2 matches found
Authentication flaw
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request...
Null pointer dereference
The comparedn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows 1 remote attackers to cause a denial of service out-of-bounds read, NULL pointer dereference, and daemon crash or 2 remote authenticated users to impersonate arbitrary users and bypass access restrictions vi...