13 matches found
CVE-2026-48523 PyJWT: Algorithm allow-list bypass when decoding with `PyJWK` / `PyJWKClient` keys
PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are called with a PyJWK key. The token header alg is checked against the caller-supplied algorithms allow-list, but signature...
EUVD-2016-3222
Malware in sbrugna...
Security update for rekor
This update for rekor fixes the following issues: CVE-2023-45288: rekor: golang.org/x/net/http2: Fixed close connections when receiving too many headers bsc1236519 CVE-2024-6104: rekor: hashicorp/go-retryablehttp: Fixed sensitive information disclosure inside log file bsc1227053 CVE-2025-22868:...
K13364192: Samba vulnerability CVE-2016-2119
Security Advisory Description libcli/smb/smbXclibase.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the 1 SMB2SESSIONFLAGISGUEST or 2...
SUSE CVE-2016-2119
libcli/smb/smbXclibase.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the 1 SMB2SESSIONFLAGISGUEST or 2 SMB2SESSIONFLAGISNULL flag...
Microsoft Windows: Network security: LDAP client signing requirements
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winnsecldapclientsigning.nasl 11337 2018-09-11 14:23:53Z emoss $ Check value for Network security: LDAP client signing requirements Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...
USN-3092-1: Samba vulnerability
Stefan Metzmacher discovered that Samba incorrectly handled certain flags in SMB2/3 client connections. A remote attacker could use this issue to disable client signing and impersonate servers by performing a machine-in-the-middle attack. Samba has been updated to 4.3.11 in Ubuntu 14.04 LTS and...
FreeBSD : samba -- client side SMB2/3 required signing can be downgraded (4729c849-4897-11e6-b704-000c292e4fd8)
Samba team reports : A man in the middle attack can disable client signing over SMB2/3, even if enforced by configuration parameters. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database :...
CVE-2016-2119
libcli/smb/smbXclibase.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the 1 SMB2SESSIONFLAGISGUEST or 2 SMB2SESSIONFLAGISNULL flag...
CVE-2016-2119
libcli/smb/smbXclibase.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the 1 SMB2SESSIONFLAGISGUEST or 2 SMB2SESSIONFLAGISNULL flag...
CVE-2016-2119
libcli/smb/smbXclibase.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the 1 SMB2SESSIONFLAGISGUEST or 2 SMB2SESSIONFLAGISNULL flag...
samba -- client side SMB2/3 required signing can be downgraded
Samba team reports: A man in the middle attack can disable client signing over SMB2/3, even if enforced by configuration parameters...
UBUNTU-CVE-2016-2119
libcli/smb/smbXclibase.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the 1 SMB2SESSIONFLAGISGUEST or 2 SMB2SESSIONFLAGISNULL flag...