Lucene search
K

206 matches found

BDU FSTEC
BDU FSTEC
added 2019/03/12 12:0 a.m.4 views

The vulnerability of the password generation and quality assessment library in Astra Linux’s operating system, libpam-pwquality, is related to a configuration error that allows an attacker to gain unauthorized access to the system.

The vulnerability of the password generation and quality assessment library in the Astra Linux operating system is related to a configuration error that causes no checks are performed to ensure that domain user passwords comply with the specified security policies. Exploiting this vulnerability...

8CVSS5.5AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2019/02/08 11:0 a.m.27 views

CVE-2018-20340

Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflow. An attacker could use this to attempt to execute malicious code using a crafted USB device masquerading as a security token on a computer where the affected library is...

6.8CVSS7.2AI score0.00499EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/07/16 12:0 a.m.27 views

Debian: Security Advisory (DLA-1429-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01519EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/11/08 12:0 a.m.28 views

Debian DSA-4023-1 : slurm-llnl - security update

Ryan Day discovered that the Simple Linux Utility for Resource Management SLURM, a cluster resource management and job scheduling system, does not properly handle SPANK environment variables, allowing a user permitted to submit jobs to execute code as root during the Prolog or Epilog. All systems...

7.8CVSS7.7AI score0.00578EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2016/09/07 7:28 p.m.24 views

CVE-2016-6318

Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service application crash or gain privileges via a long GECOS field, involving longbuffer...

7.8CVSS6.9AI score0.00747EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.9 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libpam-smbpass package of the Debian GNU/Linux operating system may be exploited, leading to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by malicious individuals who have completed t...

6CVSS6.3AI score0.04207EPSS
Exploits4References7Affected Software1
NVD
NVD
added 2016/05/06 5:59 p.m.14 views

CVE-2016-4422

The pamsmauthenticate function in pamsshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account...

10CVSS9.6AI score0.01803EPSS
Exploits0References2
Prion
Prion
added 2016/05/06 5:59 p.m.13 views

Authentication flaw

The pamsmauthenticate function in pamsshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account...

10CVSS7.3AI score0.01803EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2016/05/06 5:59 p.m.16 views

CVE-2016-4422

The pamsmauthenticate function in pamsshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account...

10CVSS7.2AI score0.01803EPSS
Exploits0References3
OSV
OSV
added 2016/05/06 5:59 p.m.5 views

UBUNTU-CVE-2016-4422

The pamsmauthenticate function in pamsshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account...

9.8CVSS7.3AI score0.01803EPSS
Exploits0References4
Cvelist
Cvelist
added 2016/05/06 5:0 p.m.16 views

CVE-2016-4422

The pamsmauthenticate function in pamsshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account...

9.6AI score0.01803EPSS
Exploits0References2
CVE
CVE
added 2016/05/06 5:0 p.m.81 views

CVE-2016-4422

Summary: CVE-2016-4422 affects libpam-sshauth (pam_sshauth.c). A weakness in pam_sm_authenticate could allow a local attacker to bypass authentication or gain root privileges by abusing system users. Affected component: libpam-sshauth, specifically the pam_sshauth PAM module. Root cause / impact ...

10CVSS9.4AI score0.01803EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2016/05/06 5:0 p.m.26 views

CVE-2016-4422

Removed by vendor...

10CVSS9.4AI score0.01803EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/05/05 12:0 a.m.31 views

Debian DSA-3567-1 : libpam-sshauth - security update

It was discovered that libpam-sshauth, a PAM module to authenticate using an SSH server, does not correctly handle system users. In certain configurations an attacker can take advantage of this flaw to gain root privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...

10CVSS8.3AI score0.01803EPSS
Exploits0References3
Debian
Debian
added 2016/05/04 7:47 p.m.14 views

[SECURITY] [DSA 3567-1] libpam-sshauth security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3567-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 04, 2016 https://www.debian.org/security/faq -...

10CVSS2.4AI score0.01803EPSS
Exploits0
Debian
Debian
added 2016/05/04 7:47 p.m.25 views

[SECURITY] [DSA 3567-1] libpam-sshauth security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3567-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 04, 2016 https://www.debian.org/security/faq -...

10CVSS9.6AI score0.01803EPSS
Exploits0
OpenVAS
OpenVAS
added 2016/05/04 12:0 a.m.24 views

Debian Security Advisory DSA 3567-1 (libpam-sshauth - security update)

It was discovered that libpam-sshauth, a PAM module to authenticate using an SSH server, does not correctly handle system users. In certain configurations an attacker can take advantage of this flaw to gain root privileges. OpenVAS Vulnerability Test $Id: deb3567.nasl 6608 2017-07-07 12:05:05Z...

10CVSS0.8AI score0.01803EPSS
Exploits0References1
OSV
OSV
added 2016/05/04 12:0 a.m.27 views

DSA-3567-1 libpam-sshauth - security update

Bulletin has no description...

10CVSS9.4AI score0.01803EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libpam-krb5 package of the Debian GNU/Linux operating system can be exploited, leading to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by local malicious actors...

6.2CVSS5.4AI score0.00695EPSS
Exploits7References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libpam-ldap package of the Debian GNU/Linux operating system can be exploited, which may lead to violations of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

7.5CVSS5.4AI score0.03831EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder