Chamilo LMS version 1.11.8 suffers from a cross site scripting vulnerability.
145fae68ce6b0f21f4470e872a1562c21b4c0a371856b527f88314d9a984fd26
Docebo LMS version 6.9 suffers from a remote code execution vulnerability.
f524c2d024645aff1cf52aac28d1e4b8f18581d220d14822fa0547416aaade37
Ubuntu Security Notice 2950-5 - USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlm_auth tool. This update fixes the problem. Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack. Alberto Solino discovered that a Samba domain controller would establish a secure connection to a server with a spoofed computer name. A remote attacker could use this issue to obtain sensitive information. Various other issues were also addressed.
a5115fbeb6574c22cf7909ecfb3b0b6ae9b4be9907873ac8ac4827c6e8dc2822
Ubuntu Security Notice 2950-2 - USN-2950-1 fixed vulnerabilities in Samba. The updated Samba packages introduced a compatibility issue with NTLM authentication in libsoup. This update fixes the problem. Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Various other issues were also addressed.
d00c71363fd9011b1911761bd598b570e7edef600cd48c0634d3cf0850df7357
Ubuntu Security Notice 2950-1 - Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack. Various other issues were also addressed.
7e7ea9fcd4b1fd06b83c16d90cf9d03bcaa1f0afa52f3c19687b2dd2577594b2
Chamilo LMS version 1.10.2 suffers from a cross site scripting vulnerability.
12f915c60ca619847a0cd7048a890848d0bc5b2449afdcc3e307a8cc7c233372
ATutor LMS versions 2.2.1 and below cross site request forgery remote code execution exploit that leverages install_modules.php.
a2979fb7ec37494a903eb30ee43ad91332dca8b48a2bc6b4adfe613fa9fc6001
Chamilo LMS suffers from a persistent cross site scripting vulnerability.
bc13f65de0792bdc1e2bb9fd29ab0d6fdffa9843148374f7b6d135c76354780c
Chamilo LMS suffers from an insecure direct object reference vulnerability.
45ca288b13f7415dfb28d2c6c6aa16e6f8a5baf6d21c4e8d7a1a099587d9f341
Docebo LMS version 4.0.3 suffers from a cross site scripting vulnerability.
2051abc7ed5d46c9c6bb827fb812f09c9ba961b28a4de57bfe2f6a22eaa4025e
Red Hat Security Advisory 2015-2184-07 - The realmd DBus system service manages discovery of and enrollment in realms and domains, such as Active Directory or Identity Management. The realmd service detects available domains, automatically configures the system, and joins it as an account to a domain. A flaw was found in the way realmd parsed certain input when writing configuration into the sssd.conf or smb.conf file. A remote attacker could use this flaw to inject arbitrary configurations into these files via a newline character in an LDAP response. It was found that the realm client would try to automatically join an active directory domain without authentication, which could potentially lead to privilege escalation within a specified domain.
981a9b0321ff21c29c033023f1fc5131026055ccb57948a3681f9525a4fe738d
Forma LMS version 1.3 suffer from multiple PHP object injection vulnerabilities.
044bd18c774d1e1b75ddccdda5b4e979fd43e42126b0cd1f29509d053af5c02c
Realms Wiki uses insecure transport during install and due to this an attacker in a privileged position could achieve remote code execution.
4f568ca2e277c33afd5ba0f09e55744f8174cc394efff4f5d14d96ff8cdee252
Realms Wiki suffers from a cross site request forgery vulnerability.
76698182beabf946f364524d2347cb5198c06f12b7a17d4f24120c19c10ee709
Chamilo LMS versions 1.9.10 and below suffer from cross site request forgery and cross site scripting vulnerabilities.
230e777d25a2151f00153422fa704dbe817526a68723d31dcf7694a7df533d68
Chamilo LMS version 1.9.8 suffers from remote blind SQL injection and cross site request forgery vulnerabilities.
ec57fb93efd3c6b7a858d17d03b5e0c158f84d570f58b7291ec988c1509bc7de
WordPress WPLMS theme version 1.8.4.1 suffers from a privilege escalation vulnerability.
20bf53d920b0b4f78e622fa2e701a7ebcd9399db4deb7cc6f801c67cb63a9873
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
e556daa1f0a339ac90d98107c072ac75bc867a9e63f2f39b053bde5bf3acaa0b
Forma Lms version 1.2.1 suffers from a cross site scripting vulnerability.
a2fd82d89af099cb808bcdd5f234d0f2dc854c7a567c21ee470c8a2d419a4013
Red Hat Security Advisory 2014-1389-02 - Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC. It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application.
c2947ddb91d4200d6e969ec8c1740f81beee6d987fb797c219ac8a48d6353a72
Red Hat Security Advisory 2014-1245-01 - Kerberos is an authentication system which allows clients and services to authenticate to each other with the help of a trusted third party, a Kerberos Key Distribution Center. It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application.
dc9963bd6d74a1f7b5b9eb0c9ad8111607cf554b83071de41c6384916d9f5999
The Client Access Server (CAS) that services Autodiscover and Outlook Web App (OWA) has been found to be vulnerable to time-based authentication attacks. It has been discovered that when sending authentication requests to the CAS, behavior in the timing of the responses can be used to verify Active Directory (AD) realms and usernames within those realms. Authentication timing issues have been found in specific IIS file paths and OWA form-based authentication. This issue can allow an attacker to confirm the existence of a specific username in the directory, and will make other attacks such as password guessing or social engineering attacks more successful.
061b94a5edc404d05361b21ffb528c06f80aa1cef15fbbc558442730005bf285
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
bd21c3071ebd2748be93ab69f92a2df8a758d1b418b5dfa81b16acb38bed7e83
eFront LMS version 3.6.14 suffers from arbitrary file upload, file read, and path disclosure vulnerabilities.
236bf191a5b34718ed687f6cdf5729cb22931ec79eda5c590ecd278be5ac58d2
Debian Linux Security Advisory 2825-1 - Laurent Butti and Garming Sam discored multiple vulnerabilities in the dissectors for NTLMSSPv2 and BSSGP, which could lead to denial of service or the execution of arbitrary code.
4f9dc7111dffc668e27622c001dc32140b102e279ada4684aed34cf1c75a993d
Mandriva Linux Security Advisory 2013-296 - The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service via a crafted packet. Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service via a long domain name in a packet. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.
878776549c46a9bc09b3c25506054f13adcb45a498a6c50df1e5ca5ba1c9ffa9