Lucene search
K

54 matches found

Cvelist
Cvelist
added 2017/02/15 7:0 p.m.26 views

CVE-2016-6866

slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash...

7.4AI score0.02893EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2017/02/15 7:0 p.m.44 views

CVE-2016-6866

slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash...

7.5CVSS7.5AI score0.02893EPSS
Exploits0
CVE
CVE
added 2017/02/15 7:0 p.m.96 views

CVE-2016-6866

CVE-2016-6866 affects the screen-locker slock. A null pointer dereference can occur when verifying a password for a user with an invalid shadow hash entry, caused by calling crypt(3) and using its return value in strcmp(3) without checking for NULL. This can lead to a crash and potential local im...

7.5CVSS7.3AI score0.02893EPSS
Exploits0References7Affected Software1
AlpineLinux
AlpineLinux
added 2017/02/15 7:0 p.m.65 views

CVE-2016-6866

slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash...

7.5CVSS7.5AI score0.02893EPSS
Exploits0
OpenVAS
OpenVAS
added 2016/12/07 12:0 a.m.20 views

Fedora Update for slock FEDORA-2016-1b7e66c08b

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.02893EPSS
Exploits0References2
ArchLinux
ArchLinux
added 2016/11/21 12:0 a.m.517 views

[ASA-201611-21] slock: access restriction bypass

Arch Linux Security Advisory ASA-201611-21 ========================================== Severity: Medium Date : 2016-11-21 CVE-ID : CVE-2016-6866 Package : slock Type : access restriction bypass Remote : No Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package slock before...

7.5CVSS7.4AI score0.02893EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/11/15 12:0 a.m.30 views

Fedora 25 : slock (2016-1b7e66c08b)

This release fixes CVE-2016-6866, a crash when verifying a password for a user without a valid shadow hash entry. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and forma...

7.5CVSS7.2AI score0.02893EPSS
Exploits0References2
OSV
OSV
added 2016/09/21 8:38 p.m.6 views

MGASA-2016-0308 Updated slock packages fix security vulnerability

The slock utility is susceptible to crash when verifying a password for a user without a valid shadow hash entry CVE-2016-6866...

7.5CVSS7.5AI score0.02893EPSS
Exploits0References3
Mageia
Mageia
added 2016/09/21 8:38 p.m.37 views

Updated slock packages fix security vulnerability

The slock utility is susceptible to crash when verifying a password for a user without a valid shadow hash entry CVE-2016-6866...

7.5CVSS1.1AI score0.02893EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/09/12 12:0 a.m.30 views

Fedora 23 : slock (2016-7e817cbf55)

This release fixes CVE-2016-6866, a crash when verifying a password for a user without a valid shadow hash entry. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and forma...

7.5CVSS7.1AI score0.02893EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/09/12 12:0 a.m.34 views

Fedora 24 : slock (2016-985b68721b)

This release fixes CVE-2016-6866, a crash when verifying a password for a user without a valid shadow hash entry. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and forma...

7.5CVSS7.1AI score0.02893EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/09/10 12:0 a.m.20 views

Fedora Update for slock FEDORA-2016-985b68721b

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.02893EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/09/10 12:0 a.m.22 views

Fedora Update for slock FEDORA-2016-7e817cbf55

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.02893EPSS
Exploits0References2
Fedora
Fedora
added 2016/09/09 4:57 p.m.26 views

[SECURITY] Fedora 23 Update: slock-1.3-2.fc23

This is the simplest X screen locker we are aware of. It is stable and quite a lot people in this community are using it every day when they are out with friends or fetching some food from the local pub...

7.5CVSS1.5AI score0.02893EPSS
Exploits0
Fedora
Fedora
added 2016/09/05 6:0 p.m.25 views

[SECURITY] Fedora 25 Update: slock-1.3-2.fc25

This is the simplest X screen locker we are aware of. It is stable and quite a lot people in this community are using it every day when they are out with friends or fetching some food from the local pub...

7.5CVSS1.5AI score0.02893EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/08/22 12:0 a.m.38 views

Debian DLA-598-1 : suckless-tools security update

It was discovered that the slock screen locking tool would segfault when the user's account had been disabled. slock called crypt3 and used the return value for strcmp3 without checking to see if the return value of crypt3 was a NULL pointer. If the hash returned by getspnam-sppwdp was invalid,...

7.5CVSS7AI score0.02893EPSS
Exploits0References3
CNVD
CNVD
added 2016/08/21 12:0 a.m.25 views

slock null pointer reference denial of service vulnerability

Slock is configured like most other suckless.org software. A null pointer reference denial of service vulnerability exists in slock. Allowing an attacker to cause a denial of service condition...

7.5CVSS6.8AI score0.02893EPSS
Exploits0References1
OSV
OSV
added 2016/08/20 12:0 a.m.15 views

DLA-598-1 suckless-tools - security update

Bulletin has no description...

7.5CVSS7.5AI score0.02893EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.29 views

Gentoo Security Advisory GLSA 201412-10

Gentoo Linux Local Security Checks GLSA 201412-10 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

7.5CVSS7.7AI score0.11151EPSS
Exploits11References1
Gentoo Linux
Gentoo Linux
added 2014/12/11 12:0 a.m.61 views

Multiple packages, Multiple vulnerabilities fixed in 2012

Background For more information on the packages listed in this GLSA, please see their homepage referenced in the ebuild. Description Vulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. EGroupware VTE Layer Four...

7.5CVSS7.6AI score0.11151EPSS
Exploits11
Rows per page
Query Builder