206 matches found
The vulnerability of the password generation and quality assessment library in Astra Linux’s operating system, libpam-pwquality, is related to a configuration error that allows an attacker to gain unauthorized access to the system.
The vulnerability of the password generation and quality assessment library in the Astra Linux operating system is related to a configuration error that causes no checks are performed to ensure that domain user passwords comply with the specified security policies. Exploiting this vulnerability...
CVE-2018-20340
Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflow. An attacker could use this to attempt to execute malicious code using a crafted USB device masquerading as a security token on a computer where the affected library is...
Debian: Security Advisory (DLA-1429-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4023-1 : slurm-llnl - security update
Ryan Day discovered that the Simple Linux Utility for Resource Management SLURM, a cluster resource management and job scheduling system, does not properly handle SPANK environment variables, allowing a user permitted to submit jobs to execute code as root during the Prolog or Epilog. All systems...
CVE-2016-6318
Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service application crash or gain privileges via a long GECOS field, involving longbuffer...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the libpam-smbpass package of the Debian GNU/Linux operating system may be exploited, leading to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by malicious individuals who have completed t...
CVE-2016-4422
The pamsmauthenticate function in pamsshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account...
Authentication flaw
The pamsmauthenticate function in pamsshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account...
CVE-2016-4422
The pamsmauthenticate function in pamsshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account...
UBUNTU-CVE-2016-4422
The pamsmauthenticate function in pamsshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account...
CVE-2016-4422
The pamsmauthenticate function in pamsshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account...
CVE-2016-4422
Summary: CVE-2016-4422 affects libpam-sshauth (pam_sshauth.c). A weakness in pam_sm_authenticate could allow a local attacker to bypass authentication or gain root privileges by abusing system users. Affected component: libpam-sshauth, specifically the pam_sshauth PAM module. Root cause / impact ...
CVE-2016-4422
Removed by vendor...
Debian DSA-3567-1 : libpam-sshauth - security update
It was discovered that libpam-sshauth, a PAM module to authenticate using an SSH server, does not correctly handle system users. In certain configurations an attacker can take advantage of this flaw to gain root privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...
[SECURITY] [DSA 3567-1] libpam-sshauth security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3567-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 04, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3567-1] libpam-sshauth security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3567-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 04, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3567-1 (libpam-sshauth - security update)
It was discovered that libpam-sshauth, a PAM module to authenticate using an SSH server, does not correctly handle system users. In certain configurations an attacker can take advantage of this flaw to gain root privileges. OpenVAS Vulnerability Test $Id: deb3567.nasl 6608 2017-07-07 12:05:05Z...
DSA-3567-1 libpam-sshauth - security update
Bulletin has no description...
Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the libpam-krb5 package of the Debian GNU/Linux operating system can be exploited, leading to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by local malicious actors...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the libpam-ldap package of the Debian GNU/Linux operating system can be exploited, which may lead to violations of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...