IBM Websphere 2.03.0 - ikeyman Weak Encrypted Password

IBM Websphere 2.03.0 - ikeyman Weak Encrypted Password source: https://www.securityfocus.com/bid/1763/info IBM WebSphere ships with a tool called 'ikeyman' that encrypts server certificates/key pairs when the IBM HTTP Server and SSL connections are enabled. Ikeyman stores the password in a stash...

CVE-1999-1540

shell-lock in Cactus Software Shell Lock uses weak encryption trivial encoding which allows attackers to easily decrypt and obtain the source code...

coldfusion.fixes.txt

Date: Mon, 24 May 1999 15:00:52 -0700 From: [email protected] To: [email protected] Subject: New Allaire Security Zone Bulletins and KB Articles Dear ColdFusion Customer- Several new security issues that may affect ColdFusion customers have come to our attention recently. Please visit the...

wingate.3.0.txt

Date: Mon, 5 Apr 1999 17:52:51 -0700 From: Marc To: [email protected] Subject: Multiple WinGate VulnerabilitiesTad late At first we were just going to post this advisory to our website but after the subject came up on the NTSEC list and we got a few emails telling us to post it to...

CVE-1999-1078

WSFTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges...

CVE-1999-0470

A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted...

Novell Netware 4.1/4.11 - SP5B Remote.NLM Weak Encryption

source: https://www.securityfocus.com/bid/482/info The encrypted passwords for Remote.NLM are remotely accessible to anyone with the ability to view SYS:System\LDRemote.NCF. The password encryption algorithm for Remote.NLM has been broken and can be decrypted with pencil and paper. The password...

Novell Netware 4.14.11 - SP5B Remote.NLM Weak Encryption

Novell Netware 4.14.11 - SP5B Remote.NLM Weak Encryption source: https://www.securityfocus.com/bid/482/info The encrypted passwords for Remote.NLM are remotely accessible to anyone with the ability to view SYS:System\LDRemote.NCF. The password encryption algorithm for Remote.NLM has been broken a...

PT-2014-1693

Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 1.0.1i OpenSSL through 1.0.1i PAN-OS versions 6.1.1 and earlier PAN-OS versions 6.0.7 and earlier PAN-OS versions 5.1.x and 5.0.x EOS versions 4.12.0 through 4.12.7.1 EOS versions 4.13.0 through 4.13.6 Apple mac os x...

CVE-1999-1098

Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing...

Remote Code Execution via Chosen-Ciphertext Attack

https://github.com/titon/framework/blob/cbf44729173d3a83b91a2b0a217c6b3827512e44/src/Titon/Crypto/OpenSslCipher.hhL30-L39 You aren't authenticating your ciphertexts, and then you're passing the decrypted result to unserialize. See also:...