CVE-2009-2751

IBM WebSphere Commerce 7.0 uses the same cryptographic key for session attributes and merchant data encryption, which has unspecified impact and remote attack vectors...

CVE-2009-2752

CVE-2009-2752 affects IBM WebSphere Commerce 7.0. The vulnerability is a failure to properly encrypt data in the database, which can allow local users to obtain sensitive information by defeating cryptographic protections. The available documents do not specify affected components, root cause det...

openSUSE Security Update : finch (finch-1625)

This update of pidgin fixes the following issues : - CVE-2009-3026: CVSS v2 Base Score: 5.0 Allowed to send confidential data unencrypted even if SSL was chosen by user. - CVE-2009-3025: CVSS v2 Base Score: 4.3 Remote denial of service in yahoo IM plug-in. - CVE-2009-3083: CVSS v2 Base Score: 5.0...

Audit Finds Gaping Holes in NASA Security

The U.S. Government Accountability Office GAO has painted a bleak picture of the NASA’s IT security posture. An audit of the space agency’s computer systems found weaknesses in several critical areas, especially in the way NASA implemented access controls like user accounts, passwords and the...

Visa Announces New Data Encryption Practices

Visa has announced new global best practices for data field encryption, also known as end-to-end encryption – a much-discussed solution in the wake of the Heartland Payment Systems breach. Announced by the global credit card company on Monday, these best practices are designed to further the...

Researchers Show Break in Secure Data Storage System

A team of computer scientists from several universities has devised an attack that is capable of reconstructing the so-called vanishing data objects created by a system called Vanish, which was designed to create secure data objects that would expire after a set time and could never be recreated...

Apple Needs to Get Serious About iPhone Security

By Andrew Storms Two years ago I took some hard hits from my peers for calling the iPhone “a security nightmare.” Two years later, I can’t find a single person who doesn’t agree that the iPhone is the number one mobile target of security researchers.Fast forward to today: Is the iPhone still a...

iPhone security comes to the fore

By Paul F. Roberts, The 451 Group The security of smartphones such as the iPhone, Windows Mobile devices and the T-Mobile G1 has come under a lot of scrutiny lately. Each device has its own unique security model, and in the case of the iPhone, Apple has kept its platform closed to third-party...

The times-the level of WEP crack full power slightly-vulnerability warning-the black bar safety net

With the rapid development of network technology and network applications, more and more, many users began to focus on network security. Believe the wired network to the wireless network in terms of security there is inherent, since the communication medium is a wireless signal, so the intruder c...

[ISecAuditors Security Advisories] Multiple vulnerabilities in WiFi router COMTREND CT-536/HG-536+

============================================= INTERNET SECURITY AUDITORS ALERT 2007-002 - Original release date: 31st January, 2007 - Last revised: 22th December, 2008 - Discovered by: Daniel Fernandez Bleda - Severity: 5/5 ============================================= I. VULNERABILITY...

The times-the level of WEP crack full power slightly-vulnerability warning-the black bar safety net

With the rapid development of network technology and network applications, more and more, many users began to focus on network security. Believe the wired network to the wireless network in terms of security there is inherent, since the communication medium is a wireless signal, so the intruder c...

DESlock+ 3.2.7 - 'vdlptokn.sys' Local Denial of Service

//////////////////////////////////////////////////////////////////////////////////// // +----------------------------------------------------------------------------+ // // | | // // | Data Encryption Systems Ltd. - http://www.deslock.com/ | // // | Data Encryption Systems DESlock+ - 3.2.7 | // /...

DESlock+ 3.2.7 - vdlptokn.sys Local Denial of Service

DESlock+ 3.2.7 - vdlptokn.sys Local Denial of Service //////////////////////////////////////////////////////////////////////////////////// // +----------------------------------------------------------------------------+ // // | | // // | Data Encryption Systems Ltd. - http://www.deslock.com/ | /...

DESlock+ 3.2.7 (vdlptokn.sys) Local Denial of Service Exploit

No description provided by source. //////////////////////////////////////////////////////////////////////////////////// // +----------------------------------------------------------------------------+ // // | | // // | Data Encryption Systems Ltd. - http://www.deslock.com/ | // // | Data...

DESlock+ 3.2.7 (vdlptokn.sys) Local Denial of Service Exploit

Exploit for unknown platform in category dos / poc ============================================================= DESlock+ 3.2.7 vdlptokn.sys Local Denial of Service Exploit =============================================================...

Sniffpass easily monitor the LAN password-vulnerability warning-the black bar safety net

Local area network because of its specificity, caused by the data is easy to be sniffing. Of course, most of the administrators have not implemented stream encryption to work, the plaintext password in the LAN can“see light die”. sniffpass is such a sniffing tool. Run the program after clicking...

CVE-2003-1392

CryptoBuddy 1.0 and 1.2 are affected by a cryptographic weakness: the application does not use the user-supplied passphrase to encrypt data, potentially allowing local users to decrypt data with their own passphrase. The underlying cause is improper use of the passphrase in encryption, leading to...

CVE-2007-4751

CVE-2007-4751 affects RemoteDocs R-Viewer prior to 1.6.3768. The vulnerability arises from storing encrypted RDZ data in unencrypted temporary files, enabling local users to read sensitive information from leftover copies. The associated Symantec advisory also indicates a design flaw that can all...

Encryption Private Key Detection (Generic)

Binary data 3774.prm...

Multiple vulnerabilities in TK8 Safe v.3.0.5

Multiple vulnerabilities in TK8 Safe v.3.0.5 July 3, 2006 ---- Summary: TK8 Safe www.tk8.com is a password management application, which stores authentication details and other sensitive data in encrypted local folders. A number of issues have been discovered in version 3.0.5 of the application...