Security News > 2019 > December > OpenBSD Hit with Authentication, LPE Bugs

OpenBSD Hit with Authentication, LPE Bugs
2019-12-05 16:06

The authentication bypass (CVE-2019-19521) is remotely exploitable.


News URL

https://threatpost.com/openbsd-authentication-lpe-bugs/150849/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-12-05 CVE-2019-19521 Improper Authentication vulnerability in Openbsd 6.6
libc in OpenBSD 6.6 allows authentication bypass via the -schallenge username, as demonstrated by smtpd, ldapd, or radiusd.
network
low complexity
openbsd CWE-287
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Openbsd 5 1 37 38 16 92