EUVD-2019-7236

Malware in sbrugna...

EUVD-2010-2282

Malware in sbrugna...

EUVD-2019-16122

Malware in sbrugna...

CVE-2010-2270

Accoria Web Server aka Rock Web Server 1.4.7 uses a predictable httpmod-sessionid cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie...

Moxa IKS, EDS Predictable From Observable State (CVE-2019-6563)

Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Authentication flaw

An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Authentication Information used in a cookie is predictable and can lead to admin password compromise when captured on the network...

CVE-2019-6563

CVE-2019-6563 affects Moxa IKS and EDS industrial switches. The issue is a predictable cookie generated with an MD5 hash, which can enable an attacker to capture the administrator’s password and potentially achieve full device compromise. Affected products include IKS-G6824A (v5.6 and prior), EDS...

CVE-2019-6563

Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the device...

Default credentials

Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the device...

CVE-2019-6563

Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the device...

SUSE-SU-2018:0337-1 Security update for libICE

This update for libICE fixes the following issues: - CVE-2017-2626: Creation of the ICE auth session cookies used insufficient randomness, making these cookies predictable. A more random generation method has been implemented. boo1025068...

Insecure Cookies

atlas-webapp is vulnerable to insecure cookies. The library uses a predictable cookie name in the webapp. This can allow a malicious user to access sensitive data contained in the cookies...

Code injection

Accoria Web Server aka Rock Web Server 1.4.7 uses a predictable httpmod-sessionid cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie...

Novell eDirectory 8.8.5 - DHost Weak Session Cookie Session Hijacking (Metasploit)

source: https://www.securityfocus.com/bid/38782/info Novell eDirectory is prone to a session-hijacking vulnerability. An attacker can exploit this issue to gain access to the affected application. Novell eDirectory 8.8.5 is vulnerable; other versions may also be affected. $Id:...

CVE-2009-4655

CVE-2009-4655 affects Novell eDirectory 8.8.5 DHOST web service, which uses a predictable session cookie that can enable session hijacking by a remote attacker. The PacketStorm/MSF and Nessus/OpenVAS entries corroborate a cookie-based hijack vector tied to DHost. Evidence notes the vulnerability ...

Novell BorderManager ISAKMP weak cryptography

Predictable cookie generation allows DoS and replay attacks...

[SA22699] Novell BorderManager ISAKMP Predictable Cookie Security Issue

TITLE: Novell BorderManager ISAKMP Predictable Cookie Security Issue SECUNIA ADVISORY ID: SA22699 VERIFY ADVISORY: http://secunia.com/advisories/22699/ CRITICAL: Less critical IMPACT: Security Bypass, DoS WHERE: From remote SOFTWARE: Novell BorderManager 3.x http://secunia.com/product/378/...