63 matches found
strongswan -- Remote Authentication Bypass
strongSwan developers report: Remote attackers are able to bypass authentication by rekeying an IKESA during 1 initiation or 2 re-authentication, which triggers the IKESA state to be set to established. Only installations that actively initiate or re-authenticate IKEv2 IKESAs are affected...
CVE-2002-0487
Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache...
Asked to re-authenticate to delete issue
/jira/secure/DeleteIssue!default.jspa?id=10012 everything seems to work ok, but I try to delete previously existing issue and I get redirected to the URL above. instead of a delete issue page, I get a login page, only it looks messed up - it's the login form table miniwindow except spread 100%...