66 matches found
The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality of protected information.
The vulnerability of the pam-modules-11 package in the SUSE Linux Enterprise operating system can lead to a violation of the confidentiality of protected information. This vulnerability can be exploited remotely...
The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality of protected information.
The vulnerability of the pam-modules-10 package in the SUSE Linux Enterprise operating system can lead to a violation of the confidentiality of protected information. This vulnerability can be exploited remotely...
The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality of protected information.
The vulnerability of the pam-modules-x86 package in the SUSE Linux Enterprise operating system can lead to a violation of the confidentiality of protected information. This vulnerability can be exploited remotely...
The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality of protected information.
The vulnerability of the pam-modules-x86-10 package in the SUSE Linux Enterprise operating system can lead to a violation of the confidentiality of protected information. This vulnerability can be exploited remotely...
OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
OpenSSH sshd with ChallengeResponseAuthentication enabled is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Portable OpenSSH < 3.8p1 Multiple Vulnerabilities
According to its banner, a version of OpenSSH earlier than 3.8p1 is running on the remote host and is affected by the following issues: - There is an issue in the handling of PAM modules in such versions of OpenSSH. As a result, OpenSSH may not correctly handle aborted conversations with PAM...
SUSE: Security Advisory for glibc, pam-modules, libxcrypt, pwdutils (SUSE-SA:2011:035)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE Update for glibc,pam-modules,libxcrypt,pwdutils SUSE-SA:2011:035
Check for the Version of glibc,pam-modules,libxcrypt,pwdutils OpenVAS Vulnerability Test SuSE Update for glibc,pam-modules,libxcrypt,pwdutils SUSE-SA:2011:035 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free softwar...
RHEL 5 : pam_krb5 (RHSA-2010:0258)
Updated pamkrb5 packages that fix one security issue and various bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Gentoo Security Advisory GLSA 200311-01 (kdebase)
The remote host is missing updates announced in advisory GLSA 200311-01. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandrake Linux Security Advisory : openssh (MDKSA-2002:040-1)
An input validation error exists in the OpenSSH server between versions 2.3.1 and 3.3 that can result in an integer overflow and privilege escalation. This error is found in the PAMAuthenticationViaKbdInt code in versions 2.3.1 to 3.3, and the ChallengeResponseAuthentication code in versions 2.9....
Mandrake Linux Security Advisory : kdebase (MDKSA-2003:091)
A vulnerability was discovered in all versions of KDE 2.2.0 up to and including 3.1.3. KDM does not check for successful completion of the pamsetcred call and in the case of error conditions in the installed PAM modules, KDM may grant local root access to any user with valid login credentials. It...
Mandrake Linux Security Advisory : XFree86 (MDKSA-2003:118)
A vulnerability was discovered in the XDM display manager that ships with XFree86. XDM does not check for successful completion of the pamsetcred call and in the case of error conditions in the installed PAM modules, XDM may grant local root access to any user with valid login credentials. It has...
RHEL 2.1 : XFree86 (RHSA-2003:289)
Updated XFree86 packages provide security fixes to font libraries and XDM. XFree86 is an implementation of the X Window System providing the core graphical user interface and video drivers. XDM is the X display manager. Multiple integer overflows in the transfer and enumeration of font libraries ...
Important: Red Hat Security Advisory: : Updated XFree86 packages provide security and bug fixes
Updated XFree86 packages for Red Hat Linux 7.1 and 7.2 provide security fixes to font libraries and XDM. XFree86 is an implementation of the X Window System providing the core graphical user interface and video drivers in Red Hat Linux. XDM is the X display manager. Multiple integer overflows in...
Important: Red Hat Security Advisory: XFree86 security update
Updated XFree86 packages provide security fixes to font libraries and XDM. XFree86 is an implementation of the X Window System providing the core graphical user interface and video drivers. XDM is the X display manager. Multiple integer overflows in the transfer and enumeration of font libraries ...
CVE-2003-0690
KDM in KDE 3.1.3 and earlier does not verify whether the pamsetcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pamkrb5 module...
CVE-2003-0690
Concretely, CVE-2003-0690 affects KDE kdebase (KDM in KDE 3.1.3 and earlier). The flaw is that kdebase does not verify whether pam_setcred succeeds, which can allow a root privilege escalation under certain PAM module configurations (notably MIT pam_krb5). Public sources in connected docs referen...
[KDE SECURITY ADVISORY] KDM vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 KDE Security Advisory: KDM vulnerabilities Original Release Date: 2003-09-16 URL: http://www.kde.org/info/security/advisory-20030916-1.txt 0. References http://cert.uni-stuttgart.de/archive/suse/security/2002/12/ msg00101.html...
Moderate: Red Hat Security Advisory: kdebase security update
Updated KDE packages that resolve a local security issue with KDM PAM support and weak session cookie generation are now available. KDE is a graphical desktop environment for the X Window System. KDE between versions 2.2.0 and 3.1.3 inclusive contain a bug in the KDE Display Manager KDM when...