Lucene search
+L

10 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:48 p.m.7 views

CVE-2020-11729

An issue was discovered in DAViCal Andrew's Web Libraries AWL through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be successful...

9.8CVSS6.6AI score0.01879EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2020/04/22 12:0 a.m.24 views

Debian DSA-4660-1 : awl - security update

Andrew Bartlett discovered that awl, DAViCal Andrew's Web Libraries, did not properly handle session management: this would allow a malicious user to impersonate other sessions or users. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

9.8CVSS8AI score0.01879EPSS
Exploits1References7
Debian
Debian
added 2020/04/21 11:43 a.m.92 views

[SECURITY] [DSA 4660-1] awl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4660-1 [email protected] https://www.debian.org/security/ Sebastien Delafond April 21, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.2AI score0.01879EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/04/20 12:0 a.m.31 views

Debian DLA-2178-1 : awl security update

Following CVEs were reported against the awl source package : CVE-2020-11728 An issue was discovered in DAViCal Andrew's Web Libraries AWL through 0.60. Session management does not use a sufficiently hard-to-guess session key. Anyone who can guess the microsecond time and the incrementing session...

9.8CVSS8AI score0.01879EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2020/04/18 12:0 a.m.21 views

Debian: Security Advisory (DLA-2178-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.01879EPSS
Exploits1References3
Debian
Debian
added 2020/04/17 11:48 p.m.92 views

[SECURITY] [DLA 2178-1] awl security update

Package : awl Version : 0.55-1+deb8u1 CVE ID : CVE-2020-11728 CVE-2020-11729 Debian Bug : 956650 Following CVEs were reported against the awl source package: CVE-2020-11728 An issue was discovered in DAViCal Andrews Web Libraries AWL through 0.60. Session management does not use a sufficiently...

9.8CVSS9AI score0.01879EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2020/04/15 4:15 p.m.21 views

CVE-2020-11729

An issue was discovered in DAViCal Andrew's Web Libraries AWL through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be successful...

9.8CVSS7.2AI score0.01879EPSS
Exploits1References3
OSV
OSV
added 2020/04/15 4:15 p.m.2 views

UBUNTU-CVE-2020-11729

An issue was discovered in DAViCal Andrew's Web Libraries AWL through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be successful...

9.8CVSS7.2AI score0.01879EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2020/04/15 3:37 p.m.22 views

CVE-2020-11729

An issue was discovered in DAViCal Andrew's Web Libraries AWL through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be successful...

9.8CVSS8.5AI score0.01879EPSS
Exploits1
CVE
CVE
added 2020/04/15 3:37 p.m.79 views

CVE-2020-11729

CVE-2020-11729 affects DAViCal Andrew's Web Libraries (AWL) up to version 0.60. Long-term session cookies are not generated securely, enabling a brute-force-style session hijack. Debian/DLA-2178-1 fixes these issues by updating awl to 0.60-1+deb10u1 (and earlier 0.57-1+deb9u1). If deploying AWL, ...

9.8CVSS9.1AI score0.01879EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder