SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   OpenPegasus Vendors:   Open Group, The
OpenPegasus Does Not Log Failed Authentication Attempts
SecurityTracker Alert ID:  1021281
SecurityTracker URL:  http://securitytracker.com/id/1021281
CVE Reference:   CVE-2008-4315   (Links to External Site)
Date:  Nov 25 2008
Impact:   Modification of system information


Description:   A vulnerability was reported in OpenPegasus. A remote user can conduct password guessing attacks without detection.

The OpenPegasus WBEM service does not log failed authentication attempts to the system log file via the Pluggable Authentication Modules mechanism.

Impact:   A remote user can conduct password guessing attacks without detection.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.openpegasus.org/ (Links to External Site)
Cause:   Authentication error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Nov 25 2008 (Red Hat Issues Fix) OpenPegasus Does Not Log Failed Authentication Attempts
Red Hat has released a fix for tog-pegasus for Red Hat Enterprise Linux 5.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC