Fedora Update for pam_yubico FEDORA-2011-15580

Check for the Version of pamyubico OpenVAS Vulnerability Test Fedora Update for pamyubico FEDORA-2011-15580 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Debian: Security Advisory (DSA-2279-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DSA-2279-1 libapache2-mod-authnz-external - SQL injection

Bulletin has no description...

DSA-1978-1 phpgroupware - several vulnerabilities

Bulletin has no description...

CVE-2009-4527

CVE-2009-4527 concerns the Drupal Shibboleth authentication module. The affected components are Shibboleth module versions 5.x before 5.x-3.4 and 6.x before 6.x-3.2. The root cause is that statically granted privileges are not properly removed after a logout or session change, allowing physically...

Ubuntu USN-828-1 (pam)

The remote host is missing an update to pam announced via advisory USN-828-1. OpenVAS Vulnerability Test $Id: ubuntu8281.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu8281.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-828-1 pam Authors: Thomas Reinke...

[SECURITY] Fedora 10 Update: pam_krb5-2.3.5-1.fc10

This is pamkrb5, a pluggable authentication module that can be used with Linux-PAM and Kerberos 5. This module supports password checking, ticket creation, and optional TGT verification and conversion to Kerberos IV ticke ts. The included pamkrb5afs module also gets AFS tokens if so configured...

DEBIAN-CVE-2009-1273

pamssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames...

Fedora Update for pam_krb5 FEDORA-2008-8618

Check for the Version of pamkrb5 OpenVAS Vulnerability Test Fedora Update for pamkrb5 FEDORA-2008-8618 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

DEBIAN-CVE-2009-0360

Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid...

Retrospect Backup Server < 7.6 Authentication Module Password Hash Disclosure (ESA-08-009)

Binary data 4607.prm...

Retrospect Backup Server Authentication Module Password Hash Weakness (ESA-08-009)

According to its version number, the Authentication Module in the Retrospect Backup Server installed on the remote host uses a weak hash algorithm to hash a user's password, which could allow a remote attacker to gain control of a client's machine. C Tenable Network Security, Inc...

CVE-2006-0736

CVE-2006-0736 is a stack-based buffer overflow in the pam_micasa PAM authentication module of CASA, affecting Novell Linux Desktop 9 and Open Enterprise Server 1. The vulnerability allows remote code execution and could grant root access, via remote vectors. The SUSE advisory SUSE-SA:2006:010 con...

Update Protection against A Format String Vulnerability in mod_auth_pgsql for Apache

A vulnerability exists in multiple versions of an authentication module modauthpgsql for Apache httpd. To exploit this vulnerability, a user can supply specially crafted information to trigger a flaw in certain logging functions of the module. Successful exploitation could result in the execution...

Debian DSA-785-1 : libpam-ldap - authentication bypass

It has been discovered that libpam-ldap, the Pluggable Authentication Module allowing LDAP interfaces, ignores the result of an attempt to authenticate against an LDAP server that does not set an optional data field. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

[SECURITY] [DSA 785-1] New libpam-ldap packages fix authentication bypass

-------------------------------------------------------------------------- Debian Security Advisory DSA 785-1 [email protected] http://www.debian.org/security/ Martin Schulze August 25th, 2005 http://www.debian.org/security/faq -...

GLSA-200506-02 : Mailutils: SQL Injection

The remote host is affected by the vulnerability described in GLSA-200506-02 Mailutils: SQL Injection When GNU Mailutils is built with the 'mysql' or 'postgres' USE flag, the sqlescapestring function of the authentication module fails to properly escape the '' character, rendering it vulnerable t...

Mailutils: SQL Injection

Background GNU Mailutils is a collection of mail-related utilities. Description When GNU Mailutils is built with the "mysql" or "postgres" USE flag, the sqlescapestring function of the authentication module fails to properly escape the "" character, rendering it vulnerable to a SQL command...

CVE-2005-1824

The sqlescapestring function in auth/sql.c for the mailutils SQL authentication module does not properly quote the "" backslash character, which is used as an escape character and makes the module vulnerable to SQL injection attacks...

CVE-2005-1824

The sqlescapestring function in auth/sql.c for the mailutils SQL authentication module does not properly quote the "" backslash character, which is used as an escape character and makes the module vulnerable to SQL injection attacks...