CVE-2008-0887

gnome-screensaver before 2.22.1, when a remote authentication server is enabled, crashes upon an unlock attempt during a network outage, which allows physically proximate attackers to gain access to the locked session, a related issue to CVE-2007-1859...

CVE-2008-0887

gnome-screensaver before 2.22.1, when a remote authentication server is enabled, crashes upon an unlock attempt during a network outage, which allows physically proximate attackers to gain access to the locked session, a related issue to CVE-2007-1859...

gnome-screensaver using NIS auth will unlock if NIS goes away

gnome-screensaver before 2.22.1, when a remote authentication server is enabled, crashes upon an unlock attempt during a network outage, which allows physically proximate attackers to gain access to the locked session, a related issue to CVE-2007-1859...

CVE-2007-4961

The logintosimulator method in Linden Lab Second Life, as used by the secondlife:// protocol handler and possibly other Second Life login mechanisms, sends an MD5 hash in cleartext in the passwd field, which allows remote attackers to login to an account by sniffing the network and then sending...

Authentication flaw

The logintosimulator method in Linden Lab Second Life, as used by the secondlife:// protocol handler and possibly other Second Life login mechanisms, sends an MD5 hash in cleartext in the passwd field, which allows remote attackers to login to an account by sniffing the network and then sending...

CVE-2007-4961

The logintosimulator method in Linden Lab Second Life, as used by the secondlife:// protocol handler and possibly other Second Life login mechanisms, sends an MD5 hash in cleartext in the passwd field, which allows remote attackers to login to an account by sniffing the network and then sending...

PT-2007-6075 · Linden · Second Life

Name of the Vulnerable Software and Affected Versions: Linden Lab Second Life affected versions not specified Description: The issue concerns the login to simulator method, which sends an MD5 hash in cleartext in the passwd field. This allows remote attackers to login to an account by sniffing th...

Juniper SBR V 6.0.1 CRL-Checking problem

We tried to setup crl-checking on den sbr v 6.0.1 Steel Belted RADIUS. The URL socket is located on the RSA Authenticationsever V 6.7. Radius authentication via EAP TLS should not work because the SBR got a "CRL Fetch: HTTP socket connect failure from one of...

SUSE-SA:2006:019: freeradius

The remote host is missing the patch for the advisory SUSE-SA:2006:019 freeradius. Insufficient input validation was being done in the EAP-MSCHAPv2 state machine of the FreeRADIUS authentication server. A malicious attacker could manipulate their EAP-MSCHAPv2 client state machine to potentially...

CVE-2006-0956

Removed by vendor...

CVE-2003-1009

Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges...

Important: Red Hat Security Advisory: ypserv security update

Updated ypserv packages which fix a memory leak are now available for Red Hat Linux Advanced Server. Updated 08 Jan 2003 Added fixed packages for the Itanium IA64 architecture. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 ypserv is an NIS authentication server. ypserv...

Important: Red Hat Security Advisory: : Updated ypserv packages fixes memory leak

Updated ypserv packages which fix a memory leak are now available for Red Hat Linux 7.x and 6.2. ypserv is an NIS authentication server. ypserv versions before 2.5 contain a memory leak that can be triggered remotely. When someone requests a map that doesn't exist, a previous mapname may be leake...

SuSE Security Announcement: heimdal (SuSE-SA:2002:034)

-----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: heimdal Announcement-ID: SuSE-SA:2002:034 Date: Mon Sep 30 17:00:00 CEST 2002 Affected products: SuSE Linux 7.2, 7.3, 8.0, SuSE eMail Server, SuSE Linux Connectivity Server, SuSE Linux Enterprise Server 7, SuSE Linux Office...

VMware GSX Server 2.0 - Authentication Server Buffer Overflow

VMware GSX Server 2.0 - Authentication Server Buffer Overflow // source: https://www.securityfocus.com/bid/5294/info VMWare GSX Server ships with an authentication server. The server is vulnerable to a buffer overflow related to handling of the argument to the "GLOBAL" command. While attackers mu...

VMware GSX Server 2.0 - Authentication Server Buffer Overflow

// source: https://www.securityfocus.com/bid/5294/info VMWare GSX Server ships with an authentication server. The server is vulnerable to a buffer overflow related to handling of the argument to the "GLOBAL" command. While attackers must be authenticated before the command can be issued, default...