31 matches found
EUVD-2011-4957
Malware in sbrugna...
EUVD-2005-2495
Malware in sbrugna...
CVE-2013-4132
KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pwencrypt functions, which allows remote attackers to cause a denial of service NULL pointer dereference and crash via 1 an invalid salt or a 2 DES or 3 MD5 encrypted password, when FIPS-140 is...
CVE-2013-4132
KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pwencrypt functions, which allows remote attackers to cause a denial of service NULL pointer dereference and crash via 1 an invalid salt or a 2 DES or 3 MD5 encrypted password, when FIPS-140 is...
Null pointer dereference
KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pwencrypt functions, which allows remote attackers to cause a denial of service NULL pointer dereference and crash via 1 an invalid salt or a 2 DES or 3 MD5 encrypted password, when FIPS-140 is...
CVE-2013-4132
CVE-2013-4132 affects KDE Workspace kdebase4-workspace 4.10.5 and earlier. The issue is a NULL pointer dereference in the crypt()/pw_encrypt paths when handling certain salts or DES/MD5 passwords, exploitable to cause a denial of service (crash) in KDM or KCheckPass when FIPS-140 is enabled. Publ...
CVE-2013-4132
KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pwencrypt functions, which allows remote attackers to cause a denial of service NULL pointer dereference and crash via 1 an invalid salt or a 2 DES or 3 MD5 encrypted password, when FIPS-140 is...
Fedora 19 : kde-workspace-4.10.5-3.fc19 (2013-13098)
This update addresses 2 issues : - backport systray icons memleak fix http://bugs.kde.org/314919 - backport potential kcheckpass security issue http://git.reviewboard.kde.org/r/111261 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora securit...
Slackware Advisory SSA:2005-251-01 kcheckpass in kdebase
The remote host is missing an update as announced via advisory SSA:2005-251-01. OpenVAS Vulnerability Test $Id: esoftslkssa200525101.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...
Slackware: Security Advisory (SSA:2005-251-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2011-5054
kcheckpass passes a user-supplied argument to the pamstart function, often within a setuid environment, which allows local users to invoke any configured PAM stack, and possibly trigger unintended side effects, via an arbitrary valid PAM service name, a different vulnerability than CVE-2011-4122...
Design/Logic Flaw
kcheckpass passes a user-supplied argument to the pamstart function, often within a setuid environment, which allows local users to invoke any configured PAM stack, and possibly trigger unintended side effects, via an arbitrary valid PAM service name, a different vulnerability than CVE-2011-4122...
CVE-2011-5054
Technical details for CVE-2011-5054 are not publicly available in the provided connected documents. Monitor for updates. The description here reiterates a PAM-related issue involving kcheckpass but no further specifics are included.
CVE-2011-4122
Directory traversal vulnerability in openpamconfigure.c in OpenPAM before r478 on FreeBSD 8.1 allows local users to load arbitrary DSOs and gain privileges via a .. dot dot in the servicename argument to the pamstart function, as demonstrated by a .. in the -c option to kcheckpass...
Fedora Update for kdebase FEDORA-2008-1283
Check for the Version of kdebase OpenVAS Vulnerability Test Fedora Update for kdebase FEDORA-2008-1283 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for kdebase FEDORA-2008-1264
Check for the Version of kdebase OpenVAS Vulnerability Test Fedora Update for kdebase FEDORA-2008-1264 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
[SECURITY] Fedora 8 Update: kdebase-3.5.8-31.fc8
Core applications for the K Desktop Environment. Included are: kdm replacement for xdm, kwin window manager, konqueror filemanager, web browser, ftp client, ..., konsole xterm replacement, kpanel application starter and desktop pager, kaudio audio server, kdehelp viewer for kde help files, info a...
[SECURITY] Fedora 7 Update: kdebase-3.5.8-31.fc7
Core applications for the K Desktop Environment. Included are: kdm replacement for xdm, kwin window manager, konqueror filemanager, web browser, ftp client, ..., konsole xterm replacement, kpanel application starter and desktop pager, kaudio audio server, kdehelp viewer for kde help files, info a...
[SECURITY] Fedora 7 Update: kdebase-3.5.8-3.fc7
Core applications for the K Desktop Environment. Included are: kdm replacement for xdm, kwin window manager, konqueror filemanager, web browser, ftp client, ..., konsole xterm replacement, kpanel application starter and desktop pager, kaudio audio server, kdehelp viewer for kde help files, info a...
[SECURITY] Fedora 7 Update: kdebase-3.5.7-13.fc7
Core applications for the K Desktop Environment. Included are: kdm replacement for xdm, kwin window manager, konqueror filemanager, web browser, ftp client, ..., konsole xterm replacement, kpanel application starter and desktop pager, kaudio audio server, kdehelp viewer for kde help files, info a...