Code injection

CA 2E Web Option r8.1.2 accepts a predictable substring of a W2ESSNID session token in place of the entire token, which allows remote attackers to hijack sessions by changing characters at the end of this substring, as demonstrated by terminating a session via a modified SSNID parameter to...

CA 2E Web Option 8.1.2 Privilege Escalation / Denial Of Service

This is a multi-part message in MIME format. ------=NextPart00101CF280B.6C29886A Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Vulnerability title: Unauthenticated Privilege Escalation in CA 2E Web Option CVE: CVE-2014-1219 Vendor: CA Product: 2E Web...

CA 2E Web Option 8.1.2 - Authentication Bypass

CA 2E Web Option 8.1.2 - Authentication Bypass Vulnerability title: Unauthenticated Privilege Escalation in CA 2E Web Option CVE: CVE-2014-1219 Vendor: CA Product: 2E Web Option Affected version: 8.1.2 Fixed version: N/A Reported by: Mike Emery Details: CA 2E Web Option r8.1.2 and potentially...

CA 2E Web Option 8.1.2 - Authentication Bypass

Vulnerability title: Unauthenticated Privilege Escalation in CA 2E Web Option CVE: CVE-2014-1219 Vendor: CA Product: 2E Web Option Affected version: 8.1.2 Fixed version: N/A Reported by: Mike Emery Details: CA 2E Web Option r8.1.2 and potentially others, is vulnerable to unauthenticated privilege...

CA 2E Web Option 8.1.2 - Authentication Bypass Vulnerability

Exploit for multiple platform in category web applications Details: CA 2E Web Option r8.1.2 and potentially others, is vulnerable to unauthenticated privilege escalation via a predictable session token. The POST parameter session token W2ESSNID appears as follows:...

DEBIAN-CVE-2014-1604

The parser cache functionality in parsergenerator.py in RPLY aka python-rply before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-.json file with a predictable name...

CVE-2014-1604

The parser cache functionality in parsergenerator.py in RPLY aka python-rply before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-.json file with a predictable name...

CVE-2014-1604

The parser cache functionality in parsergenerator.py in RPLY aka python-rply before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-.json file with a predictable name...

Design/Logic Flaw

The parser cache functionality in parsergenerator.py in RPLY aka python-rply before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-.json file with a predictable name...

PYSEC-2014-17

The parser cache functionality in parsergenerator.py in RPLY aka python-rply before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-.json file with a predictable name...

UBUNTU-CVE-2014-1604

The parser cache functionality in parsergenerator.py in RPLY aka python-rply before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-.json file with a predictable name...

Updated python-jinja2 package fixes two security vulnerabilities

Updated python-jinja2 packages fix security vulnerability: Jinja2, a template engine written in pure python, was found to use /tmp as a default directory for jinja2.bccache.FileSystemBytecodeCache, which is insecure because the /tmp directory is world-writable and the filenames used like...

HawtJNI: predictable temporary file name leading to local arbitrary code execution

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...

CVE-2013-2119

Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service prevent application start or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem...

CVE-2013-6386

Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mtrand function to generate random numbers, which uses predictable seeds and allows remote attackers to predict security strings and bypass intended restrictions via a brute force attack...

Security feature bypass

Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mtrand function to generate random numbers, which uses predictable seeds and allows remote attackers to predict security strings and bypass intended restrictions via a brute force attack...

CVE-2013-6386

Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mtrand function to generate random numbers, which uses predictable seeds and allows remote attackers to predict security strings and bypass intended restrictions via a brute force attack...

UBUNTU-CVE-2013-6386

Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mtrand function to generate random numbers, which uses predictable seeds and allows remote attackers to predict security strings and bypass intended restrictions via a brute force attack...

CVE-2013-6386

Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mtrand function to generate random numbers, which uses predictable seeds and allows remote attackers to predict security strings and bypass intended restrictions via a brute force attack...

CVE-2013-6386

Drupal 6.x before 6.29 and 7.x before 7.24 uses PHP mt_rand with predictable seeds, allowing remote attackers to predict security strings and bypass restrictions via brute force. Impact includes potential unauthorized access or bypass of protections as described in multiple advisories. Mitigation...