Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2019-19521

Published: 05/12/2019 Updated: 12/12/2019
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Openbsd

Vulnerability Summary

libc in OpenBSD 6.6 allows authentication bypass via the -schallenge username, as demonstrated by smtpd, ldapd, or radiusd. This is related to gen/auth_subr.c and gen/authenticate.c in libc (and login/login.c and xenocara/app/xenodm/greeter/verify.c).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openbsd openbsd 6.6

Exploits

Exploit DB: Qualys Security Advisory - OpenBSD Authentication Bypass / Privilege Escalation
Qualys has discovered that OpenBSD suffers from multiple authentication bypass and local privilege escalation vulnerabilities ...

Mailing Lists

Full Disclosure: Authentication vulnerabilities in OpenBSD
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Authentication vulnerabilities in OpenBSD <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Qualys Security ...
Full Disclosure: Authentication vulnerabilities in OpenBSD
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Authentication vulnerabilities in OpenBSD <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Qualys Security Advisor ...

Github Repositories

https://github.com/robmichel2854/robs-links

Yet Another Link Repo. Mainly Security Links

Robs-Links Mostly Cybersecurity related, however not all Malware Related Link Description sslblabusech/ Malware related ssl certs githubcom/guardicore/monkey Infection Monkey - Automated testing urlhausabusech/ Malware Repo triage/reports/public Malware Repo Testing Disto Link Description testaspnetvulnwebc

References

CWE-287https://www.openbsd.org/errata66.htmlhttps://www.openwall.com/lists/oss-security/2019/12/04/5http://www.openwall.com/lists/oss-security/2019/12/04/6http://www.openwall.com/lists/oss-security/2019/12/04/5https://seclists.org/bugtraq/2019/Dec/8http://packetstormsecurity.com/files/155572/Qualys-Security-Advisory-OpenBSD-Authentication-Bypass-Privilege-Escalation.htmlhttp://seclists.org/fulldisclosure/2019/Dec/14https://nvd.nist.govhttps://github.com/robmichel2854/robs-linkshttp://seclists.org/fulldisclosure/2019/Dec/14
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook