FreeBSD : Buffer overflow in pam_smb password handling (2bcd2d24-24ca-11d8-82e5-0020ed76ef5a)

Applications utilizing pamsmb can be compromised by any user who can enter a password. In many cases, this is a remote root compromise. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database :...

FreeBSD Ports: pam_smb

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: pam_smb

The remote host is missing an update to the system as announced in the referenced advisory. VID 2bcd2d24-24ca-11d8-82e5-0020ed76ef5a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

RHEL 2.1 : pam_smb (RHSA-2003:262)

Updated pamsmb packages are now available which fix a security vulnerability buffer overflow. The pamsmb module is a pluggable authentication module PAM used to authenticate users using an external Server Message Block SMB server. A buffer overflow vulnerability has been found that affects...

FreeBSD : Buffer overflow in pam_smb password handling (136)

The following package needs to be updated: pamsmb %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg2bcd2d2424ca11d882e50020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

pam_smb, pam_ntdom buffer overflow

Buffer overflow on oversized username...

Buffer overflow in pam_smb password handling

Applications utilizing pamsmb can be compromised by any user who can enter a password. In many cases, this is a remote root compromise...

CVE-2003-0686

CVE-2003-0686 describes a buffer overflow in the pam_smb PAM module (versions ≤ 1.1.6) used for authenticating to a remote SMB service. The vulnerability can allow remote code execution with the privileges of the PAM service when a long password is processed, affecting servers using pam_smb in re...

Linux pam_smb < 1.1.6 login exploit

Adivisory at http://us2.samba.org/samba/ftp/pamsmb/ -- LIDS secure linux kernel http://www.lids.org/ 1024D/B6EFB028 4731 2BF7 7735 4DBD 3771 4E24 B53B B60A B6EF B028...

pam_smb module contains remote buffer overflow

Overview The pamsmb module contains a remotely exploitable buffer overflow vulnerability. This module is used to authenticate users using an external Server Message Block SMB server. A remote attacker may be able to exploit this vulnerability to run arbitrary commands on the system. Description T...

Important: Red Hat Security Advisory: : Updated pam_smb packages fix remote buffer overflow.

Updated pamsmb packages are now available which fix a security vulnerability buffer overflow. The pamsmb module is a pluggable authentication module PAM used to authenticate users using an external Server Message Block SMB server. A buffer overflow vulnerability has been found that affects...

Important: Red Hat Security Advisory: pam_smb security update

Updated pamsmb packages are now available which fix a security vulnerability buffer overflow. The pamsmb module is a pluggable authentication module PAM used to authenticate users using an external Server Message Block SMB server. A buffer overflow vulnerability has been found that affects...

Pam_SMB Remote Buffer Overflow Vulnerability

Description pamsmb has been reported prone to a buffer overflow vulnerability. It has been reported that systems using pamsmb to authenticate to a remotely accessible service may be vulnerable to a condition that could allow a remote attacker to supply and execute arbitrary code in the context of...

CVE-2000-0843

Summary (CVE-2000-0843): Buffer overflow in pam_smb and pam_ntdom PAM modules can be triggered by a long username, enabling remote attackers to execute arbitrary commands. Connected Nessus data notes the overflow could allow an intruder to run arbitrary commands as root on the host, indicating a ...

SuSE Security Announcement: cfengine

-----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: cfengine Date: Wednesday, October 11th, 2000 19:15 MEST Affected SuSE versions: 5.3, 6.0, 6.1, 6.3, 6.4, 7.0 Vulnerability Type: remote root compromise Severity 1-10: 5 SuSE default package: no Other affected systems: Linux...