Lucene search
+L

77 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/12/09 12:0 a.m.23 views

JVN#49602378 SEIL/B1 authentication issue

The PPP Access Concentrator PPPAC function within SEIL/B1 contains an issue in the CHAP and MS-CHAP-V2 authentication processes, the same challenge value is repeatedly used for each authentication attempt. Impact A third party may be able to perform replay attacks. As a result, the third party ma...

2.6CVSS6.6AI score0.01356EPSS
Exploits0
OpenVAS
OpenVAS
added 2009/12/09 12:0 a.m.44 views

Microsoft Windows IAS Remote Code Execution Vulnerability (974318)

This host is missing a critical security update according to Microsoft Bulletin MS09-071. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS5AI score0.31611EPSS
Exploits2References2
Check Point Advisories
Check Point Advisories
added 2009/12/08 12:0 a.m.36 views

Microsoft Internet Authentication Service MS-CHAP Security Bypass (MS09-071; CVE-2009-3677)

An elevation of privilege vulnerability has been reported in the Internet Authentication Service. Internet Authentication Service IAS is the Microsoft implementation of a Remote Authentication Dial-in User Service RADIUS server and proxy. As a RADIUS server, IAS performs centralized connection...

10CVSS7AI score0.2182EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2009/06/15 8:37 p.m.6 views

Wireshark CHAP dissector crash

The Check Point High-Availability Protocol CPHAP dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service crash via a crafted FWHAMYSTATE packet...

4.3CVSS5.9AI score0.01705EPSS
Exploits1References4
securityvulns
securityvulns
added 2004/04/13 12:0 a.m.42 views

asleap - offline LEAP authentication hacking

MS-CHAP NTLM vulnerability allows offline passwords attacks...

2.9AI score
Exploits0References2
securityvulns
securityvulns
added 2004/02/24 12:0 a.m.42 views

Mac OS X pppd format string vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Mac OS X pppd format string vulnerability Release Date: 02/23/2004 Application: pppd 2.4.0 Platform: Mac OS X 10.3.2 and below Severity: Local users are able to retrieve PAP/CHAP credential...

5CVSS0.5AI score0.03807EPSS
Exploits1
NVD
NVD
added 2002/08/12 4:0 a.m.14 views

CVE-2002-0849

Linux-iSCSI iSCSI implementation installs the iscsi.conf file with world-readable permissions on some operating systems, including Red Hat Linux Limbo Beta 1, which could allow local users to gain privileges by reading the cleartext CHAP password...

4.6CVSS6.6AI score0.00375EPSS
Exploits0References4
CVE
CVE
added 2002/08/10 4:0 a.m.43 views

CVE-2002-0849

CVE-2002-0849 : The Linux-iSCSI implementation installs the iscsi.conf file with world-readable permissions on some OSes (e.g., Red Hat Linux Limbo Beta #1), which could allow local users to gain privileges by reading the cleartext CHAP password. Root cause: file permissions on iscsi.conf. Impact...

4.6CVSS7AI score0.00375EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2002/08/10 4:0 a.m.15 views

CVE-2002-0849

Linux-iSCSI iSCSI implementation installs the iscsi.conf file with world-readable permissions on some operating systems, including Red Hat Linux Limbo Beta 1, which could allow local users to gain privileges by reading the cleartext CHAP password...

6.6AI score0.00375EPSS
Exploits0References4
securityvulns
securityvulns
added 2002/08/08 12:0 a.m.25 views

iDEFENSE Security Advisory: iSCSI Default Configuration File Settings

iDEFENSE Security Advisory 08.08.2002 iSCSI Default Configuration File Settings DESCRIPTION iSCSI is a popular new protocol that allows the SCSI protocol to be used over traditional IP networks. This allows for SAN like storage arrays without requiring new network infrastructure. iSCSI’s primary...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2001/11/14 12:0 a.m.86 views

more RADIUS authentication attack scenarios

Hello bugtraq, There is also problem with some vendor-specific RADIUS authentication implementation. For example Microsoft has it's specific attributes defined in RFC 2548. These attributes allow MS-CHAP and MS-CHAPv2 authentication via RADIUS. There is design flow in this authentication scenario...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2000/06/15 12:0 a.m.26 views

Дырка в Tigris

Если клиент первый раз указывает неправильный пароль при CHAP/PAP-авторизации, то не создается аккаунтинговой записи в RADIUS...

0.7AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added 1999/09/29 4:0 a.m.30 views

CVE-1999-0160

Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections...

6.7AI score0.01233EPSS
Exploits0References1
CVE
CVE
added 1999/09/29 4:0 a.m.60 views

CVE-1999-0160

CVE-1999-0160 affects classic Cisco IOS devices and involves a vulnerability in PPP CHAP authentication that can allow establishing unauthorized PPP connections. The described issue targets PPP CHAP authentication in Cisco IOS software (not necessarily all platforms) and is noted in several sourc...

7.5CVSS6.9AI score0.01233EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.37 views

pptp.revisited.txt

Date: Sat, 13 Feb 1999 11:28:40 -0800 From: [email protected] To: [email protected] Subject: PPTP Revisited The following text is in the "iso-8859-1" character set. Your display is set for the "US-ASCII" character set. Some characters may be displayed incorrectly. Lots of people have aske...

7.4AI score
Exploits0
Cisco
Cisco
added 1997/10/01 4:0 p.m.17 views

Cisco CHAP Authentication Vulnerabilities

...

2.4AI score
Exploits0References1
NVD
NVD
added 1997/10/01 4:0 a.m.19 views

CVE-1999-0160

Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections...

7.5CVSS0.01233EPSS
Exploits0References1
Rows per page
Query Builder