ByteOS Network

samhain

Source -

NVD

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

3Vulnerabilities found

CVE-2009-4810

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-7.5||HIGH

EPSS-0.46% / 63.05%

7 Day CHG~0.00%

Published-23 Apr, 2010 | 14:00

Updated-11 Apr, 2025 | 00:51

The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication via crafted input.

Vendor-samhain_labs n/a

Product-samhain n/a

CWE ID-CWE-20

Improper Input Validation

CVE-2004-2409

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-7.2||HIGH

EPSS-0.06% / 19.86%

7 Day CHG~0.00%

Published-18 Aug, 2005 | 04:00

Updated-03 Apr, 2025 | 01:03

Buffer overflow in the sh_hash_compdata function for Samhain 1.8.9 through 2.0.1, when running in update mode ("-t update"), might allow attackers to execute arbitrary code.

Vendor-samhain_labs n/a

Product-samhain n/a

CVE-2004-2410

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-2.1||LOW

EPSS-0.07% / 21.29%

7 Day CHG~0.00%

Published-18 Aug, 2005 | 04:00

Updated-03 Apr, 2025 | 01:03

Unknown vulnerability in sh_hash_compdata for Samhain 1.8.9 through 2.0.1 might allow attackers to cause a denial of service (null pointer dereference).

Vendor-samhain_labs n/a

Product-samhain n/a