Lucene search
+L

115 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.3 views

SUSE CVE-2006-1721

digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer SASL library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service segmentation fault via malformed inputs in DIGEST-MD5 negotiation...

2.6CVSS7.1AI score0.0243EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.7 views

SUSE CVE-2013-0249

Stack-based buffer overflow in the Curlsaslcreatedigestmd5message function in lib/curlsasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long string...

7.5CVSS8.3AI score0.22913EPSS
Exploits6References3
Rockylinux
Rockylinux
added 2022/05/17 7:13 a.m.16 views

new packages: perl-Digest-MD5

An update is available for perl-Digest-MD5. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

2.2AI score
Exploits0
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.27 views

Slackware: Security Advisory (SSA:2013-038-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.22913EPSS
Exploits6References2
OSV
OSV
added 2021/07/26 7:15 a.m.84 views

UBUNTU-CVE-2021-33900

While investigating DIRSTUDIO-1219 it was noticed that configured StartTLS encryption was not applied when any SASL authentication mechanism DIGEST-MD5, GSSAPI was used. While investigating DIRSTUDIO-1220 it was noticed that any configured SASL confidentiality layer was not applied. This issue...

7.5CVSS7.1AI score0.00793EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/07/26 12:0 a.m.46 views

Apache Directory Studio 安全漏洞

Apache Directory Studio is a complete directory tool platform from the Apache Foundation USA, designed to be used with any LDAP server, but it is specifically designed for use with ApacheDS. A security vulnerability exists in Apache Directory Studio version 2.0.0.v20210213-M16 and prior versions...

7.5CVSS7.2AI score0.00793EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2020/11/03 12:31 p.m.20 views

new module: perl:5.30

An update is available for perl-Pod-Perldoc, perl-DBI, perl-Pod-Escapes, perl-Devel-PPPort, perl-Pod-Usage, perl-Sub-Exporter, perl-perlfaq, perl-Object-HashBase, perl-CPAN-Meta-YAML, perl-Digest, perl-podlators, perl-bignum, perl-Text-ParseWords, perl-Text-Template, perl-DBD-MySQL, perl-Text-Glo...

1.8AI score
Exploits0
NVD
NVD
added 2019/11/09 4:15 a.m.24 views

CVE-2009-5004

qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use...

6.5CVSS6.5AI score0.02559EPSS
Exploits0References4
Prion
Prion
added 2019/11/09 4:15 a.m.16 views

Code injection

qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use...

4CVSS7.1AI score0.02559EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2019/11/09 3:1 a.m.209 views

CVE-2009-5004

CVE-2009-5004 : In qpid-cpp 1.0, a crash occurs when a large message is sent while the Digest-MD5 mechanism with a security layer is in use. This is the only concrete detail available in the provided docs; no exploitation, mitigation, or affected version ranges are specified beyond this descripti...

6.5CVSS6.5AI score0.02559EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2015/10/30 10:6 a.m.28 views

CVE-2005-0373

Buffer overflow in digestmd5.c CVS release 1.170 also referred to as digestmda5.c, as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code...

7.5CVSS8AI score0.03924EPSS
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.48 views

cURL Buffer Overflow Vulnerability

No description provided by source. cURL buffer overflow Wed 06 February 2013 Volema found remotely exploitable buffer overflow vulnerability in libcurl POP3, SMTP protocol handlers which lead to code execution RCE. When negotiating SASL DIGEST-MD5 authentication, the function...

7.5CVSS0.1AI score0.22913EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

MemHT Portal <= 4.0.1 (pvtmsg) Delete All Private Messages Exploit

No description provided by source. !/usr/bin/perl MemHT Portal = 4.0.1 pvtmsg Delete All Private Messages Exploit by yeat - stakerathotmaildotit Details; Note: 1- works regardless of php.ini settings. 2- blind sql injection benchmark method is possible. 3- don't add me on msn messenger. 4- Thanks...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.40 views

WordPress <= 1.5.1.1 "add new admin" SQL Injection Exploit

No description provided by source. !/usr/bin/perl WordPress = 1.5.1.1 sql injection add new admin exploit by RST/GHC , http://rst.void.ru , http://ghc.ru coded by 1dt.w0lf use LWP::UserAgent; use Getopt::Std; use HTTP::Cookies; use Digest::MD5 qwmd5hex; getopts'h:p:'; $path = $opth; $pref = $optp...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.36 views

Wordpress <= 1.5.1.2 xmlrpc Interface SQL Injection Exploit

No description provided by source. !/usr/bin/perl -w sorry for the late posting, had to test it. /str0ke Wordpress 1.5.1.2 Strayhorn // XMLRPC Interface SQL Injection By James Bercegay // http://www.gulftech.org/ // June 21 2005 Quick and dirty proof of concept that uses the XML RPC server...

7.1AI score
Exploits0
OSV
OSV
added 2013/03/08 10:55 p.m.10 views

CVE-2013-0249

Stack-based buffer overflow in the Curlsaslcreatedigestmd5message function in lib/curlsasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long string...

7.5CVSS7.9AI score0.22913EPSS
Exploits6References13
Debian CVE
Debian CVE
added 2013/03/08 10:0 p.m.26 views

CVE-2013-0249

Stack-based buffer overflow in the Curlsaslcreatedigestmd5message function in lib/curlsasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long string...

7.5CVSS8.6AI score0.22913EPSS
Exploits6
Check Point Advisories
Check Point Advisories
added 2013/02/27 12:0 a.m.26 views

cURL and libcurl MD5 Digest Buffer Overflow (CVE-2013-0249)

The vulnerability is due to an error in Curlsaslcreatedigestmd5message while negotiating SASL DIGEST-MD5 authentication. A remote attacker can exploit this vulnerability by enticing a user to connect to a malicious server. This can lead to code execution in the context of the affected application...

7.5CVSS6.8AI score0.22913EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2013/02/25 12:0 a.m.37 views

Fedora 18 : curl-7.27.0-6.fc18 (2013-2098)

fix buffer overflow when negotiating SASL DIGEST-MD5 auth CVE-2013-0249 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS7.8AI score0.22913EPSS
Exploits6References3
exploitpack
exploitpack
added 2013/02/11 12:0 a.m.44 views

cURL - Buffer Overflow (PoC)

cURL - Buffer Overflow PoC cURL buffer overflow Wed 06 February 2013 Volema found remotely exploitable buffer overflow vulnerability in libcurl POP3, SMTP protocol handlers which lead to code execution RCE. When negotiating SASL DIGEST-MD5 authentication, the function Curlsaslcreatedigestmd5messa...

7.5CVSS0.3AI score0.22913EPSS
Exploits6
Rows per page
Query Builder