Four Bugs including Authentication Bypass Flaw Found in OpenBSD

Last week, OpenBSD one of Linux based Operating System was found to have fad 4 vulnerabilities, which was found after research.One of the most important flaw found was the Authentication bypass vulnerability. It is also tracked as CVE-2019-19521, this authentication bypass vulnerability in the operating system.

If an attacker specifies a username in a specific format, the authentication could be forced because of the vulnerability.The security advisory says, “If an attacker specifies a username of the form "-option", they can influence the behavior of the authentication program in unexpected ways.”

Other bugs

Apart from this authentication bypass flaw, a local privilege escalation problem tracked as CVE-2019-19520 was also fixed. This flaw allowed attackers to obtain privileges of set-group-ID "auth" through xlock, if the attacker previously had local access to OpenBSD. The flaw is said to be because of a failed check in xlock.

Tag : OpenBSD

Four Bugs including Authentication Bypass Flaw Found in OpenBSD

Related tutorials in Four Bugs including Authentication Bypass Flaw Found in OpenBSD

Related news in Four Bugs including Authentication Bypass Flaw Found in OpenBSD