77 matches found
SUSE: Security Advisory (SUSE-SU-2019:2736-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : ceph, ceph-iscsi, ses-manual_en (SUSE-SU-2019:2736-1)
This update for ceph, ceph-iscsi and ses-manualen fixes the following issues : Security issues fixed : CVE-2019-10222: Fixed RGW crash caused by unauthenticated clients. bsc1145093 Non-security issues-fixed: ceph-volume: prints errors to stdout with --format json bsc1132767 mgr/dashboard: Changin...
CVE-2019-12664 Cisco IOS XE Software ISDN Data Leak Vulnerability
A vulnerability in the Dialer interface feature for ISDN connections in Cisco IOS XE Software for Cisco 4000 Series Integrated Services Routers ISRs could allow an unauthenticated, adjacent attacker to pass IPv4 traffic through an ISDN channel prior to successful PPP authentication. The...
Cisco IOS XE Software ISDN Data Leak Vulnerability
A vulnerability in the Dialer interface feature for ISDN connections in Cisco IOS XE Software for Cisco 4000 Series Integrated Services Routers ISRs could allow an unauthenticated, adjacent attacker to pass IPv4 traffic through an ISDN channel prior to successful PPP authentication. The...
The vulnerability of the chap_server_compute_md5() function in the ISCSI protocol implementation for Linux operating systems allows a attacker to cause a service failure or gain access to protected information.
The vulnerability of the chapservercomputemd5 function in the ISCSI kernel implementation of Linux operating systems is related to improper checking of memory access boundaries, which leads to reading beyond the buffer. Exploiting this vulnerability can allow a malicious actor to cause service...
CVE-2016-8276
Buffer overflow in the Point-to-Point Protocol over Ethernet PPPoE module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600, when CHAP authentication is configured on the server, allows remote attackers to cause a denial of service...
CVE-2016-8276
CVE-2016-8276 concerns Huawei USG2100/USG2200/USG5100/USG5500 unified security gateways. A buffer overflow in the PPPoE module occurs when CHAP authentication is configured on the server, allowing remote attackers to cause a server restart or execute arbitrary code via crafted packets during auth...
Security Advisory - Buffer Overflow Vulnerability in Huawei USG Products
The Point-to-Point Protocol over Ethernet PPPoE module of the USG has a buffer overflow vulnerability. When Challenge Handshake Authentication Protocol CHAP authentication is configured on the server, an attacker may send abnormal attack packets to the server during authentication to cause buffer...
Scientific Linux Security Update : freeradius on SL6.x i386/x86_64 (20150722)
A stack-based buffer overflow was found in the way the FreeRADIUS rlmpap module handled long password hashes. An attacker able to make radiusd process a malformed password hash could cause the daemon to crash. CVE-2014-2015 The freeradius packages have been upgraded to upstream version 2.2.6, whi...
CentOS 6 : freeradius (CESA-2015:1287)
Updated freeradius packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which giv...
RedHat Update for freeradius RHSA-2015:1287-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 6 : freeradius (RHSA-2015:1287)
Updated freeradius packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which giv...
CVE-2014-5036
The Storage Controller SC component in Eucalyptus 3.4.2 through 4.0.x before 4.0.1, when Dell Equallogic SAN is used, logs the CHAP user credentials, which allows local users to obtain sensitive information by reading the logs...
CVE-2014-5036
The Storage Controller SC component in Eucalyptus 3.4.2 through 4.0.x before 4.0.1, when Dell Equallogic SAN is used, logs the CHAP user credentials, which allows local users to obtain sensitive information by reading the logs...
Information disclosure
The Storage Controller SC component in Eucalyptus 3.4.2 through 4.0.x before 4.0.1, when Dell Equallogic SAN is used, logs the CHAP user credentials, which allows local users to obtain sensitive information by reading the logs...
CVE-2014-5036
The Storage Controller SC component in Eucalyptus 3.4.2 through 4.0.x before 4.0.1, when Dell Equallogic SAN is used, logs the CHAP user credentials, which allows local users to obtain sensitive information by reading the logs...
CVE-2014-5036
The CVE-2014-5036 entry applies to Eucalyptus Storage Controller (SC) in versions 3.4.2–4.0.x prior to 4.0.1 when used with Dell EqualLogic SAN. The underlying issue is that CHAP user credentials are logged, enabling local users to read logs and obtain sensitive information, causing partial confi...
oclHashcat v1.20 - Worlds fastest password cracker
oclHashcat is a GPGPU-based multi-hash cracker using a brute-force attack implemented as mask attack, combinator attack, dictionary attack, hybrid attack, mask attack, and rule-based attack. This GPU cracker is a fusioned version of oclHashcat-plus and oclHashcat-lite. GPU Driver requirements: NV...
Microsoft Internet Authentication Service MS-CHAP Security Bypass (MS09-071) - Ver2 (CVE-2009-3677)
An elevation of privilege vulnerability has been reported in the Internet Authentication Service. Internet Authentication Service IAS is the Microsoft implementation of a Remote Authentication Dial-in User Service RADIUS server and proxy. As a RADIUS server, IAS performs centralized connection...
D-Link DIR-Series Routers - '/model/__show_info.php' Local File Disclosure
source: https://www.securityfocus.com/bid/64043/info Multiple D-Link DIR series routers are prone to a local file-disclosure vulnerability because it fails to adequately validate user-supplied input. Exploiting this vulnerability would allow an attacker to obtain potentially sensitive information...