10 matches found
CVE-2020-11729
An issue was discovered in DAViCal Andrew's Web Libraries AWL through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be successful...
Debian DSA-4660-1 : awl - security update
Andrew Bartlett discovered that awl, DAViCal Andrew's Web Libraries, did not properly handle session management: this would allow a malicious user to impersonate other sessions or users. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
[SECURITY] [DSA 4660-1] awl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4660-1 [email protected] https://www.debian.org/security/ Sebastien Delafond April 21, 2020 https://www.debian.org/security/faq -...
Debian DLA-2178-1 : awl security update
Following CVEs were reported against the awl source package : CVE-2020-11728 An issue was discovered in DAViCal Andrew's Web Libraries AWL through 0.60. Session management does not use a sufficiently hard-to-guess session key. Anyone who can guess the microsecond time and the incrementing session...
Debian: Security Advisory (DLA-2178-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2178-1] awl security update
Package : awl Version : 0.55-1+deb8u1 CVE ID : CVE-2020-11728 CVE-2020-11729 Debian Bug : 956650 Following CVEs were reported against the awl source package: CVE-2020-11728 An issue was discovered in DAViCal Andrews Web Libraries AWL through 0.60. Session management does not use a sufficiently...
CVE-2020-11729
An issue was discovered in DAViCal Andrew's Web Libraries AWL through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be successful...
UBUNTU-CVE-2020-11729
An issue was discovered in DAViCal Andrew's Web Libraries AWL through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be successful...
CVE-2020-11729
An issue was discovered in DAViCal Andrew's Web Libraries AWL through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be successful...
CVE-2020-11729
CVE-2020-11729 affects DAViCal Andrew's Web Libraries (AWL) up to version 0.60. Long-term session cookies are not generated securely, enabling a brute-force-style session hijack. Debian/DLA-2178-1 fixes these issues by updating awl to 0.60-1+deb10u1 (and earlier 0.57-1+deb9u1). If deploying AWL, ...