325 matches found
Error: "The pool failed to enable external authentication" on XenServer
Unable to join the XenServer hosts to Active directory domain. The computer account is created in the domain but the following error continues to appear: Enabling Active Directory Authentication on pool … “Error: The pool failed to enable external authentication.” In the xensource.log the followi...
PT-2017-8352
Name of the Vulnerable Software and Affected Versions Salt versions prior to 2015.5.10 Salt versions 2015.8.x prior to 2015.8.8 Description The issue allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient when PAM extern...
FreeBSD : salt -- Insecure configuration of PAM external authentication service (6d25c306-f3bb-11e5-92ce-002590263bf5)
SaltStack reports : This issue affects all Salt versions prior to 2015.8.8/2015.5.10 when PAM external authentication is enabled. This issue involves passing an alternative PAM authentication service with a command that is sent to LocalClient, enabling the attacker to bypass the configured...
Updated dbus packages fixes security vulnerability
Updated dbus packages provides security hardening and fixes some bugs Security hardening: On Unix platforms, change the default configuration for the session bus to only allow EXTERNAL authentication secure kernel-mediated credentials-passing, as was already done for the system bus. This avoids...
Pure-FTPd External Authentication Bash Environment Variable Code Injection (Shellshock)
This module exploits the Shellshock vulnerability, a flaw in how the Bash shell handles external environment variables. This module targets the Pure-FTPd FTP server when it has been compiled with the --with-extauth flag and an external Bash script is used for authentication. If the server is not...
Gitblit External Authentication Providers未明验证绕过漏洞
Bugtraq ID:66324 Gitblit是一个纯Java库用来管理、查看和处理Git资料库。 相关Gitblit的External Authentication Providers存在错误,允许拥有合法用户名的攻击者利用漏洞绕过验证,进行未授权操作。 0 Gitblit 1.x Gitblit 1.4.1已经修复该漏洞,建议用户下载更新: http://gitblit.com...
CVE-2013-4435
Salt aka SaltStack 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine...
CVE-2013-4435
Salt aka SaltStack 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine...
Authentication flaw
Salt aka SaltStack 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine...
UBUNTU-CVE-2013-4435
Salt aka SaltStack 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine...
CVE-2013-4435
Salt aka SaltStack 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine...
CVE-2013-0521: IBM Sterling External Authentication Server self-signed certificate
IBM Sterling External Authentication Server is affected by CVE-2013-0521 due to the Webstart GUI being signed with a self-signed certificate, causing browsers to not recognize authenticity and potentially enabling attacks via untrusted code execution. The IBM bulletin lists affected SEAS versions...
Ruckus ZoneDirector authentication bypass
Unauthorized access if external authentication protocol is configured...
CVE-2013-0514: IBM Sterling External Authentication Server information disclosure
IBM Sterling External Authentication Server (SEAS) is affected by CVE-2013-0514 (information disclosure on error) and CVE-2013-0517 (OS command execution). The 0514 issue can leak product details during error handling; 0517 enables a local attacker with admin access to execute arbitrary OS comman...
Fedora Update for perl-RT-Authen-ExternalAuth FEDORA-2012-11360
Check for the Version of perl-RT-Authen-ExternalAuth OpenVAS Vulnerability Test Fedora Update for perl-RT-Authen-ExternalAuth FEDORA-2012-11360 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...
Redirect that works in 2.9 is broken in later Confluence versions
Adding a .jsp containing the following code will work in 2.9, but produces an exception in 2.10 when a parameter such as osdestination is supplied: code code Example URL: http://localhost:8080/confluence/login2.jsp?osdestination=%2Fdashboard.action Typical exception: quote...
Redirect that works in 2.9 is broken in later Confluence versions
Adding a .jsp containing the following code will work in 2.9, but produces an exception in 2.10 when a parameter such as osdestination is supplied: code code Example URL: http://localhost:8080/confluence/login2.jsp?osdestination=%2Fdashboard.action Typical exception: quote...
Redirect that works in 2.9 is broken in later Confluence versions
Adding a .jsp containing the following code will work in 2.9, but produces an exception in 2.10 when a parameter such as osdestination is supplied: code code Example URL: http://localhost:8080/confluence/login2.jsp?osdestination=%2Fdashboard.action Typical exception: quote...
Business Objects WebIntelligence 6.5x Account Lockout and System DoS
Computer Sciences Corporation Security Advisory December 14, 2005 Summary: CSC have discovered an issue that could impact upon the availability and security of servers operating Business Objects WebIntelligence software. If a remote malicious attacker is able to access authentication mechanisms...
CVE-1999-1481
Squid 2.2.STABLE5 and earlier versions are affected when using external authentication. A newline in the user/password pair can bypass access controls, enabling unauthorized access. The available documents confirm the affected software and the bypass condition but do not provide remediation detai...