PT-2026-42374

DevGuard has an unauthenticated identity assertion via X-Admin-Token header in github.com/l3montree-dev/devguard...

EUVD-2009-0510

Malware in sbrugna...

FAS raises error "Server [*****$] is not authorized to assert identities using rule

After clicking the icon, the APP launch fails with following event log on FAS server Log Name: Application Source: Citrix.Authentication.FederatedAuthenticationService Date: 7/12/1999 10:10:04 AM Event ID: 101 Task Category: None Level: Warning Keywords: Classic User: N/A Computer: FASTEST.fasS.c...

FAS not working - FAS Event 104 on VDA

FAS not working, event 104 generated on VDA: S104 Identity Assertion Logon failed. Failed to connect to Federated Authentication Service: UserCredentialService Address: fas.domainIndex: 0 Error: The caller was not authenticated by the service. Server stack trace: at...

SUSE CVE-2009-2085

The Security component in IBM WebSphere Application Server WAS 6.1 before 6.1.0.25 and 7.0 before 7.0.0.5 does not properly handle use of Identity Assertion with CSIv2 Security, which allows remote attackers to bypass intended CSIv2 access restrictions via vectors involving Enterprise JavaBeans E...

Error: Identity Assertion Logon failed Unrecognized Federated Authentication Service

Citrix FAS configured for authentication. Published Desktop or Published Application fails to launch with error: "Identity Assertion Logon failed. Unrecognized Federated Authentication Service"...

FAS | Users unable to launch published application/ Desktop

Users are unable to launch published applications from a FAS enabled store. When trying to launch a published application, the receiver windows displays the message - "negotiating connection parameters" and then disappears without launching the application. Error Message in the Event Viewer...

CVE-2009-2085

The Security component in IBM WebSphere Application Server WAS 6.1 before 6.1.0.25 and 7.0 before 7.0.0.5 does not properly handle use of Identity Assertion with CSIv2 Security, which allows remote attackers to bypass intended CSIv2 access restrictions via vectors involving Enterprise JavaBeans E...

CVE-2009-2085

CVE-2009-2085 affects IBM WebSphere Application Server 6.1 (before 6.1.0.25) and 7.0 (before 7.0.0.5). The vulnerability arises from improper handling of Identity Assertion when CSIv2 Security is used, allowing remote attackers to bypass intended CSIv2 access restrictions via vectors involving En...

IBM WebSphere Application Server < 6.1.0.25 Multiple Vulnerabilities

IBM WebSphere Application Server 6.1 before Fix Pack 25 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - Non-standard HTTP methods are allowed. PK73246 - An error in Single Sign-on SSO with SPNEGO implementation could allow a remote...

CVE-2009-0506

Unspecified vulnerability in IBM WebSphere Application Server WAS 5.1 and 6.0.2 before 6.0.2.33 on z/OS, when CSIv2 Identity Assertion is enabled and Enterprise JavaBeans EJB interaction occurs between a WAS 6.1 instance and a WAS pre-6.1 instance, allows local users to have an unknown impact via...

CVE-2009-0506

CVE-2009-0506 affects IBM WebSphere Application Server 5.1 and 6.0.2 before 6.0.2.33 on z/OS when CSIv2 Identity Assertion is enabled and EJB interaction occurs between a WAS 6.1 instance and a pre-6.1 instance. The vulnerability allows local users to cause an unknown impact via two vectors: (1) ...

CVE-2009-0506

Unspecified vulnerability in IBM WebSphere Application Server WAS 5.1 and 6.0.2 before 6.0.2.33 on z/OS, when CSIv2 Identity Assertion is enabled and Enterprise JavaBeans EJB interaction occurs between a WAS 6.1 instance and a WAS pre-6.1 instance, allows local users to have an unknown impact via...