EUVD-2011-2476

Malware in sbrugna...

EUVD-2006-1287

Malware in sbrugna...

EUVD-2011-2477

Malware in sbrugna...

OPENSUSE-SU-2024:10550-1 opie-2.4-726.12 on GA media

These are all security issues fixed in the opie-2.4-726.12 package on the GA media of openSUSE Tumbleweed...

K14229: OpenSSH vulnerability CVE-2007-2768

Security Advisory Description OpenSSH, when using OPIE One-Time Passwords in Everything for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords OTP, a similar...

SUSE CVE-2010-1938

Off-by-one error in the opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a long username, as...

SUSE CVE-2011-2490

opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes...

SUSE CVE-2011-2489

Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line...

OpenSSH < 4.7 Improper Authentication Vulnerabilities

OpenSSH is prone to multiple improper authentication vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2007-2768

OpenSSH, when using OPIE One-Time Passwords in Everything for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords OTP, a similar issue to CVE-2007-2243...

IT-Grundschutz M5.034: Einsatz von Einmalpasswörtern

IT-Grundschutz M5.034: Einsatz von Einmalpasswörtern Stand: 14. Ergänzungslieferung 14. EL. OpenVAS Vulnerability Test $Id: GSHBM5034.nasl 7883 2017-11-23 11:22:59Z emoss $ IT-Grundschutz, 14. EL, Maßnahme 5.034 Authors: Thomas Rotter Copyright: Copyright c 2015 Greenbone Networks GmbH,...

openSUSE Security Update : opie (openSUSE-SU-2011:0848-1)

This update fixes off-by-one errors in opiesu CVE-2011-2489 and missing setuid return value checks in opielogin CVE-2011-2490. This update also removes the setuid bit from opiesu program. If you rely on the setuid bit on opiesu, add the following line to /etc/permissions.local : /usr/bin/opiesu...

openSUSE Security Update : opie (openSUSE-SU-2011:0848-1)

This update fixes off-by-one errors in opiesu CVE-2011-2489 and missing setuid return value checks in opielogin CVE-2011-2490. This update also removes the setuid bit from opiesu program. If you rely on the setuid bit on opiesu, add the following line to /etc/permissions.local : /usr/bin/opiesu...

Ubuntu 9.04 / 9.10 / 10.04 LTS : opie vulnerability (USN-955-1)

Maksymilian Arciemowicz and Adam Zabrocki discovered that OPIE incorrectly handled long usernames. A remote attacker could exploit this with a crafted username and make applications linked against libopie crash, leading to a denial of service. Note that Tenable Network Security has extracted the...

SuSE 10 Security Update : opie (ZYPP Patch Number 7594)

This update fixes off-by-one errors in opiesu CVE-2011-2489 and missing setuid return value checks in opielogin. CVE-2011-2490 This update also removes the setuid bit from opiesu program. If you rely on the setuid bit on opiesu, add the following line to /etc/permissions.local : /usr/bin/opiesu...

OPIE w/ OpenSSH Account Enumeration

When using OPIE for PAM and OpenSSH, it is possible for remote attackers to determine the existence of certain user accounts. Note that Nessus has not tried to exploit the issue, but rather only checked if OpenSSH is running on the remote host. As a result, it does not detect if the remote host...

Debian Security Advisory DSA 2281-1 (opie)

The remote host is missing an update to opie announced via advisory DSA 2281-1. OpenVAS Vulnerability Test $Id: deb22811.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2281-1 opie Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

Debian: Security Advisory (DSA-2281-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SuSE 11.1 Security Update : opie (SAT Patch Number 4815)

This update fixes off-by-one errors in opiesu CVE-2011-2489 and missing setuid return value checks in opielogin. CVE-2011-2490 This update also removes the setuid bit from opiesu program. If you rely on the setuid bit on opiesu, add the following line to /etc/permissions.local : /usr/bin/opiesu...

SuSE 10 Security Update : opie (ZYPP Patch Number 7595)

This update fixes off-by-one errors in opiesu CVE-2011-2489 and missing setuid return value checks in opielogin. CVE-2011-2490 This update also removes the setuid bit from opiesu program. If you rely on the setuid bit on opiesu, add the following line to /etc/permissions.local : /usr/bin/opiesu...