110 matches found
The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the xorg-x11-xauth-6.8.2 package in the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the xorg-x11-xauth package in the SUSE Linux Enterprise operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
Vulnerabilities of the Red Hat Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The XFree86-xauth-4.2.1-21 package of the Red Hat Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
openSUSE Security Update : strongswan (openSUSE-SU-2013:1332-1)
This update of strongswan fixed a denial-of-service vulnerability, that could be triggered by special XAuth usernames and EAP identities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : strongswan (openSUSE-SU-2013:1333-1)
This update of strongswan fixed a denial-of-service vulnerability, that could be triggered by special XAuth usernames and EAP identities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
FreeBSD : strongswan -- multiple DoS vulnerabilities (efa663eb-8754-11e3-9a47-00163e1ed244)
strongSwan Project reports : A DoS vulnerability triggered by crafted IKEv1 fragmentation payloads was discovered in strongSwan's IKE daemon charon. All versions since 5.0.2 are affected. A DoS vulnerability and potential authorization bypass triggered by a crafted IDDERASN1DN ID payload was...
strongswan -- multiple DoS vulnerabilities
strongSwan Project reports: A DoS vulnerability triggered by crafted IKEv1 fragmentation payloads was discovered in strongSwan's IKE daemon charon. All versions since 5.0.2 are affected. A DoS vulnerability and potential authorization bypass triggered by a crafted IDDERASN1DN ID payload was...
CVE-2013-5018
The isasn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1length function, which allows remote attackers to cause a denial of service segmentation fault via a 1 XAuth username, 2 EAP identity, or 3 PEM encoded file that starts with a 0x04, 0x30,...
UBUNTU-CVE-2013-5018
The isasn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1length function, which allows remote attackers to cause a denial of service segmentation fault via a 1 XAuth username, 2 EAP identity, or 3 PEM encoded file that starts with a 0x04, 0x30,...
CVE-2013-5018
The isasn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1length function, which allows remote attackers to cause a denial of service segmentation fault via a 1 XAuth username, 2 EAP identity, or 3 PEM encoded file that starts with a 0x04, 0x30,...
pfSense UTM Platform 2.0.1 - Cross-Site Scripting
pfSense UTM Platform 2.0.1 - Cross-Site Scripting ┴┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┴ │ Exploit Title: pfSense = 2.0.1 XSS & CSRF during IPSec XAuth authentication │ Date: 04/01/2013 │ Author: Dimitris Strevinas │ Vendor or Software Link: www.pfsense.or...
pfSense UTM Platform 2.0.1 - Cross-Site Scripting
┴┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┴ │ Exploit Title: pfSense = 2.0.1 XSS & CSRF during IPSec XAuth authentication │ Date: 04/01/2013 │ Author: Dimitris Strevinas │ Vendor or Software Link: www.pfsense.org │ Version: = 2.0.1 │ Category: Semi-Persistent...
Scientific Linux Security Update : pam on SL5.x i386/x86_64
It was discovered that the pamnamespace module executed the external script namespace.init with an unchanged environment inherited from an application calling PAM. In cases where such an environment was untrusted for example, when pamnamespace was configured for setuid applications such as su or...
OpenSSH < 1.2.3 xauth Session Highjacking
According to its banner, the remote host is running a version of OpenSSH earlier than 1.2.3. Such versions are affected by a session highjacking vulnerability. By default, ssh clients negotiate to forward X connections by using the xauth program to place cookies in the authorization cache of the...
DEBIAN-CVE-2010-4706
The pamsmclosesession function in pamxauth.c in the pamxauth module in Linux-PAM aka pam 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by executing a program that relies on the pamxauth PAM check...
DEBIAN-CVE-2010-4707
The checkacl function in pamxauth.c in the pamxauth module in Linux-PAM aka pam 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service resource consumption via a special file...
DEBIAN-CVE-2010-3316
The runcoprocess function in pamxauth.c in the pamxauth module in Linux-PAM aka pam before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pamxauth PAM check...
Openswan cisco banner option handling vulnerability
Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via a long ciscobanner aka serverbanner field...
Openswan: Gateway arbitrary execution via shell metacharacters in the cisco_banner
programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in the ciscobanner aka serverbanner field, a different vulnerability than CVE-2010-3308...
openswan: buffer overflow vulnerability in XAUTH client-side support
Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via long 1 ciscodnsinfo or 2 ciscodomaininfo data in a packet...