10 matches found
EUVD-2006-2433
Malware in sbrugna...
EUVD-2015-0159
Malware in sbrugna...
EUVD-2011-1327
Malware in sbrugna...
Security Bulletin: The IBM® Engineering Lifecycle Management products recommendation for IBM WebSphere Application Server Liberty vulnerability to Identity Spoofing (CVE-2022-22475)
Summary On applications on IBM WebSphere Application Server Liberty, an authenticated user could use a brute force attack to extract an encryption key from LTPA token and through a series of involved steps could conduct an attack whereby they replace their user name with that of another user in t...
IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 01 - March 2011
The host is running IBM WebSphere Application Server and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbibmwasmultvulnmar1101.nasl 7044 2017-09-01 11:50:59Z teissa $ IBM WebSphere Application Server WAS Multiple Vulnerabilities 01 - March 2011 Authors: Sooraj KS Copyright...
CVE-2011-1319
The Security component in IBM WebSphere Application Server WAS 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15 allows remote authenticated users to cause a denial of service memory consumption by using a Lightweight Third-Party Authentication LTPA token for authentication...
CVE-2011-1319
The Security component in IBM WebSphere Application Server WAS 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15 allows remote authenticated users to cause a denial of service memory consumption by using a Lightweight Third-Party Authentication LTPA token for authentication...
CVE-2006-2432
IBM WebSphere Application Server 5.0.2 or any earlier cumulative fix and 5.1.1 or any earlier cumulative fix allows EJB access on Solaris systems via a crafted LTPA token...
Code injection
IBM WebSphere Application Server 5.0.2 or any earlier cumulative fix and 5.1.1 or any earlier cumulative fix allows EJB access on Solaris systems via a crafted LTPA token...
CVE-2006-2432
CVE-2006-2432 affects IBM WebSphere Application Server 5.0.2 (and earlier cumulative fixes) and 5.1.1 (and earlier cumulative fixes); on Solaris, a crafted LTPA token enables EJB access. The NVD entry assigns a CVSSv2 base score of 7.5 (HIGH) with network attack vector, low attack complexity, and...