Samhain Labs » Samhain : Security Vulnerabilities, CVEs, CVSS score >= 5
The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication via crafted input.
Max CVSS
7.5
EPSS Score
0.27%
Published
2010-04-23
Updated
2010-04-26
Buffer overflow in the sh_hash_compdata function for Samhain 1.8.9 through 2.0.1, when running in update mode ("-t update"), might allow attackers to execute arbitrary code.
Max CVSS
7.2
EPSS Score
0.09%
Published
2004-12-31
Updated
2017-07-11
2 vulnerabilities found