EUVD-2002-0011

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2010-2813

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - functions/imapgeneral.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial ...

NetIQ Advanced Authentication Brute Force Vulnerability

NetIQ Advanced Authentication is an application from NetIQ UK. It provides a more secure way to protect your sensitive information by moving away from usernames and passwords. A brute force vulnerability exists in NetIQ Advanced Authentication versions prior to 6.3.5.1, which stems from not...

Design/Logic Flaw

Monstra 3.0.1 and earlier uses a cookie to track how many login attempts have been attempted, which allows remote attackers to conduct brute force login attacks by deleting the loginattempts cookie or setting it to certain values...

CVE-2014-9006

Monstra 3.0.1 and earlier uses a cookie to track how many login attempts have been attempted, which allows remote attackers to conduct brute force login attacks by deleting the loginattempts cookie or setting it to certain values...

Implement user lockout mechanism to stop bruteforce login attacks

Hacker can try as many time he wants to login JIRA. You can build client, which sends username+password combinations as many time as you like. .. and if you have username, it is much easier to get in. ---- Implementation ideas: 1 Lock user after sequential X incorrect logins - X can be set by...

CVE-2002-0011

The CVE refers to Bugzilla, where the doeditvotes.cgi component in versions prior to 2.14.1 has an information leak that could allow remote attackers to more easily conduct attacks on the login. This is a partial confidentiality impact vulnerability (NVD metrics show MEDIUM severity, CVSS v2.0: A...