2 matches found
code-server's session cookie can be extracted by having user visit specially crafted proxy URL
Summary A maliciously crafted URL using the proxy subpath can result in the attacker gaining access to the session token. Details Failure to properly validate the port for a proxy request can result in proxying to an arbitrary domain. The malicious URL https:///proxy/[email protected]/path would be...
CRYPTOCard CRYPTOAdmin 4.1 - Weak Encryption (1)
CRYPTOCard CRYPTOAdmin 4.1 - Weak Encryption 1 // source: https://www.securityfocus.com/bid/1097/info CRYPTOCard CRYPTOAdmin is a network authentication application for use with the Palm OS platform. CRYPTOAdmin generates a .pdb file which contains the username, PIN number, serial number, and key...