Design/Logic Flaw

Luci in Red Hat Conga does not properly enforce the user session timeout, which might allow attackers to gain access to the session by reading the ac session cookie. NOTE: this issue has been SPLIT due to different vulnerability types. Use CVE-2012-3359 for the base64-encoded storage of the user...

IBM Sametime Connect日志信息泄漏漏洞

Bugtraq ID:65937 CVE ID:CVE-2014-0890 IBM Sametime提供了一套整合的企业级即时通讯软件,能够更轻松地查找和联系同事、客户和业务合作伙伴,并展开协作,极大地提高员工实时沟通的能力。 如果用户设置日志标记至高级别，使用Audio/Video聊天时，应用会把用户密码以明文方式或编码的方式存储，允许攻击者利用漏洞获取敏感信息。 0 IBM Sametime Connect 8.5.1 IBM Sametime Connect 8.5.1.1 IBM Sametime Connect 8.5.1.2 IBM Sametime Connect 8.5....