Lucene search
K

939 matches found

Cvelist
Cvelist
added 2010/02/04 7:0 p.m.27 views

CVE-2010-0550

admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy...

6.3AI score0.0109EPSS
Exploits0References5
securityvulns
securityvulns
added 2010/01/28 12:0 a.m.27 views

Geo++ GNCASTER multiple security vulnerabilities

Weak Digest authentication, buffer overflow, DoS...

3.1AI score
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2009/12/03 4:15 a.m.2 views

qpid: large messaages cause crash when using digest-md5 and security layer

qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use...

6.5CVSS6.6AI score0.02559EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.33 views

openSUSE Security Update : libneon-devel (libneon-devel-166)

This update of neon fixes a NULL pointer dereference in the digest authentication code. CVE-2008-3746 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libneon-devel-166. The text description of...

4.3CVSS5.3AI score0.02266EPSS
Exploits0References2
OSV
OSV
added 2009/07/10 3:30 p.m.2 views

DEBIAN-CVE-2009-2422

The example code for the digest authentication functionality httpauthentication.rb in Ruby on Rails before 2.3.3 defines an authenticateorrequestwithhttpdigest block that returns nil instead of false when the user does not exist, which allows context-dependent attackers to bypass authentication f...

9.8CVSS7.3AI score0.03377EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2009/07/10 3:30 p.m.24 views

CVE-2009-2422

The example code for the digest authentication functionality httpauthentication.rb in Ruby on Rails before 2.3.3 defines an authenticateorrequestwithhttpdigest block that returns nil instead of false when the user does not exist, which allows context-dependent attackers to bypass authentication f...

9.8CVSS6.3AI score0.03377EPSS
Exploits1References1
OSV
OSV
added 2009/07/10 3:30 p.m.7 views

CVE-2009-2422

The example code for the digest authentication functionality httpauthentication.rb in Ruby on Rails before 2.3.3 defines an authenticateorrequestwithhttpdigest block that returns nil instead of false when the user does not exist, which allows context-dependent attackers to bypass authentication f...

9.8CVSS9.6AI score
Exploits0References12
Positive Technologies
Positive Technologies
added 2009/07/10 12:0 a.m.4 views

PT-2009-4839 · Ruby · Ruby On Rails

Name of the Vulnerable Software and Affected Versions: Ruby on Rails versions prior to 2.3.3 Description: The issue concerns the digest authentication functionality in Ruby on Rails, where the example code defines an authenticate or request with http digest block that returns nil instead of false...

9.8CVSS4.7AI score0.03377EPSS
Exploits1References16
RubySec
RubySec
added 2009/07/10 12:0 a.m.22 views

High Security Vulnerability with authenticate_with_http_digest of Rails

The example code for the digest authentication functionality httpauthentication.rb in Ruby on Rails before 2.3.3 defines an authenticateorrequestwithhttpdigest block that returns nil instead of false when the user does not exist, which allows context-dependent attackers to bypass authentication f...

9.8CVSS7.5AI score0.03377EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2009/04/09 12:0 a.m.200 views

Geeklog 1.5.2 SQL Injection

= 5.0 google dorks: "By Geeklog" "Created this page in" +seconds +powered "By Geeklog" "Created this page in" +seconds +powered inurl:publichtml vulnerability, see /publichtml/webservices/atom/index.php near lines 34-53: ... requireonce '../../lib-common.php'; if PHPVERSION 5...

0.3AI score
Exploits0
Fedora
Fedora
added 2008/10/16 2:7 a.m.36 views

[SECURITY] Fedora 9 Update: neon-0.28.3-1.fc9

neon is an HTTP and WebDAV client library, with a C interface; providing a high-level interface to HTTP and WebDAV methods along with a low-level interface for HTTP request handling. neon supports persistent connections, proxy servers, basic, digest and Kerberos authentication, and has complete S...

4.3CVSS6.4AI score0.02266EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2008/09/04 7:41 p.m.30 views

CVE-2008-3903

Asterisk Open Source 1.2.x before 1.2.32, 1.4.x before 1.4.24.1, and 1.6.0.x before 1.6.0.8; Asterisk Business Edition A.x.x, B.x.x before B.2.5.8, C.1.x.x before C.1.10.5, and C.2.x.x before C.2.3.3; s800i 1.3.x before 1.3.0.2; and Trixbox PBX 2.6.1, when Digest authentication and authalwaysreje...

3.5CVSS5.9AI score0.01852EPSS
Exploits1References2
OSV
OSV
added 2008/09/04 7:41 p.m.3 views

DEBIAN-CVE-2008-3903

Asterisk Open Source 1.2.x before 1.2.32, 1.4.x before 1.4.24.1, and 1.6.0.x before 1.6.0.8; Asterisk Business Edition A.x.x, B.x.x before B.2.5.8, C.1.x.x before C.1.10.5, and C.2.x.x before C.2.3.3; s800i 1.3.x before 1.3.0.2; and Trixbox PBX 2.6.1, when Digest authentication and authalwaysreje...

3.5CVSS7.1AI score0.01852EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2008/09/04 7:0 p.m.54 views

CVE-2008-3903

Asterisk Open Source 1.2.x before 1.2.32, 1.4.x before 1.4.24.1, and 1.6.0.x before 1.6.0.8; Asterisk Business Edition A.x.x, B.x.x before B.2.5.8, C.1.x.x before C.1.10.5, and C.2.x.x before C.2.3.3; s800i 1.3.x before 1.3.0.2; and Trixbox PBX 2.6.1, when Digest authentication and authalwaysreje...

3.5CVSS6.5AI score0.01852EPSS
Exploits1
Prion
Prion
added 2008/08/27 3:21 p.m.25 views

Null pointer dereference

neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service NULL pointer dereference and crash via vectors related to Digest authentication, Digest domain parameter support, and the parsedomain function...

4.3CVSS6.6AI score0.02266EPSS
Exploits0References18Affected Software1
UbuntuCve
UbuntuCve
added 2008/08/27 3:21 p.m.30 views

CVE-2008-3746

neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service NULL pointer dereference and crash via vectors related to Digest authentication, Digest domain parameter support, and the parsedomain function...

4.3CVSS5.9AI score0.02266EPSS
Exploits0References2
OSV
OSV
added 2008/08/27 3:21 p.m.2 views

DEBIAN-CVE-2008-3746

neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service NULL pointer dereference and crash via vectors related to Digest authentication, Digest domain parameter support, and the parsedomain function...

4.3CVSS6.5AI score0.02266EPSS
Exploits0References1
Cvelist
Cvelist
added 2008/08/27 3:0 p.m.28 views

CVE-2008-3746

neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service NULL pointer dereference and crash via vectors related to Digest authentication, Digest domain parameter support, and the parsedomain function...

6.2AI score0.02266EPSS
Exploits0References18
CVE
CVE
added 2008/08/27 3:0 p.m.70 views

CVE-2008-3746

CVE-2008-3746 - neon vulnerability details (supported by connected docs) Affected software: neon 0.28.0 through 0.28.2. The issue is described across multiple advisories as a denial of service caused by a NULL pointer dereference in the digest authentication code, related to Digest authentication...

4.3CVSS6.2AI score0.02266EPSS
Exploits0References18Affected Software1
Debian CVE
Debian CVE
added 2008/08/27 3:0 p.m.42 views

CVE-2008-3746

neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service NULL pointer dereference and crash via vectors related to Digest authentication, Digest domain parameter support, and the parsedomain function...

4.3CVSS6.1AI score0.02266EPSS
Exploits0
Rows per page
Query Builder