Lucene search
K

33 matches found

OSV
OSV
added 2020/08/27 9:15 p.m.5 views

CVE-2020-15601

If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this...

8.1CVSS5.6AI score0.02757EPSS
Exploits0References2
NVD
NVD
added 2020/08/27 9:15 p.m.23 views

CVE-2020-15605

If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents...

8.1CVSS8.2AI score0.02757EPSS
Exploits0References2
Prion
Prion
added 2020/08/27 9:15 p.m.14 views

Authentication flaw

If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this...

5.1CVSS8.2AI score0.02757EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2020/08/27 8:35 p.m.23 views

CVE-2020-15605

If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents...

8.2AI score0.02757EPSS
Exploits0References2
CVE
CVE
added 2020/08/27 8:35 p.m.48 views

CVE-2020-15605

The CVE-2020-15605 entry concerns Trend Micro Vulnerability Protection 2.0 SP2 with LDAP authentication enabled. The flaw allows an unauthenticated attacker who has knowledge of the targeted organization to bypass the manager authentication mechanism via LDAP authentication bypass. The impact is ...

8.1CVSS8.1AI score0.02757EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2019/10/10 6:15 p.m.5 views

AZL-7266 CVE-2019-17455 affecting package libntlm for versions less than 1.6-1

Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request...

9.8CVSS6.1AI score0.03107EPSS
Exploits1References1
CNVD
CNVD
added 2018/09/06 12:0 a.m.3 views

libcurl Buffer Overflow Vulnerability

libcurl is a free and easy to use client-side URL transport library . A buffer overflow vulnerability exists in lib/curlntlmcore.c in libcurlntlmcoremknthash in Libcurl 7.15.4 - 7.61.0. A remote user can exploit this vulnerability by sending a specially crafted NTLM authentication password to...

10CVSS8.6AI score0.11115EPSS
Exploits0References1
curl security advisories
curl security advisories
added 2018/09/05 8:0 a.m.11 views

NTLM password overflow via integer overflow

libcurl contains a buffer overrun in the NTLM authentication code. The internal function Curlntlmcoremknthash multiplies the length of the password by two SUM to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the...

10CVSS7.2AI score0.11115EPSS
Exploits0Affected Software2
OpenVAS
OpenVAS
added 2018/06/12 12:0 a.m.40 views

Microsoft Windows: Network security: LAN Manager authentication level

This security setting determines which challenge/response authentication protocol is used for network logons. This choice affects the level of authentication protocol used by clients, the level of session security negotiated, and the level of authentication accepted by servers as follows: - Send ...

7.6AI score
Exploits0References5
Microsoft KB
Microsoft KB
added 2018/04/12 12:0 a.m.4 views

April 17, 2018—KB4093121 (Preview of Monthly Rollup)

April 17, 2018—KB4093121 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4093114 released April 10, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Windows Update...

7.2AI score
Exploits0
CNVD
CNVD
added 2015/06/17 12:0 a.m.3 views

EMC Unified Infrastructure Manager/Provisioning Authentication Bypass Vulnerability

EMC Unified Infrastructure Manager is a manager built for converged infrastructures that automates the configuration, provisioning, viewing of topology, monitoring of events and availability. A security vulnerability exists in the use of LDAP authentication for EMC UIM configurations, which allow...

10CVSS7.1AI score0.03368EPSS
Exploits0References1
Cvelist
Cvelist
added 2009/07/14 2:0 p.m.26 views

CVE-2008-6854

Xigla Software Absolute FAQ Manager.NET 6.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value...

7.2AI score0.02537EPSS
Exploits1References4
Ubuntu
Ubuntu
added 2005/02/28 8:26 p.m.44 views

USN-86-1: cURL vulnerability

infamous41md discovered a buffer overflow in cURL's NT LAN Manager NTLM authentication handling. By sending a specially crafted long NTLM reply packet, a remote attacker could overflow the reply buffer. This could lead to execution of arbitrary attacker specified code with the privileges of the...

8.8CVSS6.2AI score0.05732EPSS
Exploits0
Rows per page
Query Builder