Sha256 Crypt和Sha512 Crypt 安全漏洞

Both Sha256 Crypt and Sha512 Crypt are a cryptographic hash function by the individual developer Ulrich Drepper. A security vulnerability exists in Sha256 Crypt and Sha512 Crypt that allows an attacker to cause a denial of service CPU consumption by exploiting the vulnerability because the...

DEBIAN-CVE-2022-24953

The CryptGPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions...

UBUNTU-CVE-2022-24953

The CryptGPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions...

PT-2022-17010 · Php · Crypt Gpg

Name of the Vulnerable Software and Affected Versions: Crypt GPG extension for PHP versions prior to 1.6.7 Description: The issue concerns the Crypt GPG extension for PHP, where it fails to prevent additional options in GPG calls. This poses a risk for certain environments and GPG versions...

Mageia: Security Advisory (MGASA-2013-0289)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for cryptsetup (FEDORA-2022-61b55b6ebc)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: cryptsetup-2.3.7-1.fc34

The cryptsetup package contains a utility for setting up disk encryption using dm-crypt kernel module...

[SECURITY] Fedora 35 Update: cryptsetup-2.4.3-1.fc35

The cryptsetup package contains a utility for setting up disk encryption using dm-crypt kernel module...

389 security update

CentOS Errata and Security Advisory CESA-2021:3807 An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CentOS 7 : 389-ds-base (RHSA-2021:3807)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3807 advisory. - A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then instead of being inactive, any passwo...

RHEL 8 : 389-ds:1.4 (RHSA-2021:3906)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3906 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server an...

389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed

A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then instead of being inactive, any password will successfully match during authentication. This flaw allows an attacker to successfully authenticate as a user whose password was...

Scientific Linux Security Update : 389-ds-base on SL7.x x86_64 (2021:3807)

The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2021:3807-1 advisory. - 389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed CVE-2021-3652 Note that Nessus has not tested for this issue but has...

RHEL 7 : 389-ds-base (RHSA-2021:3807)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3807 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server an...

389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed

A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then instead of being inactive, any password will successfully match during authentication. This flaw allows an attacker to successfully authenticate as a user whose password was...

MGASA-2021-0440 Updated 389-ds-base packages fix security vulnerability

Fixed crypt handling of locked accounts. CVE-2021-3652...

Updated 389-ds-base packages fix security vulnerability

Fixed crypt handling of locked accounts. CVE-2021-3652...

openSUSE 15 Security Update : 389-ds (openSUSE-SU-2021:1211-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1211-1 advisory. - 389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed CVE-2021-3652 Note that Nessus has not tested for this issue but...

openSUSE: Security Advisory for 389-ds (openSUSE-SU-2021:1211-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for 389-ds (moderate)

openSUSE Security Update: Security update for 389-ds Announcement ID: openSUSE-SU-2021:1211-1 Rating: moderate References: 1188455 Cross-References: CVE-2021-3652 CVSS scores: CVE-2021-3652 SUSE: 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: openSUSE Leap 15.2 An update that...