84 matches found
Consul’s Application-Aware Intentions Deny Action Fails Open When Combined With Default Deny Policy
Summary A vulnerability was identified in Consul and Consul Enterprise “Consul” such that using defaultpolicy = "deny" with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. This vulnerability, CVE-2021-36213,...
CVE-2020-7326
Improperly implemented security check in McAfee Active Response MAR prior to 2.4.4 may allow local administrators to execute malicious code via stopping a core Windows service leaving McAfee core trust component in an inconsistent state resulting in MAR failing open rather than closed...
CVE-2018-17953
A incorrect variable in a SUSE specific patch for pamaccess rule matching in PAM 1.3.0 in openSUSE Leap 15.0 and SUSE Linux Enterprise 15 could lead to pamaccess rules not being applied fail open...
CVE-2018-17953
A incorrect variable in a SUSE specific patch for pamaccess rule matching in PAM 1.3.0 in openSUSE Leap 15.0 and SUSE Linux Enterprise 15 could lead to pamaccess rules not being applied fail open...
CVE-2018-17953 pam_access does not handle netmask matches correctly
A incorrect variable in a SUSE specific patch for pamaccess rule matching in PAM 1.3.0 in openSUSE Leap 15.0 and SUSE Linux Enterprise 15 could lead to pamaccess rules not being applied fail open...
CVE-2018-17953
A incorrect variable in a SUSE specific patch for pamaccess rule matching in PAM 1.3.0 in openSUSE Leap 15.0 and SUSE Linux Enterprise 15 could lead to pamaccess rules not being applied fail open...
CVE-2017-12213
A vulnerability in the dynamic access control list ACL feature of Cisco IOS XE Software running on Cisco Catalyst 4000 Series Switches could allow an unauthenticated, adjacent attacker to cause dynamic ACL assignment to fail and the port to fail open. This could allow the attacker to pass traffic...
R7-2016-23, R7-2016-26, R7-2016-27: Multiple Home Security Vulnerabilities
Executive Summary In October of 2016, former Rapid7 researcher Phil Bosco discovered a number of relatively low-risk vulnerabilities and issues involving home security systems that are common throughout the United States, and which have significant WiFi or Ethernet capabilities. The three systems...
FreeBSD : FreeBSD -- Incorrect error handling in PAM policy parser (6e8f9003-6007-11e6-a6c3-14dae9d210b8)
The OpenPAM library searches for policy definitions in several locations. While doing so, the absence of a policy file is a soft failure handled by searching in the next location while the presence of an invalid file is a hard failure handled by returning an error to the caller. The policy parser...
Juniper Networks Junos OS Fail-Open Unauthenticated Root Access Vulnerability
Junos OS is prone to a unauthenticated root access vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos";...
Deliberately Insecure Web Application: OWASP WebGoat
WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. You can install and practice with WebGoat in either J2EE or WebGoat for .Net in ASP.NET. In each lesson, users must demonstrate their understanding of a security issue by...
ESA-2015-132: EMC Documentum D2 Fail Open Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-132: EMC Documentum D2 Fail Open Vulnerability EMC Identifier: ESA-2015-132 CVE Identifier: CVE-2015-4537 Severity Rating: CVSS v2 Base Score: 8.5 AV:N/AC:M/Au:S/C:C/I:C/A:C Affected products: • EMC Documentum D2 4.2 and earlier Summary: EMC...
FreeBSD -- Incorrect error handling in PAM policy parser
Problem Description: The OpenPAM library searches for policy definitions in several locations. While doing so, the absence of a policy file is a soft failure handled by searching in the next location while the presence of an invalid file is a hard failure handled by returning an error to the...
RSA Authentication Agent for IIS Authentication Bypass Vulnerability
RSA Authentication Agent for IIS is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
ESA-2013-067: RSA® Authentication Agent for Web for Internet Information Services (IIS) Security Controls Bypass Vulnerability
ESA-2013-067.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-067: RSA® Authentication Agent for Web for Internet Information Services IIS Security Controls Bypass Vulnerability EMC Identifier: ESA-2013-067 CVE Identifier: CVE-2013-3280 Severity Rating: CVSS v2 Base Score: 9.0...
CVE-2013-3280
EMC RSA Authentication Agent 7.1.x before 7.1.2 for Web for Internet Information Services has a fail-open design, which allows remote attackers to bypass intended access restrictions via vectors that trigger an agent crash...
Design/Logic Flaw
EMC RSA Authentication Agent 7.1.x before 7.1.2 for Web for Internet Information Services has a fail-open design, which allows remote attackers to bypass intended access restrictions via vectors that trigger an agent crash...
CVE-2013-3280
CVE-2013-3280 concerns the RSA Authentication Agent for Web for IIS (RSA Authentication Agent for IIS) in the 7.1.x line (pre-7.1.2). The vulnerability stems from a fail-open design that can allow an attacker to bypass access controls by triggering an agent crash, potentially leaving protected re...
CVE-2000-0478
Norton Antivirus for Exchange (NavExchange) can enter a fail-open state, causing antivirus checks to fail and allowing viruses to pass through the server. The vulnerability, CVE-2000-0478, is documented across CVE/NVD records with a MEDIUM base score on CVSS v2 (AV:N/AC:L/Au:N/C:N/I:P/A:N). The c...
CVE-2000-0478
In some cases, Norton Antivirus for Exchange NavExchange enters a "fail-open" state which allows viruses to pass through the server...