Siteminder Security Vulnerabilities

CVE-2000-0850

Netegrity SiteMinder before 4.11 allows remote attackers to bypass its authentication mechanism by appending "$/FILENAME.ext" (where ext is .ccc, .class, or .jpg) to the requested URL.

CVE-2001-1455

Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to bypass filtering via URLs containing Unicode characters.

CVE-2005-10001

A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redirect. The exploit has been disclosed to the pu...