7 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-4172
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client before 3.3.2, .NET CAS...
Mageia: Security Advisory (MGASA-2014-0387)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-4172
A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client before 3.3.2, .NET CAS Client before 1.0.2, and phpCAS before 1.3.3 that allow remote attackers to inject arbitrary web script or HTML via the 1 service...
CVE-2014-4172
The CVE-2014-4172 issue affects Jasig Java CAS Client (<3.3.2), .NET CAS Client (<1.0.2), and phpCAS (
[SECURITY] [DSA 3017-1] php-cas security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3017-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst September 2, 2014 http://www.debian.org/security/faq -...
Updated php-pear-CAS packages fix CVE-2014-4172
Updated php-pear-CAS packages fix security vulnerabilities: A flaw in php-pear-CAS before 1.3.3, utilized by Moodle, has been found which could potentially allow unauthorised access and privilege escalation CVE-2014-4172...
Fedora 20 : cas-client-3.3.3-1.fc20 (2014-9662)
update to 3.3.3 - fix CVE-2014-4172 rhbz1131371 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...