CVE-2019-19521 is a vulnerability in OpenBSD
Published on December 5, 2019

libc in OpenBSD 6.6 allows authentication bypass via the -schallenge username, as demonstrated by smtpd, ldapd, or radiusd. This is related to gen/auth_subr.c and gen/authenticate.c in libc (and login/login.c and xenocara/app/xenodm/greeter/verify.c).

NVD

Products Associated with CVE-2019-19521

Want to know whenever a new CVE is published for OpenBSD? stack.watch will email you.

OpenBSD

Exploit Probability

EPSS

0.40%

Percentile

60.22%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-19521 is a vulnerability in OpenBSDPublished on December 5, 2019

Products Associated with CVE-2019-19521

Exploit Probability

CVE-2019-19521 is a vulnerability in OpenBSD
Published on December 5, 2019