Lucene search
K

3495 matches found

Cvelist
Cvelist
added 2002/03/15 5:0 a.m.21 views

CVE-2001-1190

The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended...

6.8AI score0.00399EPSS
Exploits0References3
FreeBSD Advisory
FreeBSD Advisory
added 2002/03/12 12:0 a.m.9 views

FreeBSD-SA-02:14.pam-pgsql

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:14 Security Advisory FreeBSD, Inc. Topic: pam-pgsql port authentication bypass Category: ports Module: pam-pgsql Announced: 2002-03-12 Credits: Jacques A. Vidrine Affects...

6.1AI score
Exploits0
CVE
CVE
added 2002/02/02 5:0 a.m.46 views

CVE-2001-1068

CVE-2001-1068 affects qpopper 4.01 with PAM-based authentication on Red Hat systems. The issue is an information disclosure in authentication: when an invalid username is supplied, the system returns a different error message than for a valid username, enabling remote attackers to enumerate valid...

5CVSS7.3AI score0.01106EPSS
Exploits1References3Affected Software1
securityvulns
securityvulns
added 2002/01/29 12:0 a.m.36 views

Переполнение буфера в AXSpawn-pam (buffer overflow)

No description provided...

3.2AI score
Exploits0Affected Software1
NVD
NVD
added 2001/12/12 5:0 a.m.18 views

CVE-2001-1190

The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended...

4.6CVSS6.8AI score0.00399EPSS
Exploits0References3
CERT
CERT
added 2001/12/07 12:0 a.m.21 views

OpenSSH does not initialize PAM session thereby allowing PAM restrictions to be bypassed

Overview OpenSSH is an implementation of the Secure Shell SSH protocol. It can be configured to use Linux Pluggable Authentication Modules PAM for added authentication. A vulnerability exists in OpenSSH, and perhaps other implementations of SSH, which can allow to potentially bypass PAM...

7.1AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2001/10/16 7:15 p.m.5 views

Important: Red Hat Security Advisory: : New util-linux packages available to fix /bin/login pam problem

New util-linux packages are available that fix a problem with /bin/login's PAM implementation. This could, in some non-default setups, cause users to receive credentials of other users. It is recommended that all users update to the fixed packages. 2001-10-22: Packages are now available for Red H...

7.2CVSS5.9AI score0.00434EPSS
Exploits0References1
NVD
NVD
added 2001/10/08 4:0 a.m.11 views

CVE-2001-1147

The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pamlimits...

7.2CVSS6.6AI score0.00434EPSS
Exploits0References7
securityvulns
securityvulns
added 2001/09/28 12:0 a.m.50 views

Модификация SQL-запроса во многих модулях авторизации Apache, PAM и т.д.

Ввод пользователя не проверяется на наличие служебных символов SQL...

0.7AI score
Exploits0References3Affected Software9
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.17 views

CVE-1999-1158

Buffer overflow in 1 pluggable authentication module PAM on Solaris 2.5.1 and 2.5 and 2 unixscheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd...

7.1AI score0.00837EPSS
Exploits0References2
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.26 views

CVE-1999-1346

PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file...

6.5AI score0.01489EPSS
Exploits0References1
CVE
CVE
added 2001/09/12 4:0 a.m.55 views

CVE-1999-1346

CVE-1999-1346 affects PAM configuration for rlogin on Red Hat Linux 6.1 and earlier. A less restrictive PAM rule precedes a more restrictive one, allowing users to access the host via rlogin even if /etc/nologin has disabled it. The impact, as described, includes access to the host with potential...

7.5CVSS6.9AI score0.01489EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.22 views

CVE-1999-1348

Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service...

6.3AI score0.00335EPSS
Exploits0References1
CVE
CVE
added 2001/09/12 4:0 a.m.52 views

CVE-1999-1158

CVE-1999-1158 describes a buffer overflow in Solaris PAM (versions 2.5.1/2.5) and unix_scheme (Solaris 2.3/2.4) that lets local users gain root privileges through programs that use these modules (e.g., passwd, yppasswd, nispasswd). The root cause is a buffer overflow in the affected modules, enab...

7.2CVSS7.9AI score0.00837EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2001/09/12 4:0 a.m.55 views

CVE-1999-1348

Technical details about CVE-1999-1348 are not publicly provided in the supplied documents. Monitor for updates; the available records describe the issue at a high level without specific impact, affected products, or remediation.

2.1CVSS6.7AI score0.00335EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2001/09/11 12:0 a.m.33 views

RUS-CERT Advisory 2001-09:01

Vulnerabilities in PAM and NSS modules using a PostgreSQL database During investigating the problem described in RUS-CERT Advisory 2001-08:01, it became evident that a few PAM and NSS modules which use PostgreSQL as database backend are vulnerable to SQL code injections attacks, too. Systems...

0.5AI score
Exploits0
NVD
NVD
added 2001/09/10 4:0 a.m.9 views

CVE-2001-1369

Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fields...

7.5CVSS8.4AI score0.01648EPSS
Exploits0References3
securityvulns
securityvulns
added 2001/08/27 12:0 a.m.41 views

Проблемы с PAM в Qpopper (information leakage)

При использовании pam выдаются разные сообщения об ошибке при неверном пароле и несуществующем пользователе...

0.7AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2001/08/27 12:0 a.m.46 views

qpopper and pam.d

Hello, Take a look at the two sessions I have with Qpopper on a Redhat Linux 7.x box from an RPM package of version 4.0.1. Existing account: root@bart /etc telnet 10.10.10.1 110 Trying 10.10.10.1... Connected to 10.10.10.1. Escape character is '^'. +OK ready [email protected] user...

7.2AI score
Exploits0
NVD
NVD
added 2001/06/19 4:0 a.m.21 views

CVE-2001-1459

OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module PAM session if commands are executed with no pty, which allows local users to bypass resource limits rlimits set in pam.d...

7.5CVSS6.5AI score0.02158EPSS
Exploits0References4
Rows per page
Query Builder