Lucene search
K

6 matches found

Debian
Debian
added 2023/07/08 2:3 p.m.21 views

[SECURITY] [DLA 3485-1] php-cas security update

Debian LTS Advisory DLA-3485-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost July 08, 2023 https://wiki.debian.org/LTS Package : php-cas Version : 1.3.6-1+deb10u1 CVE ID : CVE-2022-39369 Debian Bug : 1023571 A vulnerability has been found in phpCAS, a Central...

8CVSS6.5AI score0.01064EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/07/08 12:0 a.m.25 views

Debian dla-3487 : fusiondirectory - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3487 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3487-1 [email protected]...

9.8CVSS7.4AI score0.01117EPSS
Exploits2References8
Prion
Prion
added 2022/11/01 5:15 p.m.15 views

Design/Logic Flaw

phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service CAS server. The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows an attacker to control the host header and use a...

6CVSS7.9AI score0.01064EPSS
Exploits0References5Affected Software2
UbuntuCve
UbuntuCve
added 2022/11/01 5:15 p.m.39 views

CVE-2022-39369

phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service CAS server. The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows an attacker to control the host header and use a...

8CVSS6.6AI score0.01064EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/11/01 12:0 a.m.6 views

PT-2022-7432 · Phpcas +4 · Phpcas +4

Name of the Vulnerable Software and Affected Versions: phpCAS versions prior to 1.6.0 Description: The phpCAS library uses HTTP headers to determine the service URL used to validate tickets, allowing an attacker to control the host header and use a valid ticket granted for any authorized service ...

9.8CVSS6.4AI score0.44515EPSS
Exploits7References62
GitLab Advisory Database
GitLab Advisory Database
added 2022/11/01 12:0 a.m.37 views

phpCAS vulnerable to Service Hostname Discovery Exploitation

phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service CAS server. The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows an attacker to control the host header and use a...

8CVSS1.1AI score0.01064EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder