497 matches found
krb5: kadmind denial of service
The check16dummy function in lib/kadm5/srv/svrprincipal.c in kadmind in MIT Kerberos 5 aka krb5 1.8.x, 1.9.x, and 1.10.x before 1.10.2 allows remote authenticated administrators to cause a denial of service NULL pointer dereference and daemon crash via a KRB5KDBDISALLOWALLTIX create request that...
virt-v2v: vnc password protection is missing after vm conversion
virt-v2v before 0.8.4 does not preserve the VNC console password when converting a guest, which allows local users to bypass the intended VNC authentication by connecting without a password...
Gentoo Security Advisory GLSA 200804-24 (dbmail)
The remote host is missing updates announced in advisory GLSA 200804-24. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200804-24 (dbmail)
The remote host is missing updates announced in advisory GLSA 200804-24. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ GLSA 200804-24 ] DBmail: Data disclosure
Gentoo Linux Security Advisory GLSA 200804-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
FreeBSD : kdm -- passwordless login vulnerability (79b616d0-66d1-11dc-b25f-02e0185f8d72)
The KDE development team reports : KDM can be tricked into performing a password-less login even for accounts with a password set under certain circumstances, namely autologin to be configured and 'shutdown with password' enabled. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descripti...
DSA-1376-1 kdebase - programming error
Bulletin has no description...
AK-Systems terminal unauthorized access
Passwordless VNC access to device is possible...
linux/x86 Adduser without Password to /etc/passwd 59 bytes
Exploit for linux/x86 platform in category shellcode ========================================================== linux/x86 Adduser without Password to /etc/passwd 59 bytes ========================================================== / linux/x86 adds user 'xtz' without password to /etc/passwd - 59...
CVE-2004-2004
CVE-2004-2004 affects the SUSE LINUX 9.1 Personal edition Live CD, where the root account is configured without a password. This allows remote attackers to gain root privileges via SSH. The vulnerability is described with a CVSS base score of 10.0 (HIGH) and a network attack vector with no authen...
CVE-2005-1379
The LAM runtime environment package lam-runtime-7.0.6-2mdk on Mandrake Linux installs the mpi user without a password, which allows local users to gain privileges...
lam-runtime unauthorized access
Account without password is created during installation process...
[NEWS] SMC Routers Passwordless Remote Administration
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
[Full-Disclosure] Proofpoint Protection Server remote MySQL root user vulnerability
Product: Protection Server Version: unknown/Red Hat Linux Developer: Proofpoint URL: www.proofpoint.com Summary: The MySQL server may be remotely access by the "root" user without using a password. Details: The Proofpoint Protection Server is a software product to filter spam and other e-mail...
PT-2003-1416 · Sgi · Irix
Name of the Vulnerable Software and Affected Versions: IRIX versions 6.5.19 and earlier Description: The issue concerns the LDAP name service nsd not properly verifying if the USERPASSWORD attribute has been provided by an LDAP server. This could allow attackers to log in without a password...
IRIX 5.3/6.x - 'netprint' Arbitrary Shared Library Usage
// source: https://www.securityfocus.com/bid/2656/info The 'netprint' utility shipped with SGI Irix systems is used to send print jobs to print spoolers on remote hosts. It is installed setuid root by default. At the command line, 'netprint' accepts an option to specify the network type -n. This...
CVE-1999-0200
Windows NT FTP server WFTP with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password...