Lucene search
K

206 matches found

Debian
Debian
added 2005/03/31 1:40 p.m.33 views

[SECURITY] [DSA 701-1] New samba packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 701-1 [email protected] http://www.debian.org/security/ Martin Schulze March 31st, 2005 http://www.debian.org/security/faq -...

10CVSS0.1AI score0.13196EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/02/16 12:0 a.m.24 views

HP-UX PHCO_32280 : s700_800 11.04 (VVOS) libpam, libpam_unix cumulative patch

s700800 11.04 VVOS libpam, libpamunix cumulative patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX systems where the vulnerability may be exploited to allow a local user to increase privilege. HPSBUX02091...

7.2CVSS5.4AI score0.00495EPSS
Exploits0References4
CVE
CVE
added 2005/01/29 5:0 a.m.58 views

CVE-2004-1340

Summary: CVE-2004-1340 affects the libpam-radius-auth package on Debian GNU/Linux 3.0, where the accompanying pam_radius_auth.conf was installed world-readable, potentially exposing secrets to all local users. The issue is Debian-specific (CAN-2004-1340) and was addressed in Debian security advis...

2.1CVSS5.8AI score0.00395EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2005/01/29 5:0 a.m.27 views

CVE-2004-1340

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pamradiusauth.conf set to be world-readable, which allows local users to obtain sensitive information...

5.8AI score0.00395EPSS
Exploits0References4
Debian
Debian
added 2005/01/26 10:9 a.m.28 views

[SECURITY] [DSA 659-1] New libpam-radius-auth packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 659-1 [email protected] http://www.debian.org/security/ Martin Schulze January 26th, 2005 http://www.debian.org/security/faq -...

6.1AI score
Exploits1
Debian
Debian
added 2005/01/26 10:9 a.m.69 views

[SECURITY] [DSA 659-1] New libpam-radius-auth packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 659-1 [email protected] http://www.debian.org/security/ Martin Schulze January 26th, 2005 http://www.debian.org/security/faq -...

5CVSS0.6AI score0.03446EPSS
Exploits1
NVD
NVD
added 2005/01/26 5:0 a.m.29 views

CVE-2004-1340

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pamradiusauth.conf set to be world-readable, which allows local users to obtain sensitive information...

2.1CVSS5.9AI score0.00395EPSS
Exploits0References4
OSV
OSV
added 2005/01/26 5:0 a.m.10 views

CVE-2004-1340

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pamradiusauth.conf set to be world-readable, which allows local users to obtain sensitive information...

5.8AI score0.00395EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2005/01/26 12:0 a.m.25 views

Debian DSA-659-1 : libpam-radius-auth - information leak, integer underflow

Two problems have been discovered in the libpam-radius-auth package, the PAM RADIUS authentication module. The Common Vulnerabilities and Exposures Project identifies the following problems : - CAN-2004-1340 The Debian package accidentally installed its configuration file /etc/pamradiusauth.conf...

5CVSS5.4AI score0.03446EPSS
Exploits1References3
Cvelist
Cvelist
added 2005/01/19 5:0 a.m.30 views

CVE-2005-0108

Apache modauthradius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service crash via a RADIUSREPLYMESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument...

6.3AI score0.03446EPSS
Exploits1References8
CVE
CVE
added 2005/01/19 5:0 a.m.59 views

CVE-2005-0108

CVE-2005-0108 is a vulnerability in Apache mod_auth_radius and the libpam-radius-auth PAM module. The Debian and related advisories describe an integer underflow in the mod_auth_radius component that can be triggered by a crafted RADIUS_REPLY_MESSAGE, potentially allowing remote attackers to caus...

5CVSS6.3AI score0.03446EPSS
Exploits1References8Affected Software1
UbuntuCve
UbuntuCve
added 2005/01/11 5:0 a.m.26 views

CVE-2005-0108

Apache modauthradius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service crash via a RADIUSREPLYMESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument...

5CVSS5.9AI score0.03446EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.27 views

Debian DSA-469-1 : pam-pgsql - missing input sanitising

Primoz Bratanic discovered a bug in libpam-pgsql, a PAM module to authenticate using a PostgreSQL database. The library does not escape all user-supplied data that are sent to the database. An attacker could exploit this bug to insert SQL statements. %NASLMINLEVEL 70300 C Tenable Network Security...

7.5CVSS5.7AI score0.01467EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.18 views

Debian DSA-374-1 : libpam-smb - buffer overflow

libpam-smb is a PAM authentication module which makes it possible to authenticate users against a password database managed by Samba or a Microsoft Windows server. If a long password is supplied, this can cause a buffer overflow which could be exploited to execute arbitrary code with the privileg...

7.5CVSS6AI score0.25427EPSS
Exploits0References2
NVD
NVD
added 2004/05/04 4:0 a.m.18 views

CVE-2004-0366

SQL injection vulnerability in the libpam-pgsql library before 0.5.2 allows attackers to execute arbitrary SQL statements...

7.5CVSS7.9AI score0.01467EPSS
Exploits0References4
Cvelist
Cvelist
added 2004/04/06 4:0 a.m.17 views

CVE-2004-0366

SQL injection vulnerability in the libpam-pgsql library before 0.5.2 allows attackers to execute arbitrary SQL statements...

7.8AI score0.01467EPSS
Exploits0References4
CVE
CVE
added 2004/04/06 4:0 a.m.65 views

CVE-2004-0366

CVE-2004-0366 affects libpam-pgsql (pam-pgsql) with a SQL injection vulnerability present in versions prior to 0.5.2. The underlying issue is missing input sanitising that allows an attacker to insert arbitrary SQL statements when data is sent to PostgreSQL. Debian and OpenVAS entries document th...

7.5CVSS7.8AI score0.01467EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2004/04/06 4:0 a.m.25 views

CVE-2004-0366

Removed by vendor...

7.5CVSS6.7AI score0.01467EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2004/04/06 12:0 a.m.4 views

PT-2004-1520 · Unknown · Libpam-Pgsql

Name of the Vulnerable Software and Affected Versions: libpam-pgsql versions prior to 0.5.2 Description: The issue allows attackers to execute arbitrary SQL statements due to a SQL injection vulnerability in the libpam-pgsql library. Recommendations: For versions prior to 0.5.2, update to version...

7.5CVSS7.7AI score0.01467EPSS
Exploits0References6
Debian
Debian
added 2004/03/29 1:44 p.m.22 views

[SECURITY] [DSA 469-1] New libpam-pgsql packages fix SQL injection

-------------------------------------------------------------------------- Debian Security Advisory DSA 469-1 [email protected] http://www.debian.org/security/ Martin Schulze March 29th, 2004 http://www.debian.org/security/faq -...

7.5CVSS0.4AI score0.01467EPSS
Exploits0
Rows per page
Query Builder