Findings for Container Security, Low, [TheRedHatter/javagoof:exploits/tomcat-rce/Dockerfile]:Improper Authentication
Created by: armorcodegithubpreprod[bot]
Findings for Container Security, Low, [TheRedHatter/javagoof:exploits/tomcat-rce/Dockerfile]:Improper Authentication
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): >*
- Vulnerable Path: >null
NVD Description
Note:
Versions mentioned in the description apply to the upstream openssh package.
OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483.
References
- CONFIRM
- Debian Security Tracker
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053906.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053951.html
- http://securityreason.com/securityalert/2631
- Security Focus
- X-force Vulnerability Report
Origin : null Type : null Image Id : null
Snyk Project Status: Active