1735 matches found
should be able to login only via https
you should be able to configure JIRA to login via HTTPS. this is almost possible in 2.4.1. You can specify an https URL in security-config.xml as the login.url parameter. this makes loing links from e.g. the issue view page work correctly. a slight problem here is that the session remiains in the...
PHP 4.3.2 released
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 After a lengthy QA process, PHP 4.3.2 is finally out! This maintenance release solves a lot of bugs found in earlier PHP versions and is a strongly recommended upgrade for all PHP users. PHP 4.3.2 contains, among others, following important fixes,...
geeklog.txt
Products: Geeklog 1.3.7sr1 and below http://www.geeklog.net Date: 29 May 2003 Author: pokleyzz Contributors: skatscan-associates.net shaharilatscan-associates.net muniratscan-associates.net URL: http://www.scan-associates.net Summary: Geeklog 1.3.7sr1 and below multiple vulnerabilities. Descripti...
TANne 0.6.17 - Session Manager SysLog Format String
// source: https://www.securityfocus.com/bid/6553/info TANne is a freely available, open source session management package. It is available for Unix and Linux operating systems. Due to programming error, it may be possible to exploit a format string vulnerability. A logging function in the TANne...
TANne 0.6.17 - Session Manager SysLog Format String
TANne 0.6.17 - Session Manager SysLog Format String // source: https://www.securityfocus.com/bid/6553/info TANne is a freely available, open source session management package. It is available for Unix and Linux operating systems. Due to programming error, it may be possible to exploit a format...
State-based firewalls fail to effectively manage session table resource exhaustion
Overview There is a vulnerability in several state-based firewall products that allows arbitrary remote attackers to conduct denial of service attacks against vulnerable firewalls. Description Many firewall products use state tables to determine whether a given packet belongs to an existing sessi...
Portix-PHP 0.4 - Cookie Manipulation
Portix-PHP 0.4 - Cookie Manipulation source: https://www.securityfocus.com/bid/4041/info Portix-PHP is freely available web portal software. It is written in PHP and will run on most Unix and Linux variants. Portix-PHP uses non-expiring cookies for session management. It is possible for a malicio...
Portix-PHP 0.4 - Cookie Manipulation
source: https://www.securityfocus.com/bid/4041/info Portix-PHP is freely available web portal software. It is written in PHP and will run on most Unix and Linux variants. Portix-PHP uses non-expiring cookies for session management. It is possible for a malicious user to manipulate values in their...
PHP 4.x session spoofing
Hi, +-------------------+ | What are sessions | +-------------------+ A session ID is required to identify people. It is passed over to the browser and then is either part of the url or is stored as a cookie. With every request the browser also sends this ID over to the server which makes is...
NMRC Advisory - NetDynamics Session ID is Reusable
I N F O R M A T I O N A N A R C H Y 2 K 0 1 www.nmrc.org/InfoAnarchy Nomad Mobile Research Centre A D V I S O R Y www.nmrc.org Phuzzy L0gic [email protected] 27Nov2001 Platform : Sun Solaris Version 7, 8 Application : NetDynamics 4.x, 5.x Severity : Medium Synopsis -------- It appears that the...
CVE-2001-0346
Handle leak in Microsoft Windows 2000 telnet service allows attackers to cause a denial of service by starting a large number of sessions and terminating them...
PHPLib Team PHPLIB 7.2 - Remote Script Execution
source: https://www.securityfocus.com/bid/3079/info The PHP Base Library'PHPLIB' is a code library which provides support for session management in web applications. It is targeted to developers and is widely used in many web applications, so a strong possibility exists that an application may be...
PHPLib Team PHPLIB 7.2 - Remote Script Execution
PHPLib Team PHPLIB 7.2 - Remote Script Execution source: https://www.securityfocus.com/bid/3079/info The PHP Base Library'PHPLIB' is a code library which provides support for session management in web applications. It is targeted to developers and is widely used in many web applications, so a...
Проблема в Firewall-1 Session Agent
При авторизации отдельно проверяется имя пользователя и пароль, кроме того не установлено максимальное число попыток...
DUO-PSA-2021-001: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2021-001 Publication Date: 2021-04-15 Revision Date: 2021-04-15 Status: Confirmed, Fixed Document Revision: 1 Overview Duo Security has fixed an issue that could have allowed an attacker with primary credentials of another user to bypass...