30 matches found
EUVD-2004-0041
Malware in sbrugna...
EUVD-2005-2963
Malware in sbrugna...
EUVD-2010-1182
Malware in sbrugna...
SUSE CVE-2004-0041
The modauthshadow module 1.4 and earlier does not properly enforce the expiration of a user account and password, which could allow remote authenticated users to bypass intended access restrictions...
Fedora 12 : mod_auth_shadow-2.2-8.fc12 (2010-6359)
Fixes CVE-2010-1151 modauthshadow: bad wait2 call causes randomized authorization behaviour 578168. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Fedora 13 : mod_auth_shadow-2.2-8.fc13 (2010-6290)
Fixes CVE-2010-1151 modauthshadow: bad wait2 call causes randomized authorization behaviour 578168. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Fedora 11 : mod_auth_shadow-2.2-8.fc11 (2010-6323)
Fixes CVE-2010-1151 modauthshadow: bad wait2 call causes randomized authorization behaviour 578168. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
[SECURITY] Fedora 13 Update: mod_auth_shadow-2.2-8.fc13
When performing this task one encounters one fundamental difficulty: The /etc/shadow file is supposed to be read/writeable only by root. However, the webserver is supposed to run under a non-root user, such as "nobody". modauthshadow addresses this difficulty by opening a pipe to an suid root...
Fedora Update for mod_auth_shadow FEDORA-2010-6323
Check for the Version of modauthshadow OpenVAS Vulnerability Test Fedora Update for modauthshadow FEDORA-2010-6323 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora Update for mod_auth_shadow FEDORA-2010-6359
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for mod_auth_shadow FEDORA-2010-6323
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for mod_auth_shadow FEDORA-2010-6359
Check for the Version of modauthshadow OpenVAS Vulnerability Test Fedora Update for modauthshadow FEDORA-2010-6359 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
[SECURITY] Fedora 12 Update: mod_auth_shadow-2.2-8.fc12
When performing this task one encounters one fundamental difficulty: The /etc/shadow file is supposed to be read/writeable only by root. However, the webserver is supposed to run under a non-root user, such as "nobody". modauthshadow addresses this difficulty by opening a pipe to an suid root...
[SECURITY] Fedora 11 Update: mod_auth_shadow-2.2-8.fc11
When performing this task one encounters one fundamental difficulty: The /etc/shadow file is supposed to be read/writeable only by root. However, the webserver is supposed to run under a non-root user, such as "nobody". modauthshadow addresses this difficulty by opening a pipe to an suid root...
Apache mod_auth_shadow authentication bypass
Race conditions allow to bypass username/password check...
[ MDVSA-2010:081 ] apache-mod_auth_shadow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:081 http://www.mandriva.com/security/ Package : apache-modauthshadow Date : April 18, 2010 Affected: 2008.0, 2009.1, 2010.0, Corporate 4.0 Problem Description: A vulnerability has been found and corrected in...
Race condition
Race condition in the modauthshadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials...
CVE-2010-1151
Race condition in the modauthshadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials...
CVE-2010-1151
Race condition in the modauthshadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials...
CVE-2010-1151
CVE-2010-1151 affects the Apache mod_auth_shadow module. A race condition related to the external helper validation path can bypass authentication, potentially allowing unauthorized read/modify of data. Fedora advisories state the fix addresses a bad wait(2) call that causes randomized authorizat...