Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2018/04/06 12:0 a.m.59 views

RSA Authentication Agent for Web for IIS 8.x < 8.0.2 Multiple Vulnerabilities

The version of RSA Authentication Agent for Web for IIS is 8.x prior to 8.0.2. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid108889; scriptversion"1.5"; scriptsetattributeattribute:"pluginmodificationdate",...

7.5CVSS6.2AI score0.0282EPSS
Exploits1References4
NVD
NVD
added 2018/03/30 9:29 p.m.27 views

CVE-2018-1232

RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker could exploit this vulnerability to crash the...

7.5CVSS7.8AI score0.0282EPSS
Exploits1References2
NVD
NVD
added 2018/03/30 9:29 p.m.24 views

CVE-2018-1234

RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access control list ACL permissions on a Windows Named Pipe were not sufficient to prevent access by unauthorized users. The attacker with local access to the system can exploit this vulnerability to...

5.5CVSS5.5AI score0.00461EPSS
Exploits1References2
Prion
Prion
added 2018/03/30 9:29 p.m.25 views

Authentication flaw

RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access control list ACL permissions on a Windows Named Pipe were not sufficient to prevent access by unauthorized users. The attacker with local access to the system can exploit this vulnerability to...

2.1CVSS5.5AI score0.00461EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2018/03/30 9:0 p.m.91 views

CVE-2018-1234

CVE-2018-1234 affects RSA Authentication Agent for Web for IIS versions 8.0.1 and earlier. The root cause is insufficient ACL protections on a Windows Named Pipe, allowing a local attacker to read configuration properties of the authentication agent. Exploitation requires local access; no remote ...

5.5CVSS6.3AI score0.00461EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/11/04 12:0 a.m.24 views

RSA Authentication Agent for Web for IIS 7.1.x < 7.1.2 Filter Bypass

The version of RSA Authentication Agent for Web for IIS is 7.1.x prior to 7.1.2. Such versions are potentially affected by an unspecified filter bypass vulnerability. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid70746; scriptversion"1.3"; scriptcvsdate"Date:...

7.5CVSS5.4AI score0.0228EPSS
Exploits0References2
Prion
Prion
added 2008/04/30 2:10 p.m.16 views

Open redirect

Open redirect vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3.0.258 for Web for IIS, when accessed via certain browsers such as Mozilla Firefox, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an ftp URL in the url paramet...

5.8CVSS7.2AI score0.01124EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2008/04/30 2:0 p.m.21 views

CVE-2008-2027

Open redirect vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3.0.258 for Web for IIS, when accessed via certain browsers such as Mozilla Firefox, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an ftp URL in the url paramet...

6.8AI score0.01124EPSS
Exploits0References5
Saint
Saint
added 2007/07/13 12:0 a.m.26 views

RSA Authentication Agent for Web for IIS chunked encoding overflow

Added: 07/13/2007 CVE: CVE-2005-1471 BID: 13524 OSVDB: 16164 Background RSA Authentication Agent For Web for IIS provides access control for applications on IIS web servers. Problem A heap overflow vulnerability when using chunked transfer-encoding allows remote attackers to execute arbitrary...

7.5CVSS7.9AI score0.02634EPSS
Exploits4
Saint
Saint
added 2007/07/13 12:0 a.m.27 views

RSA Authentication Agent for Web for IIS chunked encoding overflow

Added: 07/13/2007 CVE: CVE-2005-1471 BID: 13524 OSVDB: 16164 Background RSA Authentication Agent For Web for IIS provides access control for applications on IIS web servers. Problem A heap overflow vulnerability when using chunked transfer-encoding allows remote attackers to execute arbitrary...

7.5CVSS7.9AI score0.02634EPSS
Exploits4
Saint
Saint
added 2007/07/13 12:0 a.m.25 views

RSA Authentication Agent for Web for IIS chunked encoding overflow

Added: 07/13/2007 CVE: CVE-2005-1471 BID: 13524 OSVDB: 16164 Background RSA Authentication Agent For Web for IIS provides access control for applications on IIS web servers. Problem A heap overflow vulnerability when using chunked transfer-encoding allows remote attackers to execute arbitrary...

7.5CVSS7.9AI score0.02634EPSS
Exploits4
CERT
CERT
added 2005/05/11 12:0 a.m.25 views

RSA Authentication Agent for Web for IIS vulnerable to heap overflow via overly large "chunk"

Overview RSA Authentication Agent for Web for IIS contains a heap overflow in the handling of chunked input. This could allow a remote, unauthenticated attacker to execute arbitrary code on the server. Description RSA Authentication Agent software provides access control for networks, web...

7.5CVSS7.5AI score0.02634EPSS
Exploits4References7
securityvulns
securityvulns
added 2005/04/15 12:0 a.m.42 views

[SA14954] RSA Authentication Agent for Web for IIS Cross-Site Scripting

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: RSA Authentication Agent for Web for IIS Cross-Site...

0.9AI score
Exploits0
Rows per page
Query Builder