22 matches found
EUVD-2005-1001
Malware in sbrugna...
EUVD-2001-1435
Malware in sbrugna...
EUVD-2003-1302
Malware in sbrugna...
EUVD-2003-1301
Malware in sbrugna...
CVE-2005-10001
A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redirect. The exploit has been disclosed to the...
CVE-2005-10001
A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redirect. The exploit has been disclosed to the...
CVE-2005-10001 Netegrity SiteMinder Login smpwservicescgi.exe redirect
A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redirect. The exploit has been disclosed to the...
CVE-2005-10001 Netegrity SiteMinder Login smpwservicescgi.exe redirect
A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redirect. The exploit has been disclosed to the...
CVE-2003-1312
CVE-2003-1312 affects siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder, where a session ID is placed in the SMSESSION parameter value within a URL. This could allow an attacker to obtain the session ID via network sniffing, Referer logs, or similar methods. The provided documents describe...
CVE-2003-1311
siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does not ensure that the TARGET parameter names a valid redirection resource, which allows remote attackers to construct a URL that might trick users into visiting an arbitrary web site referenced by this parameter...
CVE-2003-1312
siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder places a session ID string in the value of the SMSESSION parameter in a URL, which might allow remote attackers to obtain the ID by sniffing, reading Referer logs, or other methods...
CVE-2001-1455
Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to bypass filtering via URLs containing Unicode characters...
CVE-2001-1455
CVE-2001-1455 affects Netegrity SiteMinder 3.6–4.5.1. The vulnerability allows remote attackers to bypass filtering by using URLs containing Unicode characters, potentially compromising filtering/ access control. No remediation details are provided in the supplied documents. If exploit informatio...
Netegrity SiteMinder Affiliate Agent buffer overflow
Heap overflow on SMPROFILE cookie parsing...
[VulnWatch] Netegrity SiteMinder Affiliate Agent Cookie Overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Netegrity SiteMinder Affiliate Agent Cookie Overflow Release Date: 04/22/2004 Application: SiteMinder Affiliate Agent 4.x Platform: Solaris, Windows, HP-UX Severity: A remote attacker can...
CVE-2003-1312
siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder places a session ID string in the value of the SMSESSION parameter in a URL, which might allow remote attackers to obtain the ID by sniffing, reading Referer logs, or other methods...
Netegrity SiteMinder does not adequately validate user input thereby allowing user to bypass filters via crafted URL
Overview Netegrity SiteMinder does adequately vaildate HTTP requests containing malicious Unicode encodings. Description Netegrity SiteMinder is a platform for securing multiple web applications through a single point of user authentication. SiteMinder does not properly filter HTTP requests when...
CVE-2001-1455
Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to bypass filtering via URLs containing Unicode characters...
CVE-2000-0850
Netegrity SiteMinder before 4.11 allows remote attackers to bypass its authentication mechanism by appending "$/FILENAME.ext" where ext is .ccc, .class, or .jpg to the requested URL...
CVE-2000-0850
The CVE-2000-0850 entry corresponds to Netegrity SiteMinder prior to version 4.11, where an authentication bypass is possible by appending "$/FILENAME.ext" to the requested URL. The exploit targets the authentication check and can succeed with extensions such as .ccc, .class, or .jpg, effectively...