MiracleLinux 4 : wireshark-1.2.15-2.AXS4.1 (AXSA:2012-539:02)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2012-539:02 advisory. Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library,...

SUSE-SU-2017:1444-1 Security update for java-1_6_0-ibm

This update for java-160-ibm fixes the following issues: - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number - CVE-2016-9843: zlib: Big-endian...

CVE-2016-0755

The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015...

CVE-2003-0904

Microsoft Exchange 2003 and Outlook Web Access OWA, when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. when SharePoint Servic...

Authentication flaw in microsoft SMB protocol

Detailed information: http://seclab.ce.aut.ac.ir/vreport.htm Summary ======= Microsoft uses SMB Protocol for “File and Printer sharing service” in all versions of Windows. Upon accessing a network resource, NTLM Authentication is used to authenticate the client on the server. When a logged-in use...

EUVD-2002-0054

SMTP service in 1 Microsoft Windows 2000 and 2 Internet Mail Connector IMC in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials...