session software vulnerabilities
vulnerabilities.aspcode.net
Searching session software vulnerabilities
mod_usertrack in Apache 1.3.11 through 1.3.20 g
mod_usertrack
|
Apache
|
mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.
Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x
Firewall
|
Cisco
|
PIX
|
Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack.
KDM in KDE 3.1.3 and earlier uses a weak sessio
KDE
|
KDM
|
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session.
index2.php in Mambo 4.0.12 allows remote attack
index2php
|
Mambo
|
index2.php in Mambo 4.0.12 allows remote attackers to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie.
Sygate Secure Enterprise (SSE) 3.5MR3 and earli
Enterprise
|
Secure
|
Sygate
|
Sygate Secure Enterprise (SSE) 3.5MR3 and earlier does not change the key used to encrypt data, which allows remote attackers to cause a denial of service (resource exhaustion) by capturing a session and repeatedly replaying the session.
The FileStore capability in CGI::Session for Ru
capability
|
FileStore
|
The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions.
Directory traversal vulnerability in file.php i
vulnerability
|
Directory
|
traversal
|
filephp
|
Moodle
|
Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. (dot dot) in the file parameter.
JRun 4.0 does not properly generate and handle
JSESSIONID
|
attackers
|
generate
|
fixation
|
properly
|
perform
|
session
|
user's
|
attack
|
hijack
|
handle
|
allows
|
remote
|
which
|
JRun
|
does
|
HTTP
|
not
|
JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote attackers to perform a session fixation attack and hijack a user's HTTP session.
Session fixation vulnerability in Macromedia JR
vulnerability
|
information
|
pre-setting
|
Macromedia
|
attackers
|
sessions
|
fixation
|
Session
|
hijack
|
remote
|
allows
|
server
|
used
|
JRun
|
user
|
Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server.
PeerSec MatrixSSL before 1.1 caches session key
indefinitely
|
attackers
|
MatrixSSL
|
session
|
PeerSec
|
easier
|
remote
|
before
|
caches
|
hijack
|
might
|
which
|
long
|
keys
|
make
|
time
|
PeerSec MatrixSSL before 1.1 caches session keys for an indefinitely long time, which might make it easier for remote attackers to hijack a session.
phpBB 2.0.17 and earlier, when register_globals
phpBB
|
phpBB 2.0.17 and earlier, when register_globals is enabled and the session_start function has not been called to handle a session, allows remote attackers to bypass security checks by setting the $_SESSION and $HTTP_SESSION_VARS variables to strings instead of arrays, which causes an array_merge function call to fail.
WorldClient.dll in Alt-N MDaemon and WorldClien
WorldClientdll
|
WorldClient
|
MDaemon
|
Alt-N
|
WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote attackers to perform actions as other users by guessing or sniffing the random value.
desktop.php in eyeOS 0.8.9 and earlier tests fo
desktopphp
|
eyeOS
|
desktop.php in eyeOS 0.8.9 and earlier tests for the existence of the _SESSION variable before calling the session_start function, which allows remote attackers to execute arbitrary PHP code and possibly conduct other attacks by modifying critical assumed-immutable variables, as demonstrated using PHP code in the _SESSION[apps][eyeOptions.eyeapp][wrapup] variable.
Directory traversal vulnerability in the sessio
vulnerability
|
Directory
|
traversal
|
handling
|
session
|
class
|
Directory traversal vulnerability in the session handling class (GallerySession.class) in Gallery 2 up to 2.0.2 allows remote attackers to access and delete files by specifying the session in a cookie, which is used in constructing file paths before the session value is sanitized.
Session fixation vulnerability in Drupal 4.5.x
vulnerability
|
fixation
|
Session
|
before
|
Drupal
|
45x
|
Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to gain privileges by tricking a user to click on a URL that fixes the session identifier.
CGI::Session 4.03-1 does not set proper permiss
CGI::Session 4.03-1 does not set proper permissions on temporary files created in (1) Driver::File and (2) Driver::db_file, which allows local users to obtain privileged information, such as session keys, by viewing the files.
The session extension in PHP 4 before 4.4.5, an
extension
|
session
|
before
|
PHP
|
The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the session_register after unsetting HTTP_SESSION_VARS and _SESSION, which destroys the session data Hashtable.
PHP 4 before 4.4.5, and PHP 5 before 5.2.1, whe
before
|
PHP
|
PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when register_globals is enabled, allows context-dependent attackers to execute arbitrary code via deserialization of session data, which overwrites arbitrary global variables, as demonstrated by calling session_decode on a string beginning with "_SESSION|s:39:".
The session_start function in ext/session in PH
session_start
|
ext/session
|
function
|
PHP
|
The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from (1) PATH_INFO, (2) the session_id function, and (3) the session_start function, which are not encoded or filtered when the new session cookie is generated, a related issue to CVE-2006-0207.
The session extension in PHP before 5.2.4 might
extension
|
session
|
before
|
PHP
|
The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.
Software vulnerabilities results 1 to 20 of 320
Page:
1
2
3
4
5
...
17
►