805 matches found
CVE-2007-4124
Cosminexus Component Container (Hitachi products) is affected for Cosminexus 6, 6.7, and 7 prior to 20070731. The session failover function may mishandle session data so one user’s session data could be used for another user, enabling remote authenticated access to sensitive information, possible...
security flaw
Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to 1 the GLOBALS array or 2 the session data in SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701...
security flaw
Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to 1 the GLOBALS array or 2 the session data in SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701...
CVE-2007-1711
Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to 1 the GLOBALS array or 2 the session data in SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701...
Double free
Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to 1 the GLOBALS array or 2 the session data in SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701...
CVE-2007-1700
The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the...
CVE-2007-1701
Technical details for CVE-2007-1701 are not publicly provided in the supplied documents. The materials reference PHP-related advisories and multiple PHP issues but do not describe affected versions, root cause, impact, or remediation for this specific CVE. Monitor for updates.
CVE-2007-1701
PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when registerglobals is enabled, allows context-dependent attackers to execute arbitrary code via deserialization of session data, which overwrites arbitrary global variables, as demonstrated by calling sessiondecode on a string beginning with...
CVE-2007-1711
Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to 1 the GLOBALS array or 2 the session data in SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701...
Debian DSA-1264-1 : php4 - several vulnerabilities
Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-0906 It was discovered that an integer...
W-Agora 4.2 - BBCode Script Injection
W-Agora 4.2 - BBCode Script Injection source: https://www.securityfocus.com/bid/17751/info W-Agora is prone to a script-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated content. W-Agora...
W-Agora 4.2 - BBCode Script Injection
source: https://www.securityfocus.com/bid/17751/info W-Agora is prone to a script-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated content. W-Agora can be configured to send all user...
PT-2006-1576 · Blackboard · Blackboard Academic Suite
Name of the Vulnerable Software and Affected Versions: Blackboard Academic Suite versions 6.0 and earlier Description: The issue arises when the software does not properly clear session information after a user has been idle and then de-authenticates. This allows subsequent users to log in as the...
[Full-disclosure] Session data pollution vulnerabilities in web applications
In web applications I've tested recently I have stumbled upon something that seems to be new class of bugs. Quick googling did not turn up any reference to this kind of vulnerabilities, so I thought I should describe it. The problem boils down to the application reusing the same session variable...
CVE-2001-1505
The CVE-2001-1505 entry covers tinc versions 1.0pre3 and 1.0pre4, where remote attackers can inject data into user sessions by sniffing and replaying packets. Affected component: tinc (specific versions cited). Underlying issue: packet sniffing/replay enables session data modification (integrity ...
cubecart206.txt
Hello All, I have discovered a number of remote vulnerabilities in: CubeCart 2.0.6. Authors Site: http://www.cubecart.com CubeCart is described by its authors as: 'What is CubeCart? CubeCart is an eCommerce script written with PHP & MySQL. With CubeCart you can setup a powerful online store as lo...
Fedora Core 3 : ruby-1.8.1-7.FC3.1 (2004-403)
Thu Nov 11 2004 Akira TAGOH - 1.8.1-7.FC3.1 - security fix CVE-2004-0983 - security fix CVE-2004-0755 - ruby-1.8.1-cgi-dos.patch: applied to fix a denial of service issue. 138366 - ruby-1.8.1-cgisessionperms.patch: sets the permission of the session data file to 0600. 130063 - Sat Oct 30 2004...
silc question - insecure memory
Good Evening, while screwing around tonight checking memory for the SSH2 advisory. I noticed passphrase and complete sessions from silc in memory. I dont know if this is normal for silc I wouldnt think it would be but all you need to do it is: cdowns@Vader:$ sudo dd if=/dev/mem...
CVE-2002-1746
Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packets...
CVE-2002-0863
Remote Data Protocol RDP version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol."...