MiracleLinux 4 : krb5-1.9-22.AXS4.1 (AXSA:2012-29:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-29:01 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of...

Nextcloud: Memcached used as RateLimiter backend is no-op

A vulnerability was discovered where the Memcached cache was used as the backend for rate limiting. This resulted in cache entries being wiped and rate limit attempts and bruteforce protection being bypassed...

SUSE CVE-2015-3982

The session.flush function in the cacheddb backend in Django 1.8.x before 1.8.2 does not properly flush the session, which allows remote attackers to hijack user sessions via an empty string in the session key...

PT-2015-6370 · Django Software Foundation · Django

Name of the Vulnerable Software and Affected Versions: Django versions 1.8.0 through 1.8.1 Description: The issue is related to the session.flush function in the cached db backend, which does not properly flush the session. This allows remote attackers to hijack user sessions via an empty string ...

Fedora 12 : php-pear-CAS-1.1.3-1.fc12 (2010-15970)

This release contains 3 security fixes for vulnerabilities in the proxy callback mechanism. These vulnerabilities only affect phpCAS clients that are running in proxy mode. The release is fully compatible with all versions 1.1.x versions. The changes are : Security Issue - CVE-2010-3690 phpCAS: X...

Fedora 13 : php-pear-CAS-1.1.3-1.fc13 (2010-15943)

This release contains 3 security fixes for vulnerabilities in the proxy callback mechanism. These vulnerabilities only affect phpCAS clients that are running in proxy mode. The release is fully compatible with all versions 1.1.x versions. The changes are : Security Issue - CVE-2010-3690 phpCAS: X...