Описание
The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication via crafted input.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 2.6.2-1 |
| hardy | ignored | end of life |
| intrepid | ignored | end of life, was needed |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | ignored | end of life |
| maverick | not-affected | 2.6.2-1 |
| natty | not-affected | 2.6.2-1 |
| oneiric | not-affected | 2.6.2-1 |
Показывать по
Ссылки на источники
7.5 High
CVSS2
Связанные уязвимости
The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication via crafted input.
The Secure Remote Password (SRP) implementation in Samhain before 2.5. ...
The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication via crafted input.
7.5 High
CVSS2