samba: Spoofing vulnerability when domain controller is configured

It was discovered that Samba configured as a Domain Controller would establish a secure communication channel with a machine using a spoofed computer name. A remote attacker able to observe network traffic could use this flaw to obtain session-related information about the spoofed machine...

CVE-2016-3171

Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation...

CVE-2016-3171

Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation...

Code injection

Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation...

CVE-2016-3171

Removed by vendor...

CVE-2016-3171

Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation...

CVE-2016-3171

Drupal 6.x before 6.38 is vulnerable when used with PHP < 5.4.45, 5.5.x < 5.5.29, or 5.6.x

Drupal Core Session Data Hijacking Vulnerability

Drupal is a free and open source content management system developed in PHP. A session data hijacking vulnerability exists in Drupal Core. In some older versions of PHP, user-supplied session data stored in Drupal could be serialized, leading to remote code execution...

Gratipay: Hijacking user session by forcing the use of invalid HTTPs Certificate on images.gratipay.com

I found that the domain images.gratipay.com is just a reverse proxy for gratipay.com and HTTPS works throughtout the site flawlessly except in one case, that it when we try to open user's profile: POC: https://images.gratipay.com/asdlfz/ Https Warning Page: http://i.imgur.com/XHsXJEvr.png?1 Risks...

Telecom Charging Panel ADSL (IR) - CSRF Web Vulnerability

Document Title: =============== Telecom Charging Panel ADSL IR - CSRF Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1773 Release Date: ============= 2016-03-01 Vulnerability Laboratory ID VL-ID: ==================================== 17...

FreeBSD : drupal -- multiple vulnerabilities (59a0af97-dbd4-11e5-8fa8-14dae9d210b8)

Drupal Security Team reports : - File upload access bypass and denial of service File module - Drupal 7 and 8 - Moderately Critical - Brute force amplification attacks via XML-RPC XML-RPC server - Drupal 6 and 7 - Moderately Critical - Open redirect via path manipulation Base system - Drupal 6, 7...

drupal -- multiple vulnerabilities

Drupal Security Team reports: File upload access bypass and denial of service File module - Drupal 7 and 8 - Moderately Critical Brute force amplification attacks via XML-RPC XML-RPC server - Drupal 6 and 7 - Moderately Critical Open redirect via path manipulation Base system - Drupal 6, 7 and 8 ...

Session data truncation can lead to unserialization of user provided data

More info at https://www.drupal.org/SA-CORE-2016-001...

Session data truncation can lead to unserialization of user provided data

More info at https://www.drupal.org/SA-CORE-2016-001...

CVE-2015-7924

eWON devices with firmware before 10.1s0 do not trigger the discarding of browser session data in response to a log-off action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation...

Microsoft Windows Schannel TLS Three Times Handshake Vulnerability

Microsoft Windows is a family of operating systems released by Microsoft Corporation in the U.S. Microsoft Schannel or Secure Channel is one of the Security Support Providers SSPs that implements the Secure Socket Layer SSL and Transport Layer Security TLS protocols and provides authentication...

Yahoo Bug Bounty #32 - CSRF bulkImport Web Vulnerability

Document Title: =============== Yahoo Bug Bounty 32 - CSRF bulkImport Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1552 Release Date: ============= 2015-09-03 Vulnerability Laboratory ID VL-ID: ==================================== 15...

Yahoo Bug Bounty #32 - CSRF bulkImport Web Vulnerability

Document Title: =============== Yahoo Bug Bounty 32 - CSRF bulkImport Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1552 Release Date: ============= 2015-09-03 Vulnerability Laboratory ID VL-ID: ==================================== 15...

Sendio ESP Information Disclosure Vulnerability

Sendio ESP Email Security Platform is a network appliance that provides anti-spam and anti-virus solutions for organizations from Sendio, USA. A security vulnerability exists in the web interface of Sendio ESP versions prior to 7.2.4. Due to the program failing to handle sessions correctly. A...

CVE-2014-8391

The Web interface in Sendio before 7.2.4 does not properly handle sessions, which allows remote authenticated users to obtain sensitive information from other users' sessions via a large number of requests...