Showing 1 - 1 of 1

CVE-2005-2963

Status Candidate

Overview

The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions.

Related Files

Debian Linux Security Advisory 844-1: Posted Oct 6, 2005; Authored by Debian | Site security.debian.org; Debian Security Advisory DSA 844-1 - A vulnerability in mod_auth_shadow, an Apache module that lets users perform HTTP authentication against /etc/shadow, has been discovered. The module runs for all locations that use the 'require group' directive which would bypass access restrictions controlled by another authorization mechanism, such as AuthGroupFile file, if the username is listed in the password file and in the gshadow file in the proper group and the supplied password matches against the one in the shadow file.; tags | advisory, web; systems | linux, debian; advisories | CVE-2005-2963; SHA-256 | 8181012eb3961d9159ac9f63277e30706b54df18f9e5c3b044c36c8b69f3972f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 227 files
indoushka 150 files
Jay Turla 150 files
Ubuntu 64 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,119)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,136)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,775)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,828)
UNIX (9,454)
UnixWare (188)
Windows (6,766)
Other

CVE-2005-2963

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems