14 matches found
CLSA-2026-1778934026 Fix CVE(s): CVE-2026-42010
SECURITY UPDATE: Authentication bypass via NUL-byte truncation in RSA-PSK username lookup - debian/patches/CVE-2026-42010.patch: replace strleninfo-username with info-usernamelen in gnutlsprocrsapskclientkx in lib/auth/rsapsk.c to prevent NUL-byte truncation allowing username matching with...
EUVD-2007-4119
Malware in sbrugna...
CVE-2022-2232 Keycloak: ldap injection on username input
A flaw was found in the Keycloak package. This flaw allows an attacker to utilize an LDAP injection to bypass the username lookup or potentially perform other malicious actions...
Red Hat Keycloak 输入验证错误漏洞
Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. An input validation error vulnerability exists in Red Hat Keycloak that originates from a vulnerability that allows an attacker to perform othe...
keycloak: LDAP injection on username input
A flaw was found in the Keycloak package. This flaw allows an attacker to utilize an LDAP injection to bypass the username lookup or potentially perform other malicious actions...
PT-2023-12685 · Red Hat · Keycloak
Name of the Vulnerable Software and Affected Versions: Keycloak affected versions not specified Description: A flaw was found in the Keycloak package, allowing an attacker to utilize an LDAP injection to bypass the username lookup or potentially perform other malicious actions. This flaw also...
Mandriva Update for libnfsidmap MDKSA-2007:240 (libnfsidmap)
Check for the Version of libnfsidmap OpenVAS Vulnerability Test Mandriva Update for libnfsidmap MDKSA-2007:240 libnfsidmap Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
[ MDKSA-2007:240 ] - Updated libnfsidmap packages fix username lookup flaw
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2007:240 http://www.mandriva.com/security/ Package : libnfsidmap Date : December 7, 2007 Affected: 2007.0, Corporate 4.0 Problem Description: The NFSv4 ID mapper prior to 0.17 did not properly handle return value...
nfs-utils-lib NFSv4 user id mapping flaw
The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...
Code injection
The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...
CVE-2007-4135
The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...
DEBIAN-CVE-2007-4135
The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...
CVE-2007-4135
The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...
CVE-2007-4135
CVE-2007-4135 affects the NFSv4 ID mapper (libnfsidmap) prior to 0.17. The root cause is improper handling of return values from getpwnam_r during username lookup, which can cause a file to be reported as owned by root instead of nobody when the file exists on the server but not on the client. Pu...