Samhain Labs » Samhain : Security Vulnerabilities, CVEs, CVSS score >= 2
The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication via crafted input.
Max CVSS
7.5
EPSS Score
0.27%
Published
2010-04-23
Updated
2010-04-26
Unknown vulnerability in sh_hash_compdata for Samhain 1.8.9 through 2.0.1 might allow attackers to cause a denial of service (null pointer dereference).
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-12-31
Updated
2008-09-05
Buffer overflow in the sh_hash_compdata function for Samhain 1.8.9 through 2.0.1, when running in update mode ("-t update"), might allow attackers to execute arbitrary code.
Max CVSS
7.2
EPSS Score
0.09%
Published
2004-12-31
Updated
2017-07-11
3 vulnerabilities found