Lucene search
+L

325 matches found

Citrix
Citrix
added 2016/05/16 12:0 a.m.10 views

Error: "The pool failed to enable external authentication" on XenServer

Unable to join the XenServer hosts to Active directory domain. The computer account is created in the domain but the following error continues to appear: Enabling Active Directory Authentication on pool … “Error: The pool failed to enable external authentication.” In the xensource.log the followi...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2016/04/07 12:0 a.m.4 views

PT-2017-8352

Name of the Vulnerable Software and Affected Versions Salt versions prior to 2015.5.10 Salt versions 2015.8.x prior to 2015.8.8 Description The issue allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient when PAM extern...

5.6CVSS5.9AI score0.00873EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2016/03/28 12:0 a.m.14 views

FreeBSD : salt -- Insecure configuration of PAM external authentication service (6d25c306-f3bb-11e5-92ce-002590263bf5)

SaltStack reports : This issue affects all Salt versions prior to 2015.8.8/2015.5.10 when PAM external authentication is enabled. This issue involves passing an alternative PAM authentication service with a command that is sent to LocalClient, enabling the attacker to bypass the configured...

5.6CVSS5.9AI score0.00873EPSS
Exploits0References3
Mageia
Mageia
added 2015/10/25 2:38 p.m.20 views

Updated dbus packages fixes security vulnerability

Updated dbus packages provides security hardening and fixes some bugs Security hardening: On Unix platforms, change the default configuration for the session bus to only allow EXTERNAL authentication secure kernel-mediated credentials-passing, as was already done for the system bus. This avoids...

1.1AI score
Exploits0References8
Metasploit
Metasploit
added 2014/10/01 6:57 p.m.890 views

Pure-FTPd External Authentication Bash Environment Variable Code Injection (Shellshock)

This module exploits the Shellshock vulnerability, a flaw in how the Bash shell handles external environment variables. This module targets the Pure-FTPd FTP server when it has been compiled with the --with-extauth flag and an external Bash script is used for authentication. If the server is not...

9.8CVSS6.9AI score0.99999EPSS
Exploits132
seebug.org
seebug.org
added 2014/03/25 12:0 a.m.17 views

Gitblit External Authentication Providers未明验证绕过漏洞

Bugtraq ID:66324 Gitblit是一个纯Java库用来管理、查看和处理Git资料库。 相关Gitblit的External Authentication Providers存在错误,允许拥有合法用户名的攻击者利用漏洞绕过验证,进行未授权操作。 0 Gitblit 1.x Gitblit 1.4.1已经修复该漏洞,建议用户下载更新: http://gitblit.com...

7.1AI score
Exploits0
NVD
NVD
added 2013/11/05 6:55 p.m.26 views

CVE-2013-4435

Salt aka SaltStack 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine...

6CVSS6.6AI score0.01515EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2013/11/05 6:55 p.m.20 views

CVE-2013-4435

Salt aka SaltStack 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine...

6CVSS5.9AI score0.01515EPSS
Exploits0References4
Prion
Prion
added 2013/11/05 6:55 p.m.13 views

Authentication flaw

Salt aka SaltStack 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine...

6CVSS7.2AI score0.01515EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2013/11/05 6:55 p.m.4 views

UBUNTU-CVE-2013-4435

Salt aka SaltStack 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine...

6CVSS5.9AI score0.01515EPSS
Exploits0References5
Cvelist
Cvelist
added 2013/11/05 6:0 p.m.29 views

CVE-2013-4435

Salt aka SaltStack 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine...

6.5AI score0.01515EPSS
Exploits0References2
CVE
CVE
added 2013/06/21 12:0 a.m.16 views

CVE-2013-0521: IBM Sterling External Authentication Server self-signed certificate

IBM Sterling External Authentication Server is affected by CVE-2013-0521 due to the Webstart GUI being signed with a self-signed certificate, causing browsers to not recognize authenticity and potentially enabling attacks via untrusted code execution. The IBM bulletin lists affected SEAS versions...

2.4CVSS7.5AI score
Exploits0References2
securityvulns
securityvulns
added 2013/06/17 12:0 a.m.42 views

Ruckus ZoneDirector authentication bypass

Unauthorized access if external authentication protocol is configured...

3.5AI score
Exploits0References1Affected Software1
CVE
CVE
added 2013/05/03 12:0 a.m.24 views

CVE-2013-0514: IBM Sterling External Authentication Server information disclosure

IBM Sterling External Authentication Server (SEAS) is affected by CVE-2013-0514 (information disclosure on error) and CVE-2013-0517 (OS command execution). The 0514 issue can leak product details during error handling; 0517 enables a local attacker with admin access to execute arbitrary OS comman...

3.7CVSS7.2AI score
Exploits0References2
OpenVAS
OpenVAS
added 2012/08/14 12:0 a.m.20 views

Fedora Update for perl-RT-Authen-ExternalAuth FEDORA-2012-11360

Check for the Version of perl-RT-Authen-ExternalAuth OpenVAS Vulnerability Test Fedora Update for perl-RT-Authen-ExternalAuth FEDORA-2012-11360 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

5CVSS6.4AI score0.01362EPSS
Exploits0References2
Atlassian
Atlassian
added 2009/02/20 12:41 a.m.19 views

Redirect that works in 2.9 is broken in later Confluence versions

Adding a .jsp containing the following code will work in 2.9, but produces an exception in 2.10 when a parameter such as osdestination is supplied: code code Example URL: http://localhost:8080/confluence/login2.jsp?osdestination=%2Fdashboard.action Typical exception: quote...

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/02/20 12:41 a.m.18 views

Redirect that works in 2.9 is broken in later Confluence versions

Adding a .jsp containing the following code will work in 2.9, but produces an exception in 2.10 when a parameter such as osdestination is supplied: code code Example URL: http://localhost:8080/confluence/login2.jsp?osdestination=%2Fdashboard.action Typical exception: quote...

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/02/20 12:41 a.m.21 views

Redirect that works in 2.9 is broken in later Confluence versions

Adding a .jsp containing the following code will work in 2.9, but produces an exception in 2.10 when a parameter such as osdestination is supplied: code code Example URL: http://localhost:8080/confluence/login2.jsp?osdestination=%2Fdashboard.action Typical exception: quote...

1.7AI score
Exploits0
securityvulns
securityvulns
added 2005/12/16 12:0 a.m.30 views

Business Objects WebIntelligence 6.5x Account Lockout and System DoS

Computer Sciences Corporation Security Advisory December 14, 2005 Summary: CSC have discovered an issue that could impact upon the availability and security of servers operating Business Objects WebIntelligence software. If a remote malicious attacker is able to access authentication mechanisms...

0.4AI score
Exploits0
CVE
CVE
added 2002/03/09 5:0 a.m.51 views

CVE-1999-1481

Squid 2.2.STABLE5 and earlier versions are affected when using external authentication. A newline in the user/password pair can bypass access controls, enabling unauthorized access. The available documents confirm the affected software and the bypass condition but do not provide remediation detai...

5CVSS6.9AI score0.03573EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder