CVE-2004-2535

The person-to-person secure messaging feature in Sticker before 3.1.0 beta 2 allows remote attackers to post messages to unauthorized private groups by using the group's public encryption key...

CVE-2004-0163

Sygate Secure Enterprise SSE 3.5MR3 and earlier does not change the key used to encrypt data, which allows remote attackers to cause a denial of service resource exhaustion by capturing a session and repeatedly replaying the session...

CVE-2004-0163

Sygate Secure Enterprise SSE 3.5MR3 and earlier does not change the key used to encrypt data, which allows remote attackers to cause a denial of service resource exhaustion by capturing a session and repeatedly replaying the session...

Dameware Passes Weak File Encryption Key in the Clear

Dameware Mini Remote Control version 4.1.0.0 and presumably other versions pass a Blowfish encryption key over the wire in the clear. It is bad enough that they appear to be using Blowfish in Electronic Codebook Mode; but they compound their errors by the following two vulnerabilities. The Damewa...

CVE-2004-1851

Dameware Mini Remote Control 4.1.0.0 uses insufficiently random data to create the encryption key, which makes it easier for remote attackers to obtain sensitive information via brute force guessing...

Mythic Entertainment Dark Age of Camelot 1.6x - Encryption Key Signing

// source: https://www.securityfocus.com/bid/9960/info An encryption key signing vulnerability has been reported to exist in Dark Age of Camelot. This issue is due to a design error in the application that carries out encryption without having the encryption key signed or verified by the affected...

Mythic Entertainment Dark Age of Camelot 1.6x - Encryption Key Signing

Mythic Entertainment Dark Age of Camelot 1.6x - Encryption Key Signing // source: https://www.securityfocus.com/bid/9960/info An encryption key signing vulnerability has been reported to exist in Dark Age of Camelot. This issue is due to a design error in the application that carries out encrypti...

CVE-2001-0618

Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of the 'Network Name' or SSID as the default Wired Equivalent Privacy WEP encryption key. Since the SSID occurs in the clear during communications, a remote attacker could determine the WEP key and decrypt RG-1000 traffic...

CVE-2001-0352

SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point allow remote attackers to obtain the WEP encryption key by reading it from a MIB when the value should be write-only, via 1 dot11WEPDefaultKeyValue in the dot11WEPDefaultKeysTable of the IEEE 802.11b MIB, or 2 ap128bWepKeyValue i...

CVE-2000-0762

CVE-2000-0762 affects the default installation of eTrust Access Control (formerly SeOS). The vulnerability arises because the product uses a default encryption key, enabling remote attackers to spoof the eTrust administrator and escalate privileges. The available documents do not specify affected...

CVE-2000-0762

The default installation of eTrust Access Control formerly SeOS uses a default encryption key, which allows remote attackers to spoof the eTrust administrator and gain privileges...

CVE-2000-0762

The default installation of eTrust Access Control formerly SeOS uses a default encryption key, which allows remote attackers to spoof the eTrust administrator and gain privileges...

Проблема с Protected Storage в Win2K

Для шифрования всегда используется длина ключа 40 бит...