OpenSSH 'sshd' GSSAPI Credential Disclosure Vulnerability

OpenSSH sshd with GSSAPI enabled is prone to credential disclosure vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

OpenSSH 'sshd' GSSAPI Credential Disclosure Vulnerability

The host is running OpenSSH sshd with GSSAPI enabled and is prone to credential disclosure vulnerability. OpenVAS Vulnerability Test $Id: secpodsshdgssapicredentialdisclosurevuln.nasl 7029 2017-08-31 11:51:40Z teissa $ OpenSSH 'sshd' GSSAPI Credential Disclosure Vulnerability Authors: Antu Sanadi...

CentOS Update for curl CESA-2011:0918 centos4 i386

Check for the Version of curl OpenVAS Vulnerability Test CentOS Update for curl CESA-2011:0918 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

CentOS Update for curl CESA-2011:0918 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for curl CESA-2011:0918 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

OpenSSH DoS

GSSAPI authentication memory exhaustion...

Useless OpenSSH resources exhausion bug via GSSAPI

Name: Useless OpenSSH resources exhausion bug via GSSAPI Author: Adam Zabrocki [email protected] Date: 2008-2009 old useless bug ;P Description: OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that...

Debian: Security Advisory (DSA-2271-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mandriva Update for curl MDVSA-2011:116 (curl)

Check for the Version of curl OpenVAS Vulnerability Test Mandriva Update for curl MDVSA-2011:116 curl Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Mandriva Update for curl MDVSA-2011:116 (curl)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Linux Security Advisory : curl (MDVSA-2011:116)

A vulnerability was discovered and corrected in curl : The Curlinputnegotiate function in httpnegotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients vi...

Fedora 15 : krb5-appl-1.0.1-7.fc15 (2011-9080)

This update corrects a potential failure to properly set the effective group ID in the GSSAPI-capable FTP server MITKRB5-SA-2011-005, CVE-2011-1526. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted t...

PuTTY v.0.61 New Version released After 4 years

PuTTY v.0.61 New Version released After 4 years After four Years, Putty's New version finally Released today.Here are the PuTTY files themselves: PuTTY the Telnet and SSH client itself PSCP an SCP client, i.e. command-line secure file copy PSFTP an SFTP client, i.e. general file transfer sessions...

RedHat Update for curl RHSA-2011:0918-01

Check for the Version of curl OpenVAS Vulnerability Test RedHat Update for curl RHSA-2011:0918-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

DEBIAN-CVE-2011-2192

The Curlinputnegotiate function in httpnegotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests...

CVE-2011-2192

The Curlinputnegotiate function in httpnegotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests...

CVE-2011-2192

The Curlinputnegotiate function in httpnegotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests...

Deserialization of untrusted data

The Curlinputnegotiate function in httpnegotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests...

CVE-2011-2192

The Curlinputnegotiate function in httpnegotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests...

CVE-2011-2192

CVE-2011-2192 affects libcurl 7.10.6–7.21.6 (used by curl and related products): the Curl_input_negotiate function unconditionally delegates GSSAPI credentials during authentication, enabling a remote server to impersonate the client via GSSAPI. Evidence in connected docs shows MiracleLinux advis...