Lucene search
K

271 matches found

myhack58
myhack58
added 2015/03/05 12:0 a.m.26 views

“Legacy”vulnerability: analysis of the new SSL/TLS vulnerability FREAK-vulnerability warning-the black bar safety net

Recently security researchers discovered a new SSL/TLS vulnerability. Expected within ten years, millions of Apple, Android users to access the HTTPS site will likely suffer from the middleman and then the stolen account and password, even if these sites use the encrypted transmission, also to no...

Exploits0
NVD
NVD
added 2014/08/29 9:55 a.m.16 views

CVE-2014-0897

The Configuration Patterns component in IBM Flex System Manager FSM 1.2.0.x, 1.2.1.x, 1.3.0.x, and 1.3.1.x uses a weak algorithm in an encryption step during Chassis Management Module CMM account creation, which makes it easier for remote authenticated users to defeat cryptographic protection...

3.5CVSS6AI score0.00591EPSS
Exploits0References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

FlashFXP 1.4 User Password Encryption Weakness

No description provided by source. source: http://www.securityfocus.com/bid/7499/info FlashFXP uses a trivially reversible algorithm to encrypt FTP user credentials. Local attackers with access to the sites.data may exploit this weakness to gain unauthorized access to FTP user credentials for...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Web Protector 2.0 Trivial Encryption Weakness

No description provided by source. source: http://www.securityfocus.com/bid/7409/info Web protector has been reported prone to a trivial encryption weakness. It has been reported that the method used to obfuscate and protect the HTML source of web pages implementing Web Protector is flawed and ma...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/11 12:0 a.m.57 views

MS14-030: Vulnerability in Remote Desktop Could Allow Tampering (2969259)

The remote Windows host is affected by a tampering vulnerability due to an encryption weakness in the Remote Desktop Protocol RDP. An attacker could exploit this vulnerability to modify the traffic content of an active RDP session. C Tenable Network Security, Inc. include"compat.inc"; if...

5.1CVSS5.6AI score0.0571EPSS
Exploits0References2
ICS
ICS
added 2014/05/29 6:0 a.m.64 views

Schneider Electric Wonderware Vulnerabilities

OVERVIEW Timur Yunusov, Ilya Karpov, Sergey Gordeychik, Alexey Osipov, and Dmitry Serebryannikov of the Positive Technologies Research Team have identified four vulnerabilities in the Schneider Electric Wonderware Information Server WIS. Schneider Electric has produced an update that mitigates...

7.8CVSS7.5AI score0.01587EPSS
Exploits0References10
The Hacker News
The Hacker News
added 2014/01/09 7:11 a.m.11 views

Yahoo Mail turns on HTTPS encryption by default to protect users

After the release of NSA Secret spying over Internet communications, I am expecting from all tech companies to make surveillance significantly harder. Yahoo has HTTPS encryption support since late 2012, but users had to opt in to use the feature. Documents revealed by the Edward Snowden shows tha...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2013/09/13 6:55 p.m.12 views

Bitcoins - Secured by NSA designed Encryption or Backdoored ?

It's been nearly three months since Edward Snowden started telling the world about the National Security Agency's mass surveillance of global communications. After the last week report that the National Security Agency has leveraged its cooperative relationships with specific industry partners to...

6.6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2013/05/28 5:35 p.m.8 views

apache-cxf: XML encryption backwards compatibility attacks

Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic...

6.4CVSS6.9AI score0.06322EPSS
Exploits0References6
exploitpack
exploitpack
added 2013/04/08 12:0 a.m.39 views

Google AD Sync Tool - Exposure of Sensitive Information

Google AD Sync Tool - Exposure of Sensitive Information Sense of Security - Security Advisory - SOS-13-001 Release Date. 03-Apr-2013 Last Update. - Vendor Notification Date. 03-Sep-2012 Product. Google Active Directory Sync GADS Tool Platform. Windows, Linux, Solaris Affected versions. All versio...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2008/12/10 12:0 a.m.23 views

Adobe Acrobat 9 PDF Document Encryption Weakness Vulnerability - Windows

Adobe Acrobat is prone to an encryption weakness vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.02002EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2008/12/10 12:0 a.m.24 views

Adobe Acrobat 9 PDF Document Encryption Weakness Vulnerability (Windows)

This host has Adobe Acrobat installed and is prone to encryption weakness vulnerability. OpenVAS Vulnerability Test $Id: gbadobeacrobatpdfvulnwin.nasl 5370 2017-02-20 15:24:26Z cfi $ Adobe Acrobat 9 PDF Document Encryption Weakness Vulnerability Windows Authors: Chandan S Copyright: Copyright c...

7.5CVSS6.6AI score0.02002EPSS
Exploits0References1
myhack58
myhack58
added 2006/06/18 12:0 a.m.26 views

Crack MSSQL HASH password-vulnerability warning-the black bar safety net

Original name :Microsoft SQL Server Passwords Cracking the password hashes Original address :http://www.ngssoftware.com/papers/cracking-sql-passwords.pdf Author :David Litchfield [email protected] Term : FreeXploiT Author : ALLyeSNO Date : 2005-3-25 Translation:ALLyeSNO [email protected]...

7.7AI score
Exploits0
securityvulns
securityvulns
added 2006/03/07 12:0 a.m.34 views

IM Lock 2006 - Insecure Registry Permission Vulnerability

IM Lock 2006 - Insecure Registry Permission Vulnerability --------------------------------------------------------- Application: IM Lock 2006 Vendor: www.comvigo.com Corporation: Comvigo, Inc. Version: Latest: 2 March 2006 - Home Edition, Enterprise & Professional Description: IM Lock 2006...

0.1AI score
Exploits0
NVD
NVD
added 2006/02/25 11:2 a.m.13 views

CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

2.6CVSS6.3AI score0.01397EPSS
Exploits0References14
Packet Storm
Packet Storm
added 2004/03/27 12:0 a.m.32 views

netsupport.txt

To the moderator, this is my first bugtraq posting, feel free to make any changes you feel nessessary to make this more helpful. Thank you very much Vendor : NetSupport URL : http://www.netsupport-inc.com/ Version : Invision NetSupport School Pro Risk : Password protection weakness Description:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/09/11 12:0 a.m.16 views

MSIE->WsBASEjpu

WsBASEjpu tested Browser Ver MS Internet Explorer: 6.0.2600.0000.xpclntqfe.021108-2107; Encryption: 128-bit; Patch:; Q810847; So, it's far from fully patched. OS Ver: "Windows XP Cn ver" demo http://www.safecenter.net/liudieyu/WsBASEjpu/WsBASEjpu-MyPage.HTM or http://umbrella.mx.tc --- WsBASEjpu...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2003/05/22 12:0 a.m.18 views

Pure Secure weak encryption

Passwords for log access are stored in cleartext...

2AI score
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2003/05/05 12:0 a.m.34 views

FlashFXP 1.4 - User Password Encryption

// source: https://www.securityfocus.com/bid/7499/info FlashFXP uses a trivially reversible algorithm to encrypt FTP user credentials. Local attackers with access to the sites.data may exploit this weakness to gain unauthorized access to FTP user credentials for remote sites. / Flashfxp sites.dat...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2003/04/22 12:0 a.m.29 views

Web Protector 2.0 - Trivial Encryption

source: https://www.securityfocus.com/bid/7409/info Web protector has been reported prone to a trivial encryption weakness. It has been reported that the method used to obfuscate and protect the HTML source of web pages implementing Web Protector is flawed and may be easily reversed. This weaknes...

7.4AI score
Exploits0
Rows per page
Query Builder