Berkeley-AL20, Berkeley-BD Security Vulnerabilities
Mandriva Linux Security Advisory : krb5 (MDVSA-2011:160)
Multiple vulnerabilities has been found and corrected in krb5 : The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service...
0.9AI Score
0.738EPSS
The krb5_db2_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4, when the db2 (aka Berkeley DB) back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, a different...
6AI Score
0.147EPSS
The krb5_db2_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4, when the db2 (aka Berkeley DB) back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, a different...
6.4AI Score
0.147EPSS
The krb5_db2_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4, when the db2 (aka Berkeley DB) back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, a different...
6.1AI Score
0.147EPSS
The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related.....
6.4AI Score
0.147EPSS
The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related.....
6AI Score
0.147EPSS
The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash)...
6.9AI Score
0.738EPSS
The krb5_db2_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4, when the db2 (aka Berkeley DB) back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, a different...
6.7AI Score
0.147EPSS
The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related.....
6.1AI Score
0.147EPSS
The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related.....
6.7AI Score
0.147EPSS
The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash)...
5.9AI Score
0.738EPSS
The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash)...
6.4AI Score
0.738EPSS
The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash)...
6AI Score
0.738EPSS
The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related.....
6.2AI Score
0.147EPSS
The krb5_db2_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4, when the db2 (aka Berkeley DB) back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, a different...
6.2AI Score
0.147EPSS
The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash)...
6.1AI Score
0.738EPSS
The krb5_db2_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4, when the db2 (aka Berkeley DB) back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, a different...
6.3AI Score
0.147EPSS
RHEL 6 : krb5 (RHSA-2011:1379)
Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are...
0.2AI Score
0.738EPSS
The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash)...
6AI Score
0.738EPSS
(RHSA-2011:1379) Moderate: krb5 security update
Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center (KDC). Multiple NULL pointer dereference and assertion failure flaws were found in the MIT Kerberos KDC when.....
1.9AI Score
0.738EPSS
The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related.....
4.5AI Score
0.147EPSS
SEC Consult Vulnerability Lab Security Advisory < 20111012-0 > title: Client-side remote file upload & command execution product: Microsoft Forefront Unified Access Gateway Remote Access Agent (signed Java applet) vulnerable version: 4.0.0.1 ...
0.1AI Score
0.539EPSS
! usr/bin/php-w <? php error_reporting(E_ERROR); set_time_limit(0); print_r(' DEDEcms Variable Coverage Exploit Author: www.heixiaozi.com www.webvul.com ); echo "\r\n"; if($argv[2]==null){ print_r(' +---------------------------------------------------------------------------+ Usage: php '.$...
0.3AI Score
DeDeCMS(织梦) 变量覆盖(CVE-2015-4553)
简要描述: 1.受影响版本DEDECMS 5.7、5.6、5.5。 2.漏洞文件/include/common.inc.php 3.DEDECMS的全局变量初始化存在漏洞,可以任意覆盖任意全局变量。 漏洞危害: 1.黑客可以通过此漏洞来重定义数据库连接。...
-0.5AI Score
0.916EPSS
dede variables covering 0day getshell a exp-vulnerability warning-the black bar safety net
Author: the Black kid dede recently the explosion of the cave, but the exp is also pretty practical huh! 0 1 #! usr/bin/php-w 0 2 <? php 0 3 error_reporting(E_ERROR); 0 4 set_time_limit(0); 0 5 print_r(' 0 6 DEDEcms Variable Coverage 0 7 Exploit Author: www.heixiaozi.com www.webvul.com 0 8 ); 0 ...
0.6AI Score
The Past, Present and Future of Software Security
Perhaps no segment of the security industry has evolved more in the last decade than the discipline of software security. At the start of the 2000s, software security was a small, arcane field that often was confused with security software. But several things happened in the early part of the...
AI Score
-0.1AI Score
0.691EPSS
[SECURITY] Fedora 14 Update: cups-1.4.8-2.fc14
The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line...
4.2AI Score
0.691EPSS
-0.3AI Score
0.018EPSS
[SECURITY] Fedora 16 Update: cups-1.5.0-6.fc16
The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line...
4.2AI Score
0.018EPSS
[SECURITY] Fedora 15 Update: cups-1.4.8-2.fc15
The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line...
4.2AI Score
0.018EPSS
DEDECMS free account password directly into the background-bug warning-the black bar safety net
As is well known, due to the use of simple, customer base, and more, weaving dreams CMS has been broke manyvulnerabilities. Today xiaobian in the group to get the woven dream official forum, a moderator and reliable message:“DEDECMS explosion serious securityvulnerability, the recent official will....
AI Score
CentOS Update for bind CESA-2009:0020 centos4 i386
The remote host is missing an update for...
7.2AI Score
0.019EPSS
CentOS Update for bind CESA-2009:1181 centos3 i386
The remote host is missing an update for...
7.9AI Score
0.965EPSS
CentOS Update for bind CESA-2009:1180 centos4 i386
The remote host is missing an update for...
7.9AI Score
0.965EPSS
CentOS Update for bind CESA-2010:0976 centos5 i386
The remote host is missing an update for...
8.8AI Score
0.054EPSS
CentOS Update for bind97 CESA-2011:0926 centos5 i386
The remote host is missing an update for...
8.8AI Score
0.058EPSS
-0.2AI Score
0.965EPSS
-0.4AI Score
0.019EPSS
CentOS Update for nss_db CESA-2010:0347 centos5 i386
The remote host is missing an update for...
6.5AI Score
0.0004EPSS
-0.8AI Score
0.943EPSS
-0.8AI Score
0.058EPSS
-0.2AI Score
0.013EPSS
CentOS Update for bind CESA-2009:0020-01 centos2 i386
The remote host is missing an update for...
7.2AI Score
0.019EPSS
-0.4AI Score
0.965EPSS
CentOS Update for bind97 CESA-2011:0845 centos5 i386
The remote host is missing an update for...
8.8AI Score
0.943EPSS
CentOS Update for bind CESA-2010:0062 centos5 i386
The remote host is missing an update for...
8.1AI Score
0.013EPSS
CentOS Update for bind CESA-2009:0020 centos3 i386
The remote host is missing an update for...
7.2AI Score
0.019EPSS
CentOS Update for bind CESA-2009:0020 centos5 i386
The remote host is missing an update for...
7.2AI Score
0.019EPSS
-0.1AI Score
0.054EPSS