Authen::externalauth Security Vulnerabilities

CyberArk Credential File Insufficient Effective Key Space

Vulnerability Details Affected Vendor: CyberArk Affected Product: Application Access Manager/Credential Provider Affected Version: Prior to 12.1 Platform: Linux/Windows/zOS CWE Classification: CWE-326: Inadequate Encryption Strength CVE ID: CVE-2021-31796 Vulnerability Description CyberArk...

Exploit for Missing Authorization in Citrix Application Delivery Controller Firmware

Citrix ADC RCE 0x01 CreateSession request ```...

Debian: Security Advisory (DLA-988-1)

The remote host is missing an update for the...

Updated rt/perl-Encode packages fix security vulnerability

RT 4.0.0 and above are vulnerable to a limited privilege escalation leading to unauthorized modification of ticket data. The DeleteTicket right and any custom lifecycle transition rights may be bypassed by any user with ModifyTicket (CVE-2012-4733). RT 3.8.0 and above include a version of bin/rt...

CVE-2017-5361

Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 does not use a constant-time comparison algorithm for secrets, which makes it easier for remote attackers to obtain sensitive user password information via a timing side-channel...

Debian DLA-988-1 : rt-authen-externalauth security update

It was discovered that RT::Authen::ExternalAuth, an external authentication module for Request Tracker, is vulnerable to timing side-channel attacks for user passwords. Only ExternalAuth in DBI (database) mode is vulnerable. For Debian 7 'Wheezy', these problems have been fixed in version...

[SECURITY] [DLA 988-1] rt-authen-externalauth security update

Package : rt-authen-externalauth Version : 0.10-4+deb7u1 CVE ID : CVE-2017-5361 It was discovered that RT::Authen::ExternalAuth, an external authentication module for Request Tracker, is vulnerable to timing side-channel attacks for user passwords. Only ExternalAuth in DBI...

Debian DSA-3883-1 : rt-authen-externalauth - security update

It was discovered that RT::Authen::ExternalAuth, an external authentication module for Request Tracker, is vulnerable to timing side-channel attacks for user passwords. Only ExternalAuth in DBI (database) mode is...

FreeBSD : rt and dependent modules -- multiple security vulnerabilities (7a92e958-5207-11e7-8d7c-6805ca0b3d42)

BestPractical reports : Please reference CVE/URL list for...

[SECURITY] [DSA 3883-1] rt-authen-externalauth security update

Debian Security Advisory DSA-3883-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 15, 2017 https://www.debian.org/security/faq Package : rt-authen-externalauth CVE ID : CVE-2017-5361 It...

[SECURITY] [DSA 3883-1] rt-authen-externalauth security update

Debian Security Advisory DSA-3883-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 15, 2017 https://www.debian.org/security/faq Package : rt-authen-externalauth CVE ID : CVE-2017-5361 It...

[SECURITY] [DSA 3882-1] request-tracker4 security update

Debian Security Advisory DSA-3882-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 15, 2017 https://www.debian.org/security/faq Package : request-tracker4 CVE ID : CVE-2016-6127...

Debian Security Advisory DSA 3883-1 (rt-authen-externalauth - security update)

It was discovered that RT::Authen::ExternalAuth, an external authentication module for Request Tracker, is vulnerable to timing side-channel attacks for user passwords. Only ExternalAuth in DBI (database) mode is...

rt-authen-externalauth - security update

Bulletin has no...

rt and dependent modules -- multiple security vulnerabilities

BestPractical reports: Please reference CVE/URL list for...

rt-authen-externalauth - security update

Bulletin has no...

Debian: Security Advisory (DSA-3883-1)

The remote host is missing an update for the...

2Moons - Multiple Vulnerabilities

2Moons - Multiple...

2Moons - Multiple Vulnerabilities

...

Fedora Update for perl-RT-Authen-ExternalAuth FEDORA-2012-11337

Check for the Version of...

Fedora Update for perl-RT-Authen-ExternalAuth FEDORA-2012-11337

The remote host is missing an update for...

CVE-2012-2770

The Authen::ExternalAuth extension before 0.11 for Best Practical Solutions RT allows remote attackers to obtain a logged-in session via unspecified vectors related to the "URL of a RSS feed of the...

CVE-2012-2770

The Authen::ExternalAuth extension before 0.11 for Best Practical Solutions RT allows remote attackers to obtain a logged-in session via unspecified vectors related to the "URL of a RSS feed of the...

Design/Logic Flaw

The Authen::ExternalAuth extension before 0.11 for Best Practical Solutions RT allows remote attackers to obtain a logged-in session via unspecified vectors related to the "URL of a RSS feed of the...

CVE-2012-2770

The Authen::ExternalAuth extension before 0.11 for Best Practical Solutions RT allows remote attackers to obtain a logged-in session via unspecified vectors related to the "URL of a RSS feed of the...

CVE-2012-2770

The Authen::ExternalAuth extension before 0.11 for Best Practical Solutions RT allows remote attackers to obtain a logged-in session via unspecified vectors related to the "URL of a RSS feed of the user." Bugs ...

Fedora Update for perl-RT-Authen-ExternalAuth FEDORA-2012-11360

The remote host is missing an update for...

Fedora Update for perl-RT-Authen-ExternalAuth FEDORA-2012-11360

Check for the Version of...

FreeBSD Ports: p5-RT-Authen-ExternalAuth

The remote host is missing an update to the system as announced in the referenced...

FreeBSD Ports: p5-RT-Authen-ExternalAuth

The remote host is missing an update to the system as announced in the referenced...

Fedora 17 : perl-RT-Authen-ExternalAuth-0.11-1.fc17 (2012-11337)

update to 0.11 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Fedora 16 : perl-RT-Authen-ExternalAuth-0.11-1.fc16 (2012-11360)

update to 0.11 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

[SECURITY] Fedora 17 Update: perl-RT-Authen-ExternalAuth-0.11-1.fc17

A complete package for adding external authentication mechanisms to RT. It currently supports LDAP via Net::LDAP and External Database authentication for any database with an installed DBI...

[SECURITY] Fedora 16 Update: perl-RT-Authen-ExternalAuth-0.11-1.fc16

A complete package for adding external authentication mechanisms to RT. It currently supports LDAP via Net::LDAP and External Database authentication for any database with an installed DBI...

FreeBSD : p5-RT-Authen-ExternalAuth -- privilege escalation (cdc4ff0e-d736-11e1-8221-e0cb4e266481)

The RT development team reports : RT::Authen::ExternalAuth 0.10 and below (for all versions of RT) are vulnerable to an escalation of privilege attack where the URL of a RSS feed of the user can be used to acquire a fully logged-in session as that user. CVE-2012-2770 has been assigned to this...

p5-RT-Authen-ExternalAuth -- privilege escalation

The RT development team reports: RT::Authen::ExternalAuth 0.10 and below (for all versions of RT) are vulnerable to an escalation of privilege attack where the URL of a RSS feed of the user can be used to acquire a fully logged-in session as that user. ...