Samhain Labs
Products
2- 3 CVEs
- 1 CVE
Recent CVEs
4| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2004-0159 | 0.04 | — | 0.10 | Mar 15, 2004 | Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via file names containing format string characters that are not properly handled when executing an "ls" command. | ||
| CVE-2009-4810 | 0.00 | — | 0.00 | Apr 23, 2010 | The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication via crafted input. | ||
| CVE-2004-2409 | 0.00 | — | 0.00 | Dec 31, 2004 | Buffer overflow in the sh_hash_compdata function for Samhain 1.8.9 through 2.0.1, when running in update mode ("-t update"), might allow attackers to execute arbitrary code. | ||
| CVE-2004-2410 | 0.00 | — | 0.00 | Dec 31, 2004 | Unknown vulnerability in sh_hash_compdata for Samhain 1.8.9 through 2.0.1 might allow attackers to cause a denial of service (null pointer dereference). |
- CVE-2004-0159Mar 15, 2004risk 0.04cvss —epss 0.10
Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via file names containing format string characters that are not properly handled when executing an "ls" command.
- CVE-2009-4810Apr 23, 2010risk 0.00cvss —epss 0.00
The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication via crafted input.
- CVE-2004-2409Dec 31, 2004risk 0.00cvss —epss 0.00
Buffer overflow in the sh_hash_compdata function for Samhain 1.8.9 through 2.0.1, when running in update mode ("-t update"), might allow attackers to execute arbitrary code.
- CVE-2004-2410Dec 31, 2004risk 0.00cvss —epss 0.00
Unknown vulnerability in sh_hash_compdata for Samhain 1.8.9 through 2.0.1 might allow attackers to cause a denial of service (null pointer dereference).