CVE-2018-1312

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed...

CVE-2018-1312

CVE-2018-1312 affects Apache httpd 2.2.0–2.4.29 where nonce generation for HTTP Digest authentication was not seeded with a proper pseudo-random seed. This allowed replay across servers in a common Digest configuration. Public advisories (CentOS, Debian, Arch Linux, ALT Linux) fix confirmed in ve...

CVE-2018-1312

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed...

Intel AMT Digest Authentication Bypass Scanner Exploit

This module scans for Intel Active Management Technology endpoints and attempts to bypass authentication using a blank HTTP digest CVE-2017-5689. This service can be found on ports 16992, 16993 tls, 623, and 624tls. This module requires Metasploit: http://metasploit.com/download Current source:...

Intel AMT Digest Authentication Bypass Scanner

This module scans for Intel Active Management Technology endpoints and attempts to bypass authentication using a blank HTTP digest CVE-2017-5689. This service can be found on ports 16992, 16993 tls, 623, and 624 tls. This module requires Metasploit: https://metasploit.com/download Current source:...

Intel Management Engine Authentication Bypass (INTEL-SA-00075) (remote check)

Binary data intelamtauthbypass.nbin...

CVE-2017-5418

An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set patterns. This vulnerability affects Firefox 52 and Thunderbird 52...

Nextcloud: HTTP-Basic Authentication on logs.nextcloud.com

Greetings, While visiting https://logs.nextcloud.com/ , I noticed that this server use HTTP-Basic Authentication. F152730 POC : ------ GET https://logs.nextcloud.com/ HTTP/1.1 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.11; rv:50.0 Gecko/20100101 Firefox/50.0 Accept:...

Samsung Smart Home Camera SNH-P-6410 Command Injection

import urllib, urllib2, crypt, time New password for web interface webpassword = 'admin' New password for root rootpassword = 'root' IP of the camera ip = '192.168.12.61' These are all for the Smartthings bundled camera realm = 'iPolis' webusername = 'admin' baseurl = 'http://' + ip +...

Samsung Smart Home Camera SNH-P-6410 - Command Injection

Samsung Smart Home Camera SNH-P-6410 - Command Injection E-DB Note: source https://www.pentestpartners.com/blog/samsungs-smart-camera-a-tale-of-iot-network-security/ import urllib, urllib2, crypt, time New password for web interface webpassword = 'admin' New password for root rootpassword = 'root...

Samsung Smart Home Camera SNH-P-6410 - Command Injection

Exploit for hardware platform in category remote exploits E-DB Note: source https://www.pentestpartners.com/blog/samsungs-smart-camera-a-tale-of-iot-network-security/ import urllib, urllib2, crypt, time New password for web interface webpassword = 'admin' New password for root rootpassword = 'roo...

RHEL 5 / 6 : tomcat5 (RHSA-2012:0680)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0680 advisory. - tomcat: Multiple weaknesses in HTTP DIGEST authentication CVE-2011-1184, CVE-2011-5062, CVE-2011-5063, CVE-2011-5064 - tomcat: passwor...

RHEL 5 / 6 : tomcat6 (RHSA-2012:0682)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0682 advisory. - tomcat: Multiple weaknesses in HTTP DIGEST authentication CVE-2011-1184, CVE-2011-5062, CVE-2011-5063, CVE-2011-5064 - tomcat: passwor...

Asterisk 'ast_parse_digest()' Stack Buffer Overflow Vulnerability

No description provided by source. =========================== Description =========================== There is a remotely exploitable stack buffer overflow in HTTP digest authentication handling in Asterisk. This vulnerability includes the possibility of code execution with plenty of stack space...

Amazon Linux AMI : tomcat6 (ALAS-2011-25)

Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Enterprise 1.1.1 update

Red Hat OpenShift Enterprise 1.1.1 is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in...

rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest

The decodecredentials method in actionpack/lib/actioncontroller/metal/httpauthentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging...

Critical: Red Hat Security Advisory: Ruby on Rails security update

Updated rubygem-actionpack, rubygem-activesupport, and rubygem-activerecord packages that fix multiple security issues are now available for Red Hat Subscription Asset Manager. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scorin...

Apache Tomcat 5.5.x < 5.5.36 DIGEST Authentication Multiple Security Weaknesses

According to its self-reported version number, the instance of Apache Tomcat 5.5.x listening on the remote host is prior to 5.5.36. It is, therefore, affected by the following vulnerabilities : - Replay-countermeasure functionality in HTTP Digest Access Authentication tracks cnonce values instead...

CVE-2012-5887

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...