OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOT...

OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOT...

OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOT...

CentOS Update for httpd CESA-2013:0130 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Scientific Linux Security Update : httpd on SL5.x i386/x86_64 (20130108)

Input sanitization flaws were found in the modnegotiation module. A remote attacker able to upload or create files with arbitrary names in a directory that has the MultiViews options enabled, could use these flaws to conduct cross-site scripting and HTTP response splitting attacks against users...

aptdaemon key validation vulnerability

PPA GPG key is validated incorrectly...

Slackware Advisory SSA:2003-141-04 GnuPG key validation fix

The remote host is missing an update as announced via advisory SSA:2003-141-04. OpenVAS Vulnerability Test $Id: esoftslkssa200314104.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware: Security Advisory (SSA:2003-141-04)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-4311

CVE-2011-4311 affects ResourceSpace before 4.2.2833, where improper validation of access keys allows remote attackers to bypass intended resource restrictions via unspecified vectors. The vulnerability enables unauthorized access without specific vectors described in the provided documents. No ex...

Design/Logic Flaw

Unspecified vulnerability in registry-key validation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold allows local users to cause a denial of service reboot via a crafted application, aka "Windows Kernel Registry Key Vulnerability."...

PT-2010-2034 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows 2000 version SP4 Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions Gold through SP2 Microsoft Windows Server 2008 versions Gold through SP2 Description: ...

pam_krb5 security and bug fix update

2.2.14-15 - update backport for selecting which key to use for validation so that it prefers services with the local host name as the instance, from HEAD more of 450776 2.2.14-14 - backport the 'multipleccaches' option from HEAD, requiring that it be enabled to not immediately remove an old ccach...

JSCAPE Secure FTP Applet主机密钥验证绕过安全限制漏洞

BUGTRAQ ID: 29882 Secure FTP Applet是运行在WEB浏览器中的的FTP客户端组件。 Secure FTP Applet在处理数据连接时存在漏洞，在连接期间Applet没有正确地验证或显示主机密钥，这允许攻击者通过中间人攻击劫持会话，从而完全入侵FTP客户端。 JSCAPE Secure FTP Applet 4.8 JSCAPE ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.jscape.com/sftpapplet/index.html...

XSS vulnerability: space name and key not validated nor escaped

Email sent from Igor: quote The problem: The input for space name and key is not being validated properly. I created a JIRA for lacking length validation CONF-8894 and later on I noticed that any characters in the input for space name are allowed. Combine that with another batch of bugs - space...

Cisco Security Advisory: SSL/TLS Certificate and SSH Public Key Validation Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: SSL/TLS Certificate and SSH Public Key Validation Vulnerability Advisory ID: cisco-sa-20070118-certs http://www.cisco.com/warp/public/707/cisco-sa-20070118-certs.shtml Revision 1.0 For Public Release 2007 January 18 1600 UTC G...

CVE-2006-4943

course/jumpto.php in Moodle before 1.6.2 does not validate the session key sesskey before providing content from arbitrary local URIs, which allows remote attackers to obtain sensitive information via the jump parameter...

Slackware 9.0 : GnuPG key validation fix (SSA:2003-141-04)

A key validation bug which results in all user IDs on a given key being treated with the validity of the most-valid user ID on that key has been fixed with the release of GnuPG 1.2.2. We recommend sites using GnuPG upgrade to this new package. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

CVE-2005-1556

Gamespy cd-key validation system allows remote attackers to cause a denial of service cd-key already in use by capturing and replaying a cd-key authorization session...

CVE-2005-1556

Gamespy cd-key validation system allows remote attackers to cause a denial of service cd-key already in use by capturing and replaying a cd-key authorization session...

CVE-2005-1504

The CVE-2005-1504 entry concerns GameSpy SDK CD-Key Validation Toolkit. The vulnerability is a remote bypass of CD-key validation by sending a spoofed \disc\ command, causing the server to believe the CD key is no longer in use. Affected component: the CD-key validation mechanism within the GameS...