Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2015-0181
HistoryMay 03, 2015 - 3:19 a.m.

Updated cherokee packages fix CVE-2014-4668

2015-05-0303:19:16
Gentoo Foundation
advisories.mageia.org
15

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.018

Percentile

88.1%

JSON

Updated cherokee packages fix security vulnerability: The cherokee_validator_ldap_check function in validator_ldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty password (CVE-2014-4668).

OSVersionArchitecturePackageVersionFilename
Mageia4noarchcherokee< 1.2.103-2.2cherokee-1.2.103-2.2.mga4

Related

fedora 3
ubuntucve 1
openvas 4
nessus 4
nvd 1
cvelist 1
securityvulns 2
prion 1
cve 1
fedora
fedora
[SECURITY] Fedora 22 Update: cherokee-1.2.103-6.fc22
2015-04-22 22:42:48
[SECURITY] Fedora 20 Update: cherokee-1.2.103-6.fc20
2015-04-27 08:42:50
[SECURITY] Fedora 21 Update: cherokee-1.2.103-6.fc21
2015-04-27 08:45:16
ubuntucve
ubuntucve
CVE-2014-4668
2014-07-02 00:00:00
openvas
openvas
Fedora Update for cherokee FEDORA-2015-6392
2015-04-28 00:00:00
Fedora Update for cherokee FEDORA-2015-6194
2015-07-07 00:00:00
Mageia: Security Advisory (MGASA-2015-0181)
2022-01-28 00:00:00
nessus
nessus
Fedora 21 : cherokee-1.2.103-6.fc21 (2015-6392)
2015-04-28 00:00:00
Mandriva Linux Security Advisory : cherokee (MDVSA-2015:225)
2015-05-05 00:00:00
Fedora 20 : cherokee-1.2.103-6.fc20 (2015-6279)
2015-04-28 00:00:00
nvd
nvd
CVE-2014-4668
2014-07-02 04:14:17
cvelist
cvelist
CVE-2014-4668
2014-07-02 01:00:00
securityvulns
securityvulns
[ MDVSA-2015:225 ] cherokee
2015-05-04 00:00:00
Cherokee authentication bypass
2015-05-04 00:00:00
prion
prion
Authentication flaw
2014-07-02 04:14:00
cve
cve
CVE-2014-4668
2014-07-02 04:14:17

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.018

Percentile

88.1%

JSON
Related for MGASA-2015-0181
fedora3ubuntucve1openvas4nessus4nvd1cvelist1securityvulns2prion1cve1