Linux Distros Unpatched Vulnerability : CVE-2022-39369

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service CAS server. The phpCAS librar...

Ubuntu: Security Advisory (USN-6913-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6913-2: phpCAS vulnerability

USN-6913-1 fixed CVE-2022-39369 for Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This update provides the corresponding fix for Ubuntu 16.04 LTS. Original advisory details: Filip Hejsek discovered that phpCAS was using HTTP headers to determine the service URL used to validate tickets. A remote attacke...

Ubuntu: Security Advisory (USN-6913-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-3485-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-3486-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3487-1] fusiondirectory security update and rebuild for php-cas

Debian LTS Advisory DLA-3487-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA Tobias Frost July 08, 2023 https://wiki.debian.org/LTS Package : fusiondirectory Version : 1.2.3-4+deb10u2 CVE ID : CVE-2022-36179 CVE-2022-36180 Debian Bug : A potential Cross Site Scripti...

[SECURITY] [DLA 3486-1] ocsinventory-server update for php-cas

Debian LTS Advisory DLA-3486-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost July 08, 2023 https://wiki.debian.org/LTS Package : ocsinventory-server Version : 2.5+dfsg1-1+deb10u1 CVE ID : n/a Debian Bug : The source package ocsinventory-server, a Hardware and...

[SECURITY] [DLA 3485-1] php-cas security update

Debian LTS Advisory DLA-3485-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost July 08, 2023 https://wiki.debian.org/LTS Package : php-cas Version : 1.3.6-1+deb10u1 CVE ID : CVE-2022-39369 Debian Bug : 1023571 A vulnerability has been found in phpCAS, a Central...

DLA-3485-1 php-cas - security update

Bulletin has no description...

Debian dla-3485 : php-cas - security update

"The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3485 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3485-1 [email protected] https://www.debian.org/lts/security/...

DEBIAN-CVE-2022-39369

phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service CAS server. The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows an attacker to control the host header and use a...

PT-2022-7432 · Phpcas +4 · Phpcas +4

Name of the Vulnerable Software and Affected Versions: phpCAS versions prior to 1.6.0 Description: The phpCAS library uses HTTP headers to determine the service URL used to validate tickets, allowing an attacker to control the host header and use a valid ticket granted for any authorized service ...

[SECURITY] [DSA 3017-1] php-cas security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3017-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst September 2, 2014 http://www.debian.org/security/faq -...

Debian DSA-3017-1 : php-cas - security update

Marvin S. Addison discovered that Jasig phpCAS, a PHP library for the CAS authentication protocol, did not encode tickets before adding them to an URL, creating a possibility for cross site scripting. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

[SECURITY] [DSA 3017-1] php-cas security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3017-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst September 2, 2014 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 3017-1 (php-cas - security update)

Marvin S. Addison discovered that Jasig phpCAS, a PHP library for the CAS authentication protocol, did not encode tickets before adding them to an URL, creating a possibility for cross site scripting. OpenVAS Vulnerability Test $Id: deb3017.nasl 6692 2017-07-12 09:57:43Z teissa $ Auto-generated...

Debian: Security Advisory (DSA-3017-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 14 : php-pear-CAS-1.1.3-1.fc14 (2010-15796)

This release contains 3 security fixes for vulnerabilities in the proxy callback mechanism. These vulnerabilities only affect phpCAS clients that are running in proxy mode. The release is fully compatible with all versions 1.1.x versions. The changes are : Security Issue - CVE-2010-3690 phpCAS: X...