209 matches found
CVE-2014-0633
EMC VPLEX GeoSynchrony GUI has a session-timeout validation flaw in versions 4.x and 5.x prior to 5.3, which could allow remote attackers to execute arbitrary code by leveraging an unattended workstation. The issue affects VPLEX GeoSynchrony 4.0–5.2.1, with EMC recommending upgrading to version 5...
CVE-2013-4958
Puppet Enterprise before 3.0.1 does not use a session timeout, which makes it easier for attackers to gain privileges by leveraging an unattended workstation...
CVE-2013-4958
Puppet Enterprise before 3.0.1 does not use a session timeout, which makes it easier for attackers to gain privileges by leveraging an unattended workstation...
Design/Logic Flaw
Puppet Enterprise before 3.0.1 does not use a session timeout, which makes it easier for attackers to gain privileges by leveraging an unattended workstation...
CVE-2013-4958
Puppet Enterprise before 3.0.1 does not use a session timeout, which makes it easier for attackers to gain privileges by leveraging an unattended workstation...
CVE-2013-4958
Puppet Enterprise prior to version 3.0.1 is affected by CVE-2013-4958 due to not using a session timeout. This enables a local attacker with an unattended workstation to escalate privileges. The issue is described across multiple advisories (Red Hat, SUSE, Ubuntu, Debian, CVE lists) with the same...
CVE-2013-4958
Puppet Enterprise before 3.0.1 does not use a session timeout, which makes it easier for attackers to gain privileges by leveraging an unattended workstation...
CVE-2013-0527
The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 through 1.5.0.1 does not close pages upon the timeout of a session, which allows physically proximate attackers to obtain sensitive administrative-console information by reading the screen of an unattended workstation...
Design/Logic Flaw
The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 through 1.5.0.1 does not close pages upon the timeout of a session, which allows physically proximate attackers to obtain sensitive administrative-console information by reading the screen of an unattended workstation...
CVE-2013-0527
The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 through 1.5.0.1 does not close pages upon the timeout of a session, which allows physically proximate attackers to obtain sensitive administrative-console information by reading the screen of an unattended workstation...
Session-timeout not being respected
As per the following KB I made changes that should have seen timeout reduced to 2 minutes. https://confluence.atlassian.com/pages/viewpage.action?pageId=126910597 in /confluence/WEB-INF/web.xml code 2 code I can't force Confluence to have a session timeout. This issue has been reproduced on first...
Session-timeout not being respected
As per the following KB I made changes that should have seen timeout reduced to 2 minutes. https://confluence.atlassian.com/pages/viewpage.action?pageId=126910597 in /confluence/WEB-INF/web.xml code 2 code I can't force Confluence to have a session timeout. This issue has been reproduced on first...
Session-timeout not being respected
As per the following KB I made changes that should have seen timeout reduced to 2 minutes. https://confluence.atlassian.com/pages/viewpage.action?pageId=126910597 in /confluence/WEB-INF/web.xml code 2 code I can't force Confluence to have a session timeout. This issue has been reproduced on first...
Increase the web session timeout from 60 minutes to 300 minutes
Usability and security testing have shown that XSRF time out is annoying people in the wild. The security guy Vitaly has ok'ed the limit to be increased. This has been done on trunk along with other changes and should be done on 4.3 branch as well...
FWD: LedgerSMB Security Advisory: Multiple Vulnerabilities
Hi all; It has been brought to our attention that a number of security vulnerabilities have been noted in SQL-Ledger. Several of these affect earlier versions of LedgerSMB, and three hotfixes have been released for problems that continue to affect the LedgerSMB codebase. As always, we highly...
Fedora 9 : phpMyAdmin-3.0.1.1-1.fc9 (2008-9316)
This update by upstream to phpMyAdmin 3.0.1.1 solves CVE-2008-4775, a XSS issue in pmdpdf.php via db parameter when registerglobals is enabled. - GUI SQL error after sorting a subset - lang Catalan update - lang Russian update - import Temporary uploaded file not deleted - auth Cannot create...
Fedora 8 : phpMyAdmin-3.0.1.1-1.fc8 (2008-9336)
This update by upstream to phpMyAdmin 3.0.1.1 solves CVE-2008-4775, a XSS issue in pmdpdf.php via db parameter when registerglobals is enabled. - GUI SQL error after sorting a subset - lang Catalan update - lang Russian update - import Temporary uploaded file not deleted - auth Cannot create...
Different IE browser windows have different sessions and different session timeout timing
One of our user reported the following: ---- I discovered the reason why JIRA sometimes closes my IE session, it depends on the way you login: 1 When you login via navigation to your home page http://support/jira/secure/Dashboard.jspa all is ok, multiple JIRA sessions never expire. 2 When you log...
Different IE browser windows have different sessions and different session timeout timing
One of our user reported the following: ---- I discovered the reason why JIRA sometimes closes my IE session, it depends on the way you login: 1 When you login via navigation to your home page http://support/jira/secure/Dashboard.jspa all is ok, multiple JIRA sessions never expire. 2 When you log...
Debian: Security Advisory (DSA-662-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...