Lucene search
K

2076 matches found

RedHat Linux
RedHat Linux
added 2013/11/18 7:18 p.m.4 views

OpenStack: Keystone disabling a tenant does not disable a user token

OpenStack Identity Keystone Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token...

6.5CVSS5.8AI score0.01892EPSS
Exploits0References4
NVD
NVD
added 2013/10/24 3:48 a.m.23 views

CVE-2013-5190

Smart Card Services in Apple Mac OS X before 10.9 does not properly implement certificate-revocation checks, which allows remote attackers to cause a denial of service Smart Card usage outage by interfering with the revocation-check procedure...

4.3CVSS6.1AI score0.009EPSS
Exploits0References1
Prion
Prion
added 2013/10/24 3:48 a.m.20 views

Design/Logic Flaw

Smart Card Services in Apple Mac OS X before 10.9 does not properly implement certificate-revocation checks, which allows remote attackers to cause a denial of service Smart Card usage outage by interfering with the revocation-check procedure...

4.3CVSS6.7AI score0.009EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/10/24 1:0 a.m.19 views

CVE-2013-5190

Smart Card Services in Apple Mac OS X before 10.9 does not properly implement certificate-revocation checks, which allows remote attackers to cause a denial of service Smart Card usage outage by interfering with the revocation-check procedure...

6.1AI score0.009EPSS
Exploits0References1
CVE
CVE
added 2013/10/24 1:0 a.m.50 views

CVE-2013-5190

This CVE-2013-5190 affects Apple Mac OS X before 10.9, where Smart Card Services fail to properly enforce certificate revocation checks. The result is a denial of service (Smart Card usage outage) when the revocation-check procedure is interfered with. Public details consistently describe the vul...

4.3CVSS6.3AI score0.009EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/10/24 12:0 a.m.34 views

Ubuntu 12.10 / 13.04 : keystone vulnerabilities (USN-2002-1)

Chmouel Boudjnah discovered that Keystone did not properly invalidate user tokens when a tenant was disabled which allowed an authenticated user to retain access via the token. CVE-2013-4222 Kieran Spear discovered that Keystone did not properly verify PKI tokens when performing revocation when...

6.5CVSS5.4AI score0.02342EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2013/10/23 8:19 p.m.72 views

USN-2002-1: Keystone vulnerabilities

Chmouel Boudjnah discovered that Keystone did not properly invalidate user tokens when a tenant was disabled which allowed an authenticated user to retain access via the token. CVE-2013-4222 Kieran Spear discovered that Keystone did not properly verify PKI tokens when performing revocation when...

6.5CVSS5.3AI score0.02342EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2013/10/23 4:26 p.m.3 views

OpenJDK: CRL and certificate extensions handling improvements (Security, 7143872)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.237 and earlier allows remote attackers to affect availability via unknown vectors related to Security...

5CVSS7.4AI score0.04262EPSS
Exploits0References4
securityvulns
securityvulns
added 2013/10/02 12:0 a.m.74 views

APPLE-SA-2013-09-20-1 Apple TV 6.0

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-20-1 Apple TV 6.0 Apple TV 6.0 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or...

9.3CVSS0.1AI score0.11999EPSS
Exploits7
OSV
OSV
added 2013/09/30 10:55 p.m.4 views

DEBIAN-CVE-2013-4222

OpenStack Identity Keystone Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token...

6.5CVSS6.4AI score0.01892EPSS
Exploits0References1
OSV
OSV
added 2013/09/30 10:55 p.m.9 views

CVE-2013-4222

OpenStack Identity Keystone Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token...

6AI score
Exploits0References5
Cvelist
Cvelist
added 2013/09/30 8:0 p.m.42 views

CVE-2013-4222

OpenStack Identity Keystone Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token...

6AI score0.01892EPSS
Exploits0References4
CVE
CVE
added 2013/09/30 8:0 p.m.86 views

CVE-2013-4222

CVE-2013-4222 affects OpenStack Keystone (Folsom, Grizzly 2013.1.3 and earlier, Havana before havana-3). The vulnerability arises because Keystone does not properly revoke user tokens when a tenant is disabled, allowing remote authenticated users to continue accessing resources via their tokens. ...

6.5CVSS6.1AI score0.01892EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2013/09/30 12:0 a.m.5 views

PT-2013-4910 · Openstack · Openstack Identity

Name of the Vulnerable Software and Affected Versions: OpenStack Identity Keystone versions Folsom through Havana before havana-3 OpenStack Identity Keystone version Grizzly 2013.1.3 and earlier Description: The issue allows remote authenticated users to retain access via a token when a tenant is...

6.5CVSS6AI score0.01892EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2013/09/30 12:0 a.m.44 views

CVE-2013-4222

OpenStack Identity Keystone Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token...

6.5CVSS5.9AI score0.01892EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2013/09/25 4:12 p.m.1 views

OpenStack: Keystone Token revocation failure using Keystone memcache/KVS backends

The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...

5CVSS5.8AI score0.02342EPSS
Exploits0References4
OSV
OSV
added 2013/09/23 8:55 p.m.1 views

DEBIAN-CVE-2013-4294

The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...

5CVSS6.9AI score0.02342EPSS
Exploits0References1
OSV
OSV
added 2013/09/23 8:55 p.m.11 views

PYSEC-2013-42

The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...

5CVSS6.3AI score0.02342EPSS
Exploits0References6
Cvelist
Cvelist
added 2013/09/23 8:0 p.m.56 views

CVE-2013-4294

The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...

6.3AI score0.02342EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2013/09/22 12:0 a.m.25 views

OTRS < 2.4.10, 3.x < 3.0.3 Key Revocation Spoofing Weakness Vulnerability

Open Ticket Request System OTRS is prone to a spoofing weakness vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5CVSS6.4AI score0.01466EPSS
Exploits0
Rows per page
Query Builder