Lucene search
K

407 matches found

Fedora
Fedora
added 2010/08/30 6:27 p.m.27 views

[SECURITY] Fedora 12 Update: php-pear-CAS-1.1.2-1.fc12

This package is a PEAR library for using a Central Authentication Service...

4CVSS3.1AI score0.02517EPSS
Exploits0
Fedora
Fedora
added 2010/08/30 6:26 p.m.22 views

[SECURITY] Fedora 13 Update: php-pear-CAS-1.1.2-1.fc13

This package is a PEAR library for using a Central Authentication Service...

4CVSS3.1AI score0.02517EPSS
Exploits0
OSV
OSV
added 2010/02/22 1:0 p.m.2 views

DEBIAN-CVE-2010-0283

The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid 1 AS-REQ or 2 TGS-REQ request...

7.8CVSS7.8AI score0.02429EPSS
Exploits0References1
Prion
Prion
added 2009/12/09 6:30 p.m.23 views

Memory corruption

The Internet Authentication Service IAS in Microsoft Windows Vista SP2 and Server 2008 SP2 does not properly validate MS-CHAP v2 Protected Extensible Authentication Protocol PEAP authentication requests, which allows remote attackers to execute arbitrary code via crafted structures in a malformed...

10CVSS8.3AI score0.31611EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2009/12/09 6:0 p.m.93 views

CVE-2009-3677

CVE-2009-3677 describes an elevation-of-privilege bypass in the Internet Authentication Service (IAS) used by Microsoft Windows products. The issue arises because MS-CHAP v2 authentication requests sent over PEAP are not properly validated, allowing remote attackers to gain access to network reso...

10CVSS6.5AI score0.2182EPSS
Exploits1References4Affected Software5
CVE
CVE
added 2009/12/09 6:0 p.m.86 views

CVE-2009-2505

CVE-2009-2505 is a remote code execution flaw in Internet Authentication Service (IAS) on Windows Vista SP2 and Windows Server 2008 SP2, caused by improper validation during MS-CHAP v2 over PEAP. The vulnerability stems from incorrect memory handling when processing PEAP authentication requests, ...

10CVSS7.6AI score0.31611EPSS
Exploits1References4Affected Software2
OpenVAS
OpenVAS
added 2009/12/09 12:0 a.m.34 views

Microsoft Windows IAS Remote Code Execution Vulnerability (974318)

This host is missing a critical security update according to Microsoft Bulletin MS09-071. OpenVAS Vulnerability Test $Id: secpodms09-071.nasl 5934 2017-04-11 12:28:28Z antu123 $ Microsoft Windows IAS Remote Code Execution Vulnerability 974318 Authors: Antu Sanadi Updated By: Madhuri D on 2010-11-...

10CVSS0.4AI score0.31611EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2009/12/08 12:0 a.m.63 views

MS09-071: Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution (974318)

The remote Windows host has the following vulnerabilities in the Internet Authentication Service : - There is a memory corruption vulnerability in the PEAP authentication implementation. A remote, unauthenticated attacker could exploit this to execute arbitrary code as SYSTEM. CVE-2009-2505 -...

10CVSS6.2AI score0.31611EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.19 views

Ubuntu 6.06 LTS / 7.10 : gnome-screensaver vulnerabilities (USN-669-1)

It was discovered that the notify feature in gnome-screensaver could let a local attacker read the clipboard contents of a locked session by using Ctrl-V. CVE-2007-6389 Alan Matsuoka discovered that gnome-screensaver did not properly handle network outages when using a remote authentication...

4.7CVSS5.4AI score0.01336EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.30 views

Ubuntu Update for gnome-screensaver vulnerabilities USN-669-1

Ubuntu Update for Linux kernel vulnerabilities USN-669-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6691.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for gnome-screensaver vulnerabilities USN-669-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

4.7CVSS6.5AI score0.01336EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.18 views

CentOS Update for krb5 CESA-2008:0181-01 centos2 i386

Check for the Version of krb5 OpenVAS Vulnerability Test CentOS Update for krb5 CESA-2008:0181-01 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

9.3CVSS0.10141EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.26 views

CentOS Update for krb5 CESA-2008:0181-01 centos2 i386

Check for the Version of krb5 OpenVAS Vulnerability Test CentOS Update for krb5 CESA-2008:0181-01 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

9.3CVSS0.10141EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2008/11/11 6:49 p.m.52 views

USN-669-1: gnome-screensaver vulnerabilities

It was discovered that the notify feature in gnome-screensaver could let a local attacker read the clipboard contents of a locked session by using Ctrl-V. CVE-2007-6389 Alan Matsuoka discovered that gnome-screensaver did not properly handle network outages when using a remote authentication...

4.7CVSS5.4AI score0.01336EPSS
Exploits4
NVD
NVD
added 2008/09/29 5:17 p.m.14 views

CVE-2008-4299

A certain ActiveX control in the Microsoft Internet Authentication Service IAS Helper COM Component in iashlpr.dll allows remote attackers to cause a denial of service browser crash via a large integer value in the first argument to the PutProperty method. NOTE: this issue was disclosed by an...

5CVSS6.6AI score0.15858EPSS
Exploits0References3
Prion
Prion
added 2008/09/29 5:17 p.m.11 views

Design/Logic Flaw

A certain ActiveX control in the Microsoft Internet Authentication Service IAS Helper COM Component in iashlpr.dll allows remote attackers to cause a denial of service browser crash via a large integer value in the first argument to the PutProperty method. NOTE: this issue was disclosed by an...

5CVSS7.1AI score0.15858EPSS
Exploits0References3
CVE
CVE
added 2008/09/29 5:0 p.m.41 views

CVE-2008-4299

The CVE-2008-4299 entry concerns a vulnerability in the Microsoft Internet Authentication Service (IAS) Helper COM Component, specifically the iashlpr.dll ActiveX control. The issue allows remote attackers to trigger a denial of service (browser crash) by passing an excessively large integer as t...

5CVSS6.6AI score0.15858EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2008/09/29 5:0 p.m.22 views

CVE-2008-4299

A certain ActiveX control in the Microsoft Internet Authentication Service IAS Helper COM Component in iashlpr.dll allows remote attackers to cause a denial of service browser crash via a large integer value in the first argument to the PutProperty method. NOTE: this issue was disclosed by an...

6.6AI score0.15858EPSS
Exploits0References3
Prion
Prion
added 2007/06/12 11:30 p.m.12 views

Default credentials

NMASINST in Novell Modular Authentication Service NMAS 3.1.2 and earlier on NetWare logs its invoking command line to NMASINST.LOG, which might allow local users to obtain the admin username and password by reading this file...

4.9CVSS7.1AI score0.00345EPSS
Exploits0References7Affected Software1
securityvulns
securityvulns
added 2006/05/09 12:0 a.m.45 views

SYMSA-2006-003: Cisco Secure ACS for Windows - Administrator Password Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research https://www.symantec.com/research Security Advisory Advisory ID : SYMSA-2006-003 Advisory Title: Cisco Secure ACS for Windows - Administrator Password Disclosure Author : Andreas Junestam Release Date : 05-08-2006...

7.2CVSS1.4AI score0.00361EPSS
Exploits0
securityvulns
securityvulns
added 2006/05/09 12:0 a.m.32 views

Re: SYMSA-2006-003: Cisco Secure ACS for Windows - Administrator Password Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Response ============== This is Cisco PSIRT's response to the statements made by Symantec in its advisory: SYMSA-2006-003, posted on May 8, 2006. The original email/advisory is available at:...

1.4AI score
Exploits0
Rows per page
Query Builder