MySQL 5.7.x < 5.7.18 Multiple Vulnerabilities (April 2017 CPU) (July 2017 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.18. It is, therefore, affected by multiple vulnerabilities : - A carry propagation error exists in the OpenSSL component in the Broadwell-specific Montgomery multiplication procedure when handling input lengths divisible by but...

MySQL 5.7.x < 5.7.18 Multiple Vulnerabilities (April 2017 CPU) (July 2017 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.18. It is, therefore, affected by multiple vulnerabilities : - A carry propagation error exists in the OpenSSL component in the Broadwell-specific Montgomery multiplication procedure when handling input lengths divisible by but...

xrdp elevation of privilege vulnerability

xrdp is an open source Remote Desktop Protocol RDP server developed by software developer Jay Sorg. An elevation of privilege vulnerability exists in xrdp version 0.9.1, which stems from a failure to properly initialize the PAM session module. An attacker can exploit this vulnerability to cause a...

PYSEC-2017-33

Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient...

Ipsilon Denial of Service Vulnerability

Ipsilon is a server and toolkit for configuring Apache-based service providers to provide federated authentication SSO to web applications with pluggable standalone modwsgi applications. A denial of service vulnerability exists in Ipsilon that can be exploited by an attacker to cause a denial of...

FaceDancer 21 - New Universal Case for PenTests

Document Title: =============== FaceDancer 21 - New Universal Case for PenTests References: =========== https://www.vulnerability-lab.com/getcontent.php?id=1960 STL Files Download: https://www.vulnerability-lab.com/resources/documents/FaceDancer2-STL-Files.rar Vulnerability Magazine:...

Oracle MySQL Multiple Unspecified Vulnerabilities-08 (Jun 2016) - Linux

Oracle MySQL is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : mysql56 (ALAS-2016-701)

A double-free flaw was found in the way OpenSSL parsed certain malformed DSA Digital Signature Algorithm private keys. An attacker could create specially crafted DSA private keys that, when processed by an application compiled against OpenSSL, could cause the application to crash. CVE-2016-0705 T...

Critical: mysql56

Issue Overview: A double-free flaw was found in the way OpenSSL parsed certain malformed DSA Digital Signature Algorithm private keys. An attacker could create specially crafted DSA private keys that, when processed by an application compiled against OpenSSL, could cause the application to crash...

The vulnerability of the Solaris operating system allows a perpetrator to compromise the integrity, accessibility, and confidentiality of information.

The vulnerability of the PAM LDAP module in the Solaris operating system is related to errors in the code. Exploiting this vulnerability allows a malicious actor to compromise the integrity, accessibility, and confidentiality of information...

openssh: Privilege separation weakness related to PAM support

A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw could use this flaw to authenticate as other users...

The vulnerability of the MySQL database management system allows attackers to compromise the integrity, accessibility, and confidentiality of data.

The vulnerability of the MySQL database management system is related to errors in the code. Exploiting this vulnerability allows a malicious actor to affect the integrity, accessibility, and confidentiality of information by manipulating the server’s Pluggable Authentication mechanism...

mysql: unspecified vulnerability in subcomponent: Server: Pluggable Authentication (CPU April 2016)

Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication...

CVE-2015-8325

The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...

Oracle MySQL Server: Unspecified Vulnerability in Pluggable Authentication Subcomponent

Oracle MySQL is an open source relational database management system. A security vulnerability in the Server:Pluggable Authentication subcomponent of Oracle MySQL allows remote attackers to exploit the vulnerability to compromise the confidentiality, integrity, and availability of the system...

MySQL 5.6.x < 5.6.30 Multiple Vulnerabilities (DROWN)

The version of MySQL running on the remote host is 5.6.x prior to 5.6.30. It is, therefore, affected by multiple vulnerabilities : - A cipher algorithm downgrade vulnerability exists in the bundled version of OpenSSL due to a flaw that is triggered when handling cipher negotiation. A remote...

CVE-2016-0639

Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication...

CVE-2016-0639

Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication...

Authentication flaw

Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication...

CVE-2016-0639

Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication...