CVE-2018-16115

Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS both classic and Artery Remoting. Akka allows configuration of custom random number generators. For historical reasons, Akka included t...

CVE-2018-16115

CVE-2018-16115 affects Lightbend Akka 2.5.x prior to 2.5.16, where an RNG bug in AES128CounterSecureRNG/AES256CounterSecureRNG used in Akka Remoting (TLS for classic and Artery) can cause repeated random numbers. This enables an attacker to eavesdrop, replay, or modify messages in Akka Remoting/C...

Security update for enigmail (moderate)

This update for enigmail to version 2.0.5 fixes the following issues: Improvements on previous fixes on CVE-2017-17688, boo1093151 and CVE-2017-17689, boo1093152 EFAIL: - do not decrypt MIME parts unnecessarily - improve Error Message for Missing Message Modification Code...

[SECURITY] Fedora 27 Update: mimedefang-2.81-1.fc27

MIMEDefang is an e-mail filter program which works with Sendmail 8.12 and later. It filters all e-mail messages sent via SMTP. MIMEDefang splits multi-part MIME messages into their components and potentially deletes or modifies the various parts. It then reassembles the parts back into an e-mail...

CVE-2011-4864

The Tencent MobileQQ com.tencent.mobileqq application 2.2 for Android does not properly protect data, which allows remote attackers to read or modify messages and a friends list via a crafted application...

CVE-2009-2632

Buffer overflow in the SIEVE script component sieve/script.c, as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to...

Integer overflow

Buffer overflow in the SIEVE script component sieve/script.c, as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to...

evolution-data-server: S/MIME signatures are considered to be valid even for modified messages (MITM)

Evolution 2.22.3.1 checks S/MIME signatures against a copy of the e-mail text within a signed-data blob, not the copy of the e-mail text displayed to the user, which allows remote attackers to spoof a signature by modifying the latter copy, a different vulnerability than CVE-2008-5077...

CVE-2006-2712

The CVE affects Secure Elements Class 5 AVR (C5 EVM) client and server prior to version 2.8.1. Root cause: lack of verification of the message digest integrity, enabling remote attackers to modify and replay messages. Exploitation stated as remote over a network; no further exploit details or fix...

CVE-2006-2712

Secure Elements Class 5 AVR aka C5 EVM client and server before 2.8.1 do not verify the integrity of a message digest, which allows remote attackers to modify and replay messages...

CVE-2001-1470

The CVE-2001-1470 entry describes a vulnerability in the IDEA cipher as implemented by SSH1. The issue is that the final block is not protected against modification, allowing a remote attacker to alter the message and adjust its CRC to match the changes, without detection. The descriptions across...

CVE-2001-1469

The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the original message's cyclic redundancy check CRC with the CRC of a mask consisting of all the bits of the original message that were modified...

sitenewsAuth.txt

SecurityTracker Alert ID: 1011159 SecurityTracker URL: http://securitytracker.com/id?1011159 Date: Sep 5 2004 Impact: Modification of user information Exploit Included: Yes Versions: 1.1 Description: A vulnerability was reported in Site News. A local user can add or edit news items. LwB Security...

CVE-2002-0986

The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."...

CVE-2001-1470

The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic redundancy check CRC to match the modifications to the message...

anyboard.forum.passwd.txt

Date: Sat, 24 Apr 1999 03:55:39 +0200 From: "Bluefish @ home" To: [email protected] Subject: Anyboard www.netbula.com problem's publicly discussed in eurohack Draz Q published a short summary of problems with a webrelated software in eurohack. Basicly it sounds pretty much like a common CGI...