Azure Linux 3.0 Security Update: samba (CVE-2022-2031)

The version of samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2031 advisory. - A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single...

ALPINE-CVE-2022-2031

A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit this flaw to obtain and use tickets to other...

UBUNTU-CVE-2022-2031

A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit this flaw to obtain and use tickets to other...

Observable Response Discrepancy in Lost Password Service

Impact It is possible to enumerate usernames via the forgot password functionality Patches Update to version 10.1.3 or apply this patch manually: https://github.com/pimcore/pimcore/pull/10223.patch Workarounds Apply https://github.com/pimcore/pimcore/pull/10223.patch manually...

GHSA-579X-CJVR-CQJ9 Observable Response Discrepancy in Lost Password Service

Impact It is possible to enumerate usernames via the forgot password functionality Patches Update to version 10.1.3 or apply this patch manually: https://github.com/pimcore/pimcore/pull/10223.patch Workarounds Apply https://github.com/pimcore/pimcore/pull/10223.patch manually...

CVE-2021-39189 Observable Response Discrepancy in Lost Password Service

Pimcore is an open source data & experience management platform. In versions prior to 10.1.3, it is possible to enumerate usernames via the forgot password functionality. This issue is fixed in version 10.1.3. As a workaround, one may apply the available patch manually...

Operator of hacked password service Leakedsource.com arrested

By Waqas On January 27, 2017, the breach notification and password service Leakedsource.com This is a post from HackRead.com Read the original post: Operator of hacked password service Leakedsource.com arrested...

Canadian Police Charge Operator of Hacked Password Service Leakedsource.com

Canadian authorities have arrested and charged a 27-year-old Ontario man for allegedly selling billions of stolen passwords online through the now-defunct service Leakedsource.com. The now-defunct Leakedsource service. On Dec. 22, 2017, the Royal Canadian Mounted Police RCMP charged Jordan Evan...

Easily crack open the Lost Password laptop-vulnerability warning-the black bar safety net

For laptops, it is best not easily set a password, because the laptop's boot password is not like a PC that stored in CMOS circuit can through the discharge clear, at the moment a new laptop is the password stored on the motherboard of a few blocks of the logic circuit, our personal is not...