5075 matches found
LinuxConf Detection
The remote host is running LinuxConf, a web-based administration tool for Linux. It is suggested to not allow anyone to connect to this service. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10135; scriptversion"1.23"; scriptcvsdate"Date: 2019/11/22";...
NNTP Server Detection
The remote host is running a news server NNTP. Make sure that hosting such a server is authorized by your company policy. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10159; scriptversion "1.24"; scriptcvsdate"Date: 2019/11/22"; name"english" = "NNTP Server...
Telnet Service Detection
The Telnet service is running. This service is dangerous in the sense that it is not ciphered - that is, everyone can sniff the data that passes between the telnet client and the telnet server. This includes logins and passwords. C Tenable Network Security, Inc. include"compat.inc"; ifdescription...
DUO-PSA-2021-001: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2021-001 Publication Date: 2021-04-15 Revision Date: 2021-04-15 Status: Confirmed, Fixed Document Revision: 1 Overview Duo Security has fixed an issue that could have allowed an attacker with primary credentials of another user to bypass...
DUO-PSA-2016-002: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2016-002 Publication Date: 2016-12-14 Revision Date: 2016-12-21 Status: Confirmed, Fixed Document Revision: 2 Overview Duo Security has identified an issue in the Duo Authentication Proxy which, under certain uncommon configurations, could enable...
DUO-PSA-2018-002: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2018-002 Publication Date: 2018-05-23 Revision Date: 2018-05-23 Status: Confirmed, Fixed Document Revision: 1 Overview Duo has identified and fixed an issue with the Duo administrative panel. This issue could have allowed for a second-factor bypa...
DUO-PSA-2015-003: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2015-003 Original Publication Date: 2015-08-06 Revision Date: 2015-08-10 Status: Confirmed, Fixed Document Revision: 2 Overview Duo Security has identified an issue which, under certain configurations, could have enabled attackers to bypass...
DUO-PSA-2017-002: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2017-002 Publication Date: 2017-05-31 Revision Date: 2017-05-31 Status: Confirmed, Fixed Document Revision: 1 Overview Duo Security has identified an issue in duounix, which, under certain uncommon configurations, could enable attackers to bypass...
DUO-PSA-2021-001: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2021-001 Publication Date: 2021-04-15 Revision Date: 2021-04-15 Status: Confirmed, Fixed Document Revision: 1 Overview Duo Security has fixed an issue that could have allowed an attacker with primary credentials of another user to bypass...
DUO-PSA-2015-003: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2015-003 Original Publication Date: 2015-08-06 Revision Date: 2015-08-10 Status: Confirmed, Fixed Document Revision: 2 Overview Duo Security has identified an issue which, under certain configurations, could have enabled attackers to bypass...
DUO-PSA-2018-002: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2018-002 Publication Date: 2018-05-23 Revision Date: 2018-05-23 Status: Confirmed, Fixed Document Revision: 1 Overview Duo has identified and fixed an issue with the Duo administrative panel. This issue could have allowed for a second-factor bypa...
DUO-PSA-2016-002: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2016-002 Publication Date: 2016-12-14 Revision Date: 2016-12-21 Status: Confirmed, Fixed Document Revision: 2 Overview Duo Security has identified an issue in the Duo Authentication Proxy which, under certain uncommon configurations, could enable...
CVE-2024-52948
CSRF on 2FA registration...
Vulnerability to bypass two-factor authentication with remember-me option
Bundle version: 4.10.0 Symfony version: 3.4.31 Description Bypass 2fa by rememberme cookie To Reproduce We have a login form with rememberme checkbox functionality, When using the checkbox, symfony creates a cookie "REMEMBERME". That moment we get redirected to the 2fa-auth page. We have no acces...
Add your Outlook.com account in Outlook for Windows
None None...