CVE-2005-2771

WRQ Reflection for Secure IT Windows Server 6.0 formerly known as F-Secure SSH server processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restrictions and login to accounts that should be...

CVE-2005-2771

CVE-2005-2771 affects AttachmateWRQ Reflection for Secure IT Server (Windows) prior to 6.0 Build 24. The issue arises because access/deny lists are evaluated case-sensitively in vulnerable versions, whereas earlier versions were case-insensitive, potentially allowing login to accounts that should...

CVE-2005-2770

WRQ Reflection for Secure IT Windows Server 6.0 formerly known as F-Secure SSH server does not properly handle when the Windows Administrator or Guest accounts are renamed after SSH key authentication has been configured, which allows remote attackers to use the original names during login...

CVE-2005-2771

WRQ Reflection for Secure IT Windows Server 6.0 formerly known as F-Secure SSH server processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restrictions and login to accounts that should be...

Reflection for Secure IT Windows Server 6.0 changed case sensitivity of allow and deny lists

Overview Reflection for Secure IT Windows Server version 6.0 uses different case-sensitivity in evaluating the allow and deny lists as previous versions, potentionally allowing unintended access. Description Reflection for Secure IT Windows Server version 6.0, an SSH server from WRQ formerly know...

CVE-2004-2331

ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain sensitive information by using Java reflection methods to access trusted Java objects without using the CreateObject function or cfobject tag...

CVE-2004-1029

The Sun Java Plugin capability in Java 2 Runtime Environment JRE 1.4.201, 1.4.204, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using th...

CVE-2004-2331

ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain sensitive information by using Java reflection methods to access trusted Java objects without using the CreateObject function or cfobject tag...

PT-2004-3225 · Adobe · Coldfusion Mx

Name of the Vulnerable Software and Affected Versions: ColdFusion MX versions 6.1 and 6.1 J2EE Description: The issue allows local users to bypass sandbox security restrictions and obtain sensitive information. This is achieved by using Java reflection methods to access trusted Java objects witho...