jetlib.sec » Tags » session-hijacking

Feeds

133445 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

42 items tagged "session hijacking"

Related tags: vulnerability [+], denial of service [+], advisory [+], hijacking [+], suse [+], sonicwall [+], viewpoint [+], txt [+], serverscheck [+], monitoring [+], input validation vulnerabilities [+], forgery [+], elxis [+], cross site scripting [+], control [+], center [+], barracuda [+], aphrodite rev [+], aphrodite [+], wi f [+], tar [+], server firewall [+], security advisory [+], network penetration [+], google maps [+], feye [+], eye v [+], day [+], cybershade [+], cms [+], basics [+], ajaxterm [+], wire [+], web [+], uselocalhost [+], usa [+], system [+], spoofing [+], simple machines [+], simple [+], service [+], security restrictions [+], read [+], phpkode [+], openssh [+], nsa [+], new [+], nat [+], mitm [+], information disclosure [+], information [+], html [+], hijack [+], guestbook [+], girlfriend [+], forwarding [+], forum [+], fedora [+], eroom [+], emc documentum [+], emc [+], dsa [+], dos [+], documentum eroom [+], documentum [+], denial [+], browser [+], broadband router [+], broadband [+], arpon [+], arp spoofing [+], arp [+], Countermeasures [+], session [+], security [+], secunia [+]

• March 13, 2012
• 0:00

  Vuln: EMC Documentum eRoom Cookies Session Hijacking Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  EMC Documentum eRoom Cookies Session Hijacking Vulnerability

  Tags:  documentum emc eroom documentum-eroom emc-documentum session-hijacking  

• January 05, 2012
• 19:20

  Secunia Security Advisory 47433

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - SUSE has issued an update for net6. This fixes two weaknesses, which can be exploited by malicious people to disclose certain information and conduct session hijacking attacks.

  Tags:  advisory secunia security suse session-hijacking security-advisory  

• December 21, 2011
• 13:30

  Barracuda Control Center 620 Session Hijacking

   » ‎ Packet Storm Security Exploits
  The Barracuda Control Center 620 suffers from a remote session hijacking vulnerability.

  Tags:  control center barracuda vulnerability session-hijacking  

• 13:30

  Barracuda Control Center 620 Session Hijacking

   » ‎ Packet Storm Security Recent Files
  The Barracuda Control Center 620 suffers from a remote session hijacking vulnerability.

  Tags:  control center barracuda vulnerability session-hijacking  

• 13:30

  Barracuda Control Center 620 Session Hijacking

   » ‎ Packet Storm Security Misc. Files
  The Barracuda Control Center 620 suffers from a remote session hijacking vulnerability.

  Tags:  control center barracuda vulnerability session-hijacking  

• November 27, 2011
• 18:53

  Secunia Security Advisory 47039

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes two weaknesses and multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, conduct session hijacking attacks, and cause a DoS (Denial of Service), by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service), and by malicious people to cause a DoS (Denial of Service).

  Tags:  denial dos service session-hijacking denial-of-service secunia  

• November 25, 2011
• 17:20

  Secunia Security Advisory 46988

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Fedora has issued an update for net6. This fixes two weaknesses, which can be exploited by malicious people to disclose certain information and conduct session hijacking attacks.

  Tags:  advisory secunia security fedora session-hijacking security-advisory  

• 17:20

  Secunia Security Advisory 46994

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Ubuntu has issued an update for linux-lts-backport-maverick. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to conduct session hijacking attacks, cause a DoS (Denial of Service), and gain escalated privileges.

  Tags:  advisory secunia security session-hijacking denial-of-service  

• 17:20

  Secunia Security Advisory 46912

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Ubuntu has issued an update for linux-ti-omap4. This fixes two vulnerabilities, which can be exploited by malicious, local users to conduct session hijacking attacks and cause a DoS (Denial of Service).

  Tags:  advisory secunia security session-hijacking denial-of-service  

• 0:00

  Vuln: net6 Session Hijacking and Information Disclosure Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  net6 Session Hijacking and Information Disclosure Vulnerabilities

  Tags:  hijacking session information session-hijacking information-disclosure  

• November 23, 2011
• 1:07

  Secunia Security Advisory 46948

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Ubuntu has issued an update for linux-fsl-imx51. This fixes two weaknesses and a vulnerability, which can be exploited by malicious, local users to conduct session hijacking attacks and by malicious people to cause a DoS (Denial of Service).

  Tags:  advisory secunia security session-hijacking denial-of-service  

• 1:07

  Secunia Security Advisory 46947

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Ubuntu has issued an update for kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to conduct session hijacking attacks, cause a DoS (Denial of Service), and gain escalated privileges.

  Tags:  advisory secunia security session-hijacking denial-of-service  

• 1:07

  Secunia Security Advisory 46942

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Ubuntu has issued an update for kernel. This fixes multiple weaknesses and two vulnerabilities, which can be exploited by malicious, local users to conduct session hijacking attacks, cause a DoS (Denial of Service), and gain escalated privileges and by malicious people to cause a DoS (Denial of Service).

  Tags:  advisory secunia security session-hijacking denial-of-service  

• 0:00

  Vuln: SonicWall NSA 4500 HTML Injection and Session Hijacking Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  SonicWall NSA 4500 HTML Injection and Session Hijacking Vulnerabilities

  Tags:  sonicwall html nsa session-hijacking  

• November 13, 2011
• 2:45

  Secunia Security Advisory 46104

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to conduct session hijacking attacks, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system, and by malicious people to cause a DoS.

  Tags:  advisory secunia security suse session-hijacking denial-of-service  

• September 27, 2011
• 6:42

  ServersCheck Monitoring 8.8.6 Session Hijacking / XSRF

   » ‎ Packet Storm Security Exploits
  ServersCheck Monitoring version 8.8.6 suffers from cross site request forgery, cross site scripting, and session hijacking vulnerabilities.

  Tags:  monitoring session serverscheck session-hijacking cross-site-scripting forgery  

• 6:42

  ServersCheck Monitoring 8.8.6 Session Hijacking / XSRF

   » ‎ Packet Storm Security Recent Files
  ServersCheck Monitoring version 8.8.6 suffers from cross site request forgery, cross site scripting, and session hijacking vulnerabilities.

  Tags:  monitoring session serverscheck session-hijacking cross-site-scripting forgery  

• 6:42

  ServersCheck Monitoring 8.8.6 Session Hijacking / XSRF

   » ‎ Packet Storm Security Misc. Files
  ServersCheck Monitoring version 8.8.6 suffers from cross site request forgery, cross site scripting, and session hijacking vulnerabilities.

  Tags:  monitoring session serverscheck session-hijacking cross-site-scripting forgery  

• September 26, 2011
• 14:56

  Sonicwall Viewpoint 6.x Session Hijacking

   » ‎ Packet Storm Security Exploits
  Sonicwall Viewpoint 6.x suffers from multiple input validation vulnerabilities that allow for session hijacking.

  Tags:  viewpoint session sonicwall input-validation-vulnerabilities session-hijacking  

• 14:56

  Sonicwall Viewpoint 6.x Session Hijacking

   » ‎ Packet Storm Security Recent Files
  Sonicwall Viewpoint 6.x suffers from multiple input validation vulnerabilities that allow for session hijacking.

  Tags:  viewpoint session sonicwall input-validation-vulnerabilities session-hijacking  

• 14:56

  Sonicwall Viewpoint 6.x Session Hijacking

   » ‎ Packet Storm Security Misc. Files
  Sonicwall Viewpoint 6.x suffers from multiple input validation vulnerabilities that allow for session hijacking.

  Tags:  viewpoint session sonicwall input-validation-vulnerabilities session-hijacking  

• September 17, 2011
• 21:00

  [webapps / 0day] - PHPKode Guestbook 1.0 Session Hijacking Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - PHPKode Guestbook 1.0 Session Hijacking Vulnerability

  Tags:  phpkode day guestbook session-hijacking vulnerability  

• September 14, 2011
• 2:45

  [Paper] How I Met Your Girlfriend

   » ‎ SecDocs
  Authors: Samy Kamkar
  Tags: web social engineering
  Event: Black Hat USA 2010
  Abstract: How I Met Your Girlfriend: The discovery and execution of entirely new classes of attacks executed from the Web in order to meet your girlfriend. This includes newly discovered attacks including HTML5 client-side XSS (without XSS hitting the server!), PHP session hijacking and weak random numbers (accurately guessing PHP session cookies), browser protocol confusion (turning a browser into an SMTP server), firewall and NAT penetration via Javascript (turning your router against you), remote iPhone Google Maps hijacking (iPhone penetration combined with HTTP man-in-the-middle), extracting extremely accurate geolocation information from a Web browser (not using IP geolocation), and more.

  Tags:  google-maps session-hijacking server-firewall  

• 2:45

  [Slides] How I Met Your Girlfriend

   » ‎ SecDocs
  Authors: Samy Kamkar
  Tags: web social engineering
  Event: Black Hat USA 2010
  Abstract: How I Met Your Girlfriend: The discovery and execution of entirely new classes of attacks executed from the Web in order to meet your girlfriend. This includes newly discovered attacks including HTML5 client-side XSS (without XSS hitting the server!), PHP session hijacking and weak random numbers (accurately guessing PHP session cookies), browser protocol confusion (turning a browser into an SMTP server), firewall and NAT penetration via Javascript (turning your router against you), remote iPhone Google Maps hijacking (iPhone penetration combined with HTTP man-in-the-middle), extracting extremely accurate geolocation information from a Web browser (not using IP geolocation), and more.

  Tags:  web browser girlfriend nat usa google-maps session-hijacking server-firewall  

• August 23, 2011
• 7:30

  Elxis 2009.3 Aphrodite Rev 2681 Session Hijacking / XSS

   » ‎ Packet Storm Security Exploits
  Elxis 2009.3 Aphrodite revision 2681 suffers from session hijacking and cross site scripting vulnerabilities.

  Tags:  elxis hijacking session aphrodite-rev aphrodite session-hijacking  

• 7:30

  Elxis 2009.3 Aphrodite Rev 2681 Session Hijacking / XSS

   » ‎ Packet Storm Security Recent Files
  Elxis 2009.3 Aphrodite revision 2681 suffers from session hijacking and cross site scripting vulnerabilities.

  Tags:  elxis hijacking session aphrodite-rev aphrodite session-hijacking  

• 7:30

  Elxis 2009.3 Aphrodite Rev 2681 Session Hijacking / XSS

   » ‎ Packet Storm Security Misc. Files
  Elxis 2009.3 Aphrodite revision 2681 suffers from session hijacking and cross site scripting vulnerabilities.

  Tags:  elxis hijacking session aphrodite-rev aphrodite session-hijacking  

• August 13, 2011
• 5:14

  Secunia Security Advisory 45530

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose system information, conduct session hijacking attacks, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system, and by malicious people to cause a DoS.

  Tags:  advisory secunia security suse session-hijacking denial-of-service  

• August 06, 2011
• 21:00

  [webapps / 0day] - Simple Machines forum (SMF) 2.0 session hijacking

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Simple Machines forum (SMF) 2.0 session hijacking

  Tags:  day simple forum session-hijacking simple-machines  

• June 29, 2011
• 20:38

  Secunia Security Advisory 45124

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain sensitive and system information, bypass certain security restrictions, conduct session hijacking attacks, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system, and by malicious people to cause a DoS and potentially compromise a vulnerable system.

  Tags:  secunia system security suse session-hijacking denial-of-service security-restrictions  

• May 05, 2011
• 6:17

  ArpON v2.2 Released – Tool To Detect & Block ARP Spoofing

   » ‎ Darknet
  ArpON (ARP handler inspection) is a portable handler daemon that make ARP secure in order to avoid the Man In The Middle (MITM) through ARP Spoofing/Poisoning attacks. It detects and blocks also derived attacks by it for more complex attacks, as: DHCP Spoofing, DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks....
  
  Read the full post at darknet.org.uk

  
  

  

  Tags:  arp arpon spoofing read arp-spoofing session-hijacking mitm Countermeasures  

• January 14, 2011
• 6:00

  Session Hijacking Basics

   » ‎ Packet Storm Security Recent Files
  Whitepaper called Session Hijacking Basics.

  Tags:  hijacking session basics session-hijacking  

• 6:00

  Session Hijacking Basics

   » ‎ Packet Storm Security Misc. Files
  Whitepaper called Session Hijacking Basics.

  Tags:  hijacking session basics session-hijacking  

• December 29, 2010
• 0:00

  Vuln: AjaxTerm 'ajaxterm.js' Session Hijacking Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  AjaxTerm 'ajaxterm.js' Session Hijacking Vulnerability

  Tags:  hijacking ajaxterm session vulnerability session-hijacking  

• September 18, 2010
• 14:01

  Wi-fEye-v0.5.tar.gz

   » ‎ Packet Storm Security Tools
  Wi-fEye is designed to help with network penetration testing. It allows the user to perform a number of powerful attack automatically including WEP/WPA cracking, session hijacking and more.

  Tags:  tar wi-f eye-v session-hijacking network-penetration feye  

• 14:01

  Wi-fEye-v0.5.tar.gz

   » ‎ Packet Storm Security Recent Files
  Wi-fEye is designed to help with network penetration testing. It allows the user to perform a number of powerful attack automatically including WEP/WPA cracking, session hijacking and more.

  Tags:  tar wi-f eye-v session-hijacking network-penetration feye  

• August 12, 2010
• 0:00

  2wire-hijack.txt

   » ‎ Packet Storm Security Advisories
  The 2Wire Broadband Router suffers from a session hijacking vulnerability.

  Tags:  txt wire broadband session-hijacking broadband-router hijack  

• June 16, 2010
• 0:00

  Vuln: OpenSSH 'X11UseLocalhost' X11 Forwarding Session Hijacking Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  OpenSSH 'X11UseLocalhost' X11 Forwarding Session Hijacking Vulnerability

  Tags:  forwarding uselocalhost openssh vulnerability session-hijacking  

• February 26, 2010
• 12:00

  cybershadecms-insecure.txt

   » ‎ Packet Storm Security Recent Files
  Cybershade CMS version 0.2b suffers from a session hijacking vulnerability.

  Tags:  txt cybershade cms session-hijacking vulnerability  

• 12:00

  cybershadecms-insecure.txt

   » ‎ Packet Storm Security Exploits
  Cybershade CMS version 0.2b suffers from a session hijacking vulnerability.

  Tags:  txt cybershade cms session-hijacking vulnerability  

• February 12, 2010
• 0:00

  Vuln: AjaxTerm 'ajaxterm.js' Session Hijacking Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  AjaxTerm 'ajaxterm.js' Session Hijacking Vulnerability

  Tags:  hijacking ajaxterm session vulnerability session-hijacking  

• February 11, 2010
• 15:00

  Bugtraq: [SECURITY] [DSA 1994-1] New ajaxterm packages fix session hijacking

   » ‎ SecurityFocus Vulnerabilities
  [SECURITY] [DSA 1994-1] New ajaxterm packages fix session hijacking

  Tags:  security new dsa session-hijacking