ZSQL: Number Of Password Changes Required Before the Current Password Can Be Reused

Configure the number of password changes required before the current password can be reused. The configuration prevents a password from being cracked due to repeated use. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyrig...

The vulnerability of the Samba Active Directory domain controller in the Samba networking software package allows a perpetrator to circumvent existing security restrictions through brute-force attacks.

The vulnerability of the Samba Domain Controller in the Active Directory software for network interactions involves flaws in the password-changing mechanism. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions through brute-force attacks...

IT Security in The New Pope

Lol, IT Security is everywhere. Even in the first episode of "The New Pope" TV series the sequel of "The Young Pope", 2016 some monks change credentials in the Vatican's IT systems under cover of night. This happened after, well, some unexpected changes in the corporate culture and organizational...

Debian: Security Advisory (DSA-4595-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-3467

Debian-edu-config all versions 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals...

DEBIAN-CVE-2019-3467

Debian-edu-config all versions 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals...

CVE-2019-3467

Debian-edu-config all versions 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals...

Default credentials

Debian-edu-config all versions 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals...

UBUNTU-CVE-2019-3467

Debian-edu-config all versions 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals...

CVE-2019-3467

Debian-edu-config all versions 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals...

CVE-2019-3467

Debian-edu-config all versions 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals...

Debian: Security Advisory (DSA-4589-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4589-1 : debian-edu-config - security update

It was discovered that debian-edu-config, a set of configuration files used for the Debian Edu blend, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other user principals. C Tenable Network Security, Inc. The descriptive text and package checks in...

[SECURITY] [DSA 4589-1] debian-edu-config security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4589-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 18, 2019 https://www.debian.org/security/faq -...

PT-2019-5234 · Mit +2 · Kerberos +3

Name of the Vulnerable Software and Affected Versions: Debian-edu-config versions prior to 2.11.10 debian-lan-config versions prior to 0.26 Description: The issue is related to a security flaw in privilege management. Exploitation of this flaw can allow an attacker to gain unauthorized access to...

CVE-2019-18284

A vulnerability has been identified in SPPA-T3000 Application Server All versions Service Pack R8.2 SP2. The AdminService is available without authentication on the Application Server. An attacker can use methods exposed via this interface to receive password hashes of other users and to change...

Design/Logic Flaw

A vulnerability has been identified in SPPA-T3000 Application Server All versions Service Pack R8.2 SP2. The AdminService is available without authentication on the Application Server. An attacker can use methods exposed via this interface to receive password hashes of other users and to change...

Siemens SPPA-T3000 Application Server Improper Authentication Vulnerability (CNVD-2019-45416)

SPPA-T3000 is a distributed control system mainly used in thermal power plants and large-scale renewable energy power plants.Application Server is the application server in it, which provides the main system services including access control, distribution of data to thin clients and archiving. A...

ClonOs WEB UI 19.09 - Improper Access Control

ClonOs WEB UI 19.09 - Improper Access Control Exploit Title: ClonOs WEB UI 19.09 - Improper Access Control Date: 2019-10-19 Exploit Author: İbrahim Hakan Şeker Vendor Homepage: https://clonos.tekroutine.com/ Software Link: https://github.com/clonos/control-pane Version: 19.09 Tested on: ClonOs CV...

CVE-2019-16261

Tripp Lite PDUMH15AT 12.04.0053 and SU750XL 12.04.0052 devices allow unauthenticated POST requests to the /Forms/ directory, as demonstrated by changing the manager or admin password, or shutting off power to an outlet. NOTE: the vendor's position is that a newer firmware version, fixing this...