Download
| Alert*
oval:org.secpod.oval:def:700048
Maksymilian Arciemowicz and Adam Zabrocki discovered that OPIE incorrectly handled long usernames. A remote attacker could exploit this with a crafted username and make applications linked against libopie crash, leading to a denial of service. oval:org.secpod.oval:def:700134 USN-955-1 fixed vulnerabilities in OPIE. This update provides rebuilt libpam-opie packages against the updated libopie library. Original advisory details: Maksymilian Arciemowicz and Adam Zabrocki discovered that OPIE incorrectly handled long usernames. A remote attacker could exploit this with a cr ... oval:org.secpod.oval:def:600591 Sebastian Krahmer discovered that opie, a system that makes it simple to use One-Time passwords in applications, is prone to a privilege escalation and an off-by-one error, which can lead to the execution of arbitrary code . Adam Zabrocki and Maksymilian Arciemowicz also discovered another off-by-o ... |