Privilege escalation

An issue was discovered in GNU Hurd before 0.9 20210404-9. The use of an authentication protocol in the proc server is vulnerable to man-in-the-middle attacks, which can be exploited for local privilege escalation to get full root access...

ROS-2-807

2.807 Vulnerability in PPPD CVE-2020-8597 1. Vulnerability Description: The issue CVE-2020-8597 is a stack buffer overflow vulnerability resulting from a logic error in the EAP Extensible Authentication Protocol packet parser in PPPD eaprequest and eapresponse functions in eap.c. The vulnerabilit...

Critical Juniper Bug Allows DoS, RCE Against Carrier Networks

A critical remote code-execution vulnerability in Juniper Networks’ Steel-Belted Radius SBR Carrier Edition lays open wireless carrier and fixed operator networks to tampering. The SBR Carrier server is used by telecom carriers to manage policies for how subscribers access their networks – by...

PT-2021-3765 · Juniper Networks · Sbr Carrier

Name of the Vulnerable Software and Affected Versions: Juniper Networks SBR Carrier versions 8.4.1 through 8.4.1R18 Juniper Networks SBR Carrier versions 8.5.0 through 8.5.0R9 Juniper Networks SBR Carrier versions 8.6.0 through 8.6.0R3 Description: The issue is caused by a stack-based buffer...

The vulnerability in the implementation of the Extensible Authentication Protocol over LAN (EAPOL) on the NetBSD operating system allows a perpetrator to induce a service failure.

The vulnerability of the Extensible Authentication Protocol over LAN EAPOL implementation in the NetBSD operating system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to cause service failures...

DEBIAN-CVE-2020-26139

An issue was discovered in the kernel in NetBSD 7.1. An Access Point AP forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients an...

F5 Big-IP Vulnerable to Security-Bypass Bug

F5 Networks’ Big-IP Application Delivery Services appliance contains a Key Distribution Center KDC spoofing vulnerability, researchers disclosed – which an attacker could use to get past the security measures that protect sensitive workloads. Join Threatpost for “Fortifying Your Business Against...

OESA-2021-1132 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Wireshark, formerly known as Ethereal, can be used to examine the details of traffic at a variety of levels ranging...

PT-2021-2028

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the implementation of the PKU2U authentication protocol in Windows operating systems, specifically concerning access control weaknesses. Exploitation of this issue m...

MIT Kerberos Access Control Error Vulnerability

MIT Kerberos is a Massachusetts Institute of Technology MIT software for authentication in network clusters.Kerberos also serves as a network authentication protocol designed to provide strong authentication services to client/server applications via a key system. An access control error...

Design/Logic Flaw

A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authenticate with the...

CVE-2020-25660

A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authenticate with the...

CVE-2020-25660

The CVE-2020-25660 issue affects Cephx authentication in Ceph versions before 15.2.6 and before 14.2.14, where client verification can be bypassed, enabling replay attacks over the msgr2 protocol (affecting most Ceph communications; msgr1 is unaffected). An attacker with cluster-network access co...

NTLMRawUnHide - A Python3 Script Designed To Parse Network Packet Capture Files And Extract NTLMv2 Hashes In A Crackable Format

NTLMRawUnhide.py is a Python3 script designed to parse network packet capture files and extract NTLMv2 hashes in a crackable format. The tool was developed to extract NTLMv2 hashes from files generated by native Windows binaries like NETSH.EXE and PKTMON.EXE without conversion. The following bina...

Target Credential Status by Authentication Protocol - Valid Credentials Provided

Nessus was able to determine that valid credentials were provided for an authentication protocol available on the remote target because it was able to successfully authenticate directly to the remote target using that authentication protocol at least once. Authentication was successful because th...

CVE-2020-15791

The CVE-2020-15791 entry describes an authentication vulnerability affecting Siemens SIMATIC S7-300/S7-400 CPU families (including related ET200, SIPLUS variants), SIMATIC WinAC RTX (F) 2010, and SINUMERIK 840D sl (all versions). The root cause is an insufficiently protected password in the ISO-T...

DEBIAN-CVE-2020-17497

eapol.c in iNet wireless daemon IWD through 1.8 allows attackers to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4...

DEBIAN-CVE-2020-11086

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlmreadntlmv2clientchallenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0...

The vulnerability of the eap_request and eap_response functions in the PPP (Point-to-Point Protocol) daemon pppd allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the eaprequest and eapresponse functions in the PPP Point-to-Point Protocol daemon pppd protocol is related to buffer overflow vulnerabilities. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code using a specially...

ppp: Buffer overflow in the eap_request and eap_response functions in eap.c

A buffer overflow flaw was found in the ppp package in versions 2.4.2 through 2.4.8. The bounds check for the rhostname was improperly constructed in the EAP request and response functions which could allow a buffer overflow to occur. Data confidentiality and integrity, as well as system...