Microsoft Crypto API X.509 Certificate Validation - Remote Information Disclosure

Microsoft Crypto API X.509 Certificate Validation - Remote Information Disclosure source: https://www.securityfocus.com/bid/28548/info Microsoft's Crypto API library is prone to an information-disclosure vulnerability because HTTP requests to arbitrary hosts and ports may be automatically trigger...

Microsoft Crypto API X.509 Certificate Validation - Remote Information Disclosure

source: https://www.securityfocus.com/bid/28548/info Microsoft's Crypto API library is prone to an information-disclosure vulnerability because HTTP requests to arbitrary hosts and ports may be automatically triggered when validating X.509 certificates. Successful exploits allow attackers to...

Authentication flaw

Rule Set Based Access Control RSBAC before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked...

CVE-2007-3945

Rule Set Based Access Control RSBAC before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked...

CVE-2007-3945

CVE-2007-3945 affects Rule Set Based Access Control (RSBAC) versions prior to 1.3.5. The issue stems from improper use of the Linux Kernel Crypto API for Linux kernel 2.6.x, which could allow context-dependent attackers to bypass authentication controls via unspecified vectors (e.g., potential is...

SYMSA-2006-003: Cisco Secure ACS for Windows - Administrator Password Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research https://www.symantec.com/research Security Advisory Advisory ID : SYMSA-2006-003 Advisory Title: Cisco Secure ACS for Windows - Administrator Password Disclosure Author : Andreas Junestam Release Date : 05-08-2006...

CVE-2005-0968

Computer Associates CA eTrust Intrusion Detection 3.0 allows remote attackers to cause a denial of service via large size values that are not properly validated before calling the CPImportKey function in the Crypto API...

Computer Associates eTrust Intrusion Detection IDS DoS

Buffer overflow on Microsoft Crypto API CPImportKey call...

iDEFENSE Security Advisory 04.05.05: Computer Associates eTrust Intrusion Detection System CPImportKey DoS

Computer Associates eTrust Intrusion Detection System CPImportKey Denial of Service Vulnerability iDEFENSE Security Advisory 04.05.05 www.idefense.com/application/poi/display?id=223&type=vulnerabilities April 05, 2005 I. BACKGROUND Computer Associates International, Inc.'s CA eTrust Intrusion...