33 matches found
CVE-2020-15601
If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this...
CVE-2020-15605
If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents...
Authentication flaw
If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this...
CVE-2020-15605
If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents...
CVE-2020-15605
The CVE-2020-15605 entry concerns Trend Micro Vulnerability Protection 2.0 SP2 with LDAP authentication enabled. The flaw allows an unauthenticated attacker who has knowledge of the targeted organization to bypass the manager authentication mechanism via LDAP authentication bypass. The impact is ...
AZL-7266 CVE-2019-17455 affecting package libntlm for versions less than 1.6-1
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request...
libcurl Buffer Overflow Vulnerability
libcurl is a free and easy to use client-side URL transport library . A buffer overflow vulnerability exists in lib/curlntlmcore.c in libcurlntlmcoremknthash in Libcurl 7.15.4 - 7.61.0. A remote user can exploit this vulnerability by sending a specially crafted NTLM authentication password to...
NTLM password overflow via integer overflow
libcurl contains a buffer overrun in the NTLM authentication code. The internal function Curlntlmcoremknthash multiplies the length of the password by two SUM to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the...
Microsoft Windows: Network security: LAN Manager authentication level
This security setting determines which challenge/response authentication protocol is used for network logons. This choice affects the level of authentication protocol used by clients, the level of session security negotiated, and the level of authentication accepted by servers as follows: - Send ...
April 17, 2018—KB4093121 (Preview of Monthly Rollup)
April 17, 2018—KB4093121 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4093114 released April 10, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Windows Update...
EMC Unified Infrastructure Manager/Provisioning Authentication Bypass Vulnerability
EMC Unified Infrastructure Manager is a manager built for converged infrastructures that automates the configuration, provisioning, viewing of topology, monitoring of events and availability. A security vulnerability exists in the use of LDAP authentication for EMC UIM configurations, which allow...
CVE-2008-6854
Xigla Software Absolute FAQ Manager.NET 6.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value...
USN-86-1: cURL vulnerability
infamous41md discovered a buffer overflow in cURL's NT LAN Manager NTLM authentication handling. By sending a specially crafted long NTLM reply packet, a remote attacker could overflow the reply buffer. This could lead to execution of arbitrary attacker specified code with the privileges of the...