23 matches found
Debian: Security Advisory (DLA-3359-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3359-1] libapache2-mod-auth-mellon security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-3359-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta March 13, 2023 https://wiki.debian.org/LTS -...
Debian dla-3359 : libapache2-mod-auth-mellon - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3359 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3359-1 [email protected]...
Ubuntu: Security Advisory (USN-5069-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-5069-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5069-2: mod-auth-mellon vulnerability
USN-5069-1 fixed a vulnerability in mod-auth-mellon. This update provides the corresponding updates for Ubuntu 21.04. Original advisory details: It was discovered that mod-auth-mellon incorrectly filtered certain URLs. A remote attacker could possibly use this issue to perform an open redirect...
USN-5069-1: mod-auth-mellon vulnerability
It was discovered that mod-auth-mellon incorrectly filtered certain URLs. A remote attacker could possibly use this issue to perform an open redirect attack...
USN-5069-1 libapache2-mod-auth-mellon vulnerability
It was discovered that mod-auth-mellon incorrectly filtered certain URLs. A remote attacker could possibly use this issue to perform an open redirect attack...
Ubuntu 18.04 LTS / 20.04 LTS : mod-auth-mellon vulnerability (USN-5069-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5069-1 advisory. It was discovered that mod-auth-mellon incorrectly filtered certain URLs. A remote attacker could possibly use this issue to perform an open redirect...
Ubuntu 21.04 : mod-auth-mellon vulnerability (USN-5069-2)
The remote Ubuntu 21.04 host has a package installed that is affected by a vulnerability as referenced in the USN-5069-2 advisory. USN-5069-1 fixed a vulnerability in mod-auth-mellon. This update provides the corresponding updates for Ubuntu 21.04. Tenable has extracted the preceding description...
Open Redirection
libapache2-mod-auth-mellon is vulnerable to open redirection. The logout URLs properly and could be used by an attacker to perform phishing attacks by tricking users into visiting a trusted web application URL that redirects to a malicious server...
Ubuntu: Security Advisory (USN-4597-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4597-1: mod_auth_mellon vulnerabilities
François Kooman discovered that modauthmellon incorrectly handled cookies. An attacker could possibly use this issue to cause a Cross-Site Session Transfer attack. CVE-2017-6807 It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to...
Ubuntu 18.04 LTS : mod-auth-mellon vulnerability (USN-4291-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4291-1 advisory. It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to redirect a user to a malicious URL. Tenabl...
Ubuntu: Security Advisory (USN-4291-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4291-1: mod-auth-mellon vulnerability
It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to redirect a user to a malicious URL...
The vulnerability of the register_hooks() function in the Apache HTTP Server’s web server, related to the possibility of bypassing authentication, allows attackers to circumvent existing access control mechanisms.
The vulnerability of the registerhooks function modauthmellon in the Apache HTTP Server is related to the possibility of bypassing authentication by executing a special SAML ECP. Exploiting this vulnerability allows a malicious actor to circumvent existing access control mechanisms by using...
Ubuntu: Security Advisory (USN-3924-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3924-1: mod_auth_mellon vulnerabilities
It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to redirect a user to a malicious URL. CVE-2019-3877 It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to access...
USN-3924-1 libapache2-mod-auth-mellon vulnerabilities
It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to redirect a user to a malicious URL. CVE-2019-3877 It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to access...