/display/SUPPORT/Webhooks+readiness+for+JIRA+5...

Not being able to create webhooks with basic authentication.

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-31953. panel Using the procedures to use basic auth described on...

Not being able to create webhooks with basic authentication.

Using the procedures to use basic auth described on https://extranet.atlassian.com/display/SUPPORT/Webhooks+readiness+for+JIRA+5.2 we are getting a "Invalid URL" message. !https://jira.atlassian.com/secure/attachment/85015/webhookserror.png! workaround For Atlassian applications, the REST plugin ...

CVE-2012-3310

TFIM (IBM Tivoli Federated Identity Manager) is affected in versions 6.1.1.14, 6.2.0.12, and 6.2.1.4 (pre-6.2.2). The vulnerability arises when a logging configuration set to all enables trace logging that exposes sensitive credentials in log files: (1) LDAP bind password, (2) keystore passwords,...

PT-2012-1253 · Mendix · Mendix Runtime

Name of the Vulnerable Software and Affected Versions: Mendix Runtime V8 versions Mendix Runtime V9 versions prior to V9.24.29 Mendix Runtime V10 versions prior to V10.16.0 Mendix Runtime V10.6 versions prior to V10.6.15 Mendix Runtime V10.12 versions prior to V10.12.7 Description: A race conditi...