[RT-SA-2023-001] Session Token Enumeration in RWS WorldServer

Read Time:21 Second

Posted by RedTeam Pentesting GmbH on Jul 19

Advisory: Session Token Enumeration in RWS WorldServer

Session tokens in RWS WorldServer have a low entropy and can be
enumerated, leading to unauthorised access to user sessions.

Details
=======

Product: WorldServer
Affected Versions: 11.7.3 and earlier versions
Fixed Version: 11.8.0
Vulnerability Type: Session Token Enumeration
Security Risk: high
Vendor URL: https://www.rws.com/localization/products/additional-solutions/
Vendor Status:…

USN-7028-1: Linux kernel vulnerabilities

It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local...

September 23, 2024

python-zipp-0.5.1-4.el8

FEDORA-EPEL-2024-d7489f4064 Packages in this update: python-zipp-0.5.1-4.el8 Update description: Security fix for CVE-2024-5569 (rhbz#2297119) Read More

September 23, 2024